我正在尝试使用https上的服务器验证我的客户端应用程序 - 我正在使用axis 1.4 jar。我正在将正确的JKS文件传递给信任库。但是,我得到以下例外。
Caused by: javax.net.ssl.SSLException: Server key
at com.sun.net.ssl.internal.ssl.Handshaker.throwSSLException(Handshaker.java:927)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:199)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:958)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1203)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1230)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1214)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
... 26 more
Caused by: java.security.spec.InvalidKeySpecException: does not support java.security.spec.ECPublicKeySpec
at com.certicom.ecc.jcae.ECKeyFactorySpi.engineGeneratePublic(Unknown Source)
at java.security.KeyFactory.generatePublic(KeyFactory.java:304)
at com.sun.net.ssl.internal.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(HandshakeMessage.java:910)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:195)
... 36 more
答案 0 :(得分:0)
默认情况下,ECDH密码套件不是java 1.6设置的一部分,导致不支持ECDH规范的例外。
这是通过在java设置中添加了bcprov-jdk1.6.jar(bouncycastle)中的此规范来修复的。为此,请执行以下更改
的java / jdk1.6.0_45 \ JRE \ lib \ security中\ java.security
security.provider.1 = org.bouncycastle.jce.provider.BouncyCastleProvider
[注意:security.provider.1 - 编号表示选择密码套件的优先级]
并在jdk1.6.0_45 \ jre \ lib \ ext
中添加bcprov-jdk1.6.jar