Java jax-ws客户端2路SSL

时间:2015-08-14 08:29:10

标签: java web-services ssl soap

我正在尝试使用双向SSL身份验证创建JAX-WS客户端以使用Java服务。我有两个.pfx证书,其中一个用于签名,一个用于传输,一个公钥.cer用于加密。我使用wsdl2java工具和密钥库.jks与portecle建立了客户端,我在其中放置了我的证书。我还有一个CA证书,我把它放在ProgramFiles / Java ... / Security / cacerts信任商店的cacerts中。当我运行我的应用程序时,我得到了证书未知响应,但是在具有相同密钥库和证书的SOAP UI中一切正常。这是我的代码:

 public static void main(String[] args) {

    System.setProperty("javax.net.ssl.trustStore", "C://Program Files//Java//jdk1.8.0_51//jre//lib//security//cacerts");
    System.setProperty("javax.net.ssl.keyStore", "D://workspace//java-workspace//Client//Certifikati//client.jks");
    System.setProperty("javax.net.ssl.keyStorePassword", "password");
    System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
    System.setProperty("javax.net.ssl.keyStoreType", "JKS");
    System.setProperty("javax.net.ssl.trustStoreType", "JKS");
    System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "false");
    //System.setProperty("sun.security.ssl.allowLegacyHelloMessages", "false");
    System.setProperty("javax.net.debug", "ssl");
    System.setProperty("https.protocols", "SSLv3");
    //System.setProperty("com.sun.net.ssl.dhKeyExchangeFix", "true");


    WsService service = getService();

    MboRequest request = createRequest();
    MboResponse mboResponse = service.getUlosciByMbo(request);
    System.out.println(mboResponse);

}



private static MboRequest createRequest() {
    MboRequest request = new MboRequest();
    request.setDohvatiIpovijesnoStanje(Boolean.FALSE);
    request.setMbo("90445066");
    return request;
}

private static WsService getService() {
    WsService_Service serviceImpl = new WsService_Service();
    return serviceImpl.getWsServiceImplPort();
}

}

这是我得到的错误:

    javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
        at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
        at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
        at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
        at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
        at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
        at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
        at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
        at org.apache.axis.client.Call.invoke(Call.java:2767)
        at org.apache.axis.client.Call.invoke(Call.java:2443)
        at org.apache.axis.client.Call.invoke(Call.java:2366)
        at org.apache.axis.client.Call.invoke(Call.java:1812)
        at org.springframework.www.schema.beans.WsServiceSoapBindingStub.getUlosciByMbo(WsServiceSoapBindingStub.java:588)
        at RunnerClass.main(RunnerClass.java:43)
    Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
        at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
        at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
        at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
        ... 11 more

Can you help me guys to make this client working please.

以下是来自SOAP UI的图像

SSL Transport .pfx certificate

签名.pfx密钥(我认为这个在eclipse密钥库中出现问题但在SOAP UI中有效吗?如何在jax ws客户端中实现二进制安全性令牌?)

enter image description here

使用.cer公钥加密。

enter image description here

0 个答案:

没有答案