我正在尝试通过SSL连接查询LDAP。我收到证书并跑了:
keytool -import -trustcacerts -alias www.the-domain.com -file the-cert.der -keystore store.jks
然后我将我的Java程序指向证书,方法是将以下内容添加到Intellij中的运行配置中:
-Djavax.net.ssl.trustStore=/path/to/store.jks
当我尝试连接时,我收到套接字关闭异常。我错过了一步吗?
以下是标准输出,稍加修改以删除IP信息:
javax.naming.ServiceUnavailableException: <ip:port>; socket closed
at com.sun.jndi.ldap.Connection.readReply(Connection.java:419)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:340)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:192)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2694)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
at LDAPTool.main(LDAPTool.java:35)
答案 0 :(得分:1)
我发现了我的问题。我没有正确设置我的环境。
env.put(Context.SECURITY_PROTOCOL, "ssl");
当明显使用ssl时,你需要指定安全协议,这是有道理的....