javax.net.ssl.SSLException:无法识别的SSL消息,明文连接,无法找到通用名称

时间:2015-12-10 07:59:30

标签: soap

我试图通过传递或disableCertificateValidation()并尝试将https连接到我的SOAP Web服务。当我这样做时,它会抛出以下错误:

13:21:25.476 [WARN ] o.a.cxf.phase.PhaseInterceptorChain - Interceptor for {http:/****.xsd/}****ervice#{http://****.xsd/}get****servicePort has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.
    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64) ~[cxf-core-3.0.6.jar:3.0.6]
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) ~[cxf-core-3.0.6.jar:3.0.6]
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516) [cxf-core-3.0.6.jar:3.0.6]
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425) [cxf-core-3.0.6.jar:3.0.6]
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326) [cxf-core-3.0.6.jar:3.0.6]
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279) [cxf-core-3.0.6.jar:3.0.6]
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) [cxf-rt-frontend-simple-3.0.6.jar:3.0.6]
    at org.apache.cxf.frontend.ClientProxy.invoke(ClientProxy.java:81) [cxf-rt-frontend-simple-3.0.6.jar:3.0.6]
    at org.apache.cxf.common.util.CglibProxyHelper$1.intercept(CglibProxyHelper.java:67) [cxf-core-3.0.6.jar:3.0.6]

有人可以帮忙吗?

1 个答案:

答案 0 :(得分:0)

当我们也试图兑现证书时,错误仍然与我们尝试过的方法相同

public static void setupTLS(***servicePort port) throws FileNotFoundException, IOException, GeneralSecurityException
{

    HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();

    String keyStoreLoc = "certificates/***-keystore.ks";
    String keyPassword = "*****";

    final KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource(keyStoreLoc);
    ksp.setPassword(keyPassword);

    final KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyStore(ksp);
    kmp.setKeyPassword(keyPassword);

    TLSClientParameters tlsCP = new TLSClientParameters();
    tlsCP.setKeyManagers(kmp.createKeyManagers());
    tlsCP.setDisableCNCheck(true);
    tlsCP.setUseHttpsURLConnectionDefaultHostnameVerifier(false);
    tlsCP.setUseHttpsURLConnectionDefaultSslSocketFactory(true);
    tlsCP.setHostnameVerifier(new HostnameVerifier()
    {
        public boolean verify(String hostname, SSLSession session)
        {
            return true;
        }
    });

    // Creating Trust Manager
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager()
    {
        public java.security.cert.X509Certificate[] getAcceptedIssuers()
        {
            return new java.security.cert.X509Certificate[0];
        }

        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
        {
        }

        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
        {
        }
    } };

    tlsCP.setTrustManagers(trustAllCerts);

    httpConduit.setTlsClientParameters(tlsCP);

仍然没有成功,因为错误仍然保持不变