我正在尝试运行基于java JNLP 的应用程序。 它在家里运行良好:javac + javaws与v.1.8相同。?
现在我正试图在工作中运行我的应用程序。我在代理后面工作,我使用Controlpanel告诉java绕过托管JNLP的本地服务器的代理。 在服务器端,应用程序使用
编译javac 1.7.0_60
在客户端,我试图用:
运行它$ javaws -version
Java(TM) Web Start 11.40.2.26-fcs
$ java -version
java version "1.8.0_40"
尽管如此,我在javaws中得到以下异常
javax.net.ssl.SSLHandshakeException: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:969)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:904)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
at sun.net.www.protocol.http.HttpURLConnection.access$200(HttpURLConnection.java:90)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1432)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1430)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java:713)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1429)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.checkUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.isUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.javaws.Launcher.updateFinalLaunchDesc(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
Caused by: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)
at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.checkRevocationStatus(Unknown Source)
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)
... 33 more
我看了https://community.oracle.com/thread/3651870?start=15&tstart=0 但我真的不明白我应该做些什么。
例如,我已注释掉<> /lib/security/java.security
#jdk.tls.disabledAlgorithms=SSLv3
但这仍然无效。当我看到' getInputStream '在stacktrace中,我想知道javaws是否试图下载代理之外的东西?
有什么想法吗?
编辑:如果在controlPanel中检查
,则JNLP有效此问题是否与我的代理服务器相关联?
答案 0 :(得分:0)
Java certificate revocation checking使用以下一种或两种方法:
证书撤销列表(CRL)
此方法需要由证书颁发机构(CA)定期生成和发布列表,以使其保持最新状态。
在线证书状态协议(OCSP)
此方法使用CA执行实时证书状态检查,使其更可靠,更快速。
如果您的服务器证书是自签名的,或者您的公司有内部CA,则您的JRE可能无法正确完成撤销检查 - 因此“未知”状态。如果要运行撤销检查(通常是这样做),则需要由支持其中一种或两种方法的CA签署的证书。
同样重要的是要记住,这里可能有两个证书:
两个证书必须签名且有效(即未撤销)才能使握手成功。