对SOAP Web服务的HTTPŞ请求不能直接从SOAP UI工作,但是当我放置fiddler代理时,它可以工作,它也适用于Visual Studio中的WcfTestClient。
我试过了:
1.使用SOAP UI 5.0.0和5.2.0。
2.插入这些开关:
-Djavax.net.debug=all
-Dsun.security.ssl.allowUnsafeRenegotiation=true
-Dsun.security.ssl.allowLegacyHelloMessages=true
-Dhttps.protocols=TLSv1 (because server doesn't support SSL, only TLS)
3.添加CA证书和服务器SSL证书(因为SSL证书是使用“自制CA证书”签名的)
以下是我得到的例外情况:
Mon Jul 06 13:42:57 CEST 2015:ERROR:javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at sun.security.ssl.AppOutputStream.write(Unknown Source)
at org.apache.http.impl.io.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:131)
at org.apache.http.impl.io.AbstractSessionOutputBuffer.flush(AbstractSessionOutputBuffer.java:138)
at org.apache.http.impl.conn.LoggingSessionOutputBuffer.flush(LoggingSessionOutputBuffer.java:95)
at org.apache.http.impl.io.ContentLengthOutputStream.flush(ContentLengthOutputStream.java:102)
at org.apache.http.entity.ByteArrayEntity.writeTo(ByteArrayEntity.java:69)
at org.apache.http.entity.HttpEntityWrapper.writeTo(HttpEntityWrapper.java:96)
at org.apache.http.impl.client.EntityEnclosingRequestWrapper$EntityWrapper.writeTo(EntityEnclosingRequestWrapper.java:108)
at org.apache.http.impl.entity.EntitySerializer.serialize(EntitySerializer.java:120)
at org.apache.http.impl.AbstractHttpClientConnection.sendRequestEntity(AbstractHttpClientConnection.java:263)
at org.apache.http.impl.conn.AbstractClientConnAdapter.sendRequestEntity(AbstractClientConnAdapter.java:227)
at org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:255)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$SoapUIHttpRequestExecutor.doSendRequest(HttpClientSupport.java:119)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123)
at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:633)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:454)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:233)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:323)
at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.submitRequest(HttpClientRequestTransport.java:290)
at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:220)
at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:119)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(Unknown Source)
... 31 more
答案 0 :(得分:3)
此问题归因于Server Name Indication。 我们为在同一IP:端口上运行的不同FQDN-s提供了多个SSL证书,因此服务器被迫使用SNI,显然是supported from java 7。
我还不知道的另一件事是SOAP UI在安装文件夹中已经包装好了,它的版本报告为7.7u55,用于SOAP UI 5.2.0,但fiddler中http请求中的用户代理报告Java 1.5。
一旦我们删除了其他SSL证书,它就可以从SOAP UI中运行,这只是为了证明这一点 - 这是由于SNI。在生产中,我们必须使用SNI并确保我们的客户支持它。
这里是thread about SOAP UI SNI,但是线程中的建议不起作用,所以我假设在SOAP UI中不支持SNI(自从http客户端报告用户代理以来很糟糕:Java 1.5)