java.security.cert.CertificateException:找不到与localhost匹配的主题备用DNS名称

时间:2016-08-09 04:32:25

标签: java ssl https dns mule

当我尝试通过Mule HTTP连接器使用SSL Web服务时,收到以下错误。

Message               : Error sending HTTP request. Message payload is of type: BufferInputStream
Type                  : org.mule.api.MessagingException
Code                  : MULE_ERROR--2
JavaDoc               : http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/MessagingException.html
Payload               : org.glassfish.grizzly.utils.BufferInputStream@2eabf39d

Exception stack is:
1. No subject alternative DNS name matching localhost found. (java.security.cert.CertificateException)
  sun.security.util.HostnameChecker:204 (null)
2. General SSLEngine problem (javax.net.ssl.SSLHandshakeException)
  sun.security.ssl.Alerts:192 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLHandshakeException.html)
3. General SSLEngine problem (javax.net.ssl.SSLHandshakeException)
   sun.security.ssl.Handshaker:1431 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLHandshakeException.html)
4. javax.net.ssl.SSLHandshakeException: General SSLEngine problem (java.util.concurrent.ExecutionException)
org.glassfish.grizzly.impl.SafeFutureImpl$Sync:349 (null)
5. java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem (java.io.IOException)
org.mule.module.http.internal.request.grizzly.GrizzlyHttpClient:245 (null)
6. Error sending HTTP request. Message payload is of type: BufferInputStream (org.mule.api.MessagingException)
  org.mule.module.http.internal.request.DefaultHttpRequester:287 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/MessagingException.html)
********************************************************************************
Root Exception stack trace:
java.security.cert.CertificateException: No subject alternative DNS name matching localhost found.
at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:204)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:95)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:252)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:919)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:916)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1369)
at org.glassfish.grizzly.ssl.SSLUtils.executeDelegatedTask(SSLUtils.java:247)
at org.glassfish.grizzly.ssl.SSLBaseFilter.doHandshakeStep(SSLBaseFilter.java:669)
at org.glassfish.grizzly.ssl.SSLFilter.doHandshakeStep(SSLFilter.java:330)
at org.glassfish.grizzly.ssl.SSLBaseFilter.doHandshakeStep(SSLBaseFilter.java:583)
at org.glassfish.grizzly.ssl.SSLBaseFilter.handleRead(SSLBaseFilter.java:304)
at com.ning.http.client.providers.grizzly.SwitchingSSLFilter.handleRead(SwitchingSSLFilter.java:74)
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:283)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:200)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:132)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:111)
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:536)
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
at org.mule.module.http.internal.request.grizzly.FlowWorkManagerIOStrategy.run0(FlowWorkManagerIOStrategy.java:134)
at org.mule.module.http.internal.request.grizzly.FlowWorkManagerIOStrategy.access$100(FlowWorkManagerIOStrategy.java:31)
at org.mule.module.http.internal.request.grizzly.FlowWorkManagerIOStrategy$WorkerThreadRunnable.run(FlowWorkManagerIOStrategy.java:157)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571)
at java.lang.Thread.run(Thread.java:745)

我尝试了以下解决方案, 我的DNS主机名在sslcertificate中更新,但是我面临同样的问题。

我在谷歌尝试了很多但是没有帮助我,请为此提供一些解决方案。

我用于听众的配置&请求者如下

<http:listener-config name="DefaultHttpsListener" protocol="HTTPS" host="0.0.0.0" port="${https.port:2443}" doc:name="HTTP Listener Configuration" >
    <tls:context>
        <tls:key-store path="${hostname:localhost}-keystore.jks" keyPassword="muleKP" password="muleKSP"/>
    </tls:context>
           <http:worker-threading-profile maxThreadsActive="20" maxThreadsIdle="20" threadTTL="1000" poolExhaustedAction="WAIT" threadWaitTimeout="3000" maxBufferSize="100"/>
</http:listener-config>

<http:request-config name="DefaultOauthRequester" host="${hostname}" port="${https.port:2443}" basePath="/oauth2" protocol="HTTPS" doc:name="HTTP Request Configuration">
    <tls:context>
        <tls:trust-store path="localhost-truststore.jks" password="muleKSP"/>
        <tls:key-store path="${hostname:localhost}-keystore.jks" keyPassword="muleKP" password="muleKSP"/>
    </tls:context>
</http:request-config>

0 个答案:

没有答案
相关问题
最新问题