IBM Application Center Mobile客户端无法通过HTTPS登录

Question

我在本地主机上使用Application Center创建了一个Websphere Liberty Profile，并尝试通过虚拟移动设备上的Mobile Client登录。配置已完成，证书已安装在移动设备上。 通过HTTP登录可以正常工作，通过HTTPS输入错误密码也可以正常工作。唯一的问题是，尝试使用正确的密码登录到Mobile Client时，我收到“超时”消息。 在查看与Wireshark进行的通信时，似乎对用户的身份验证是正确的，但是当移动客户端将GET请求发送到Application Center的REST服务时，通信停止，并且移动客户端正在等待“超时”消息弹出。

我检查了跟踪日志，发现了这一点：

[26.03.19, 11:04:30:467 MEZ] 0000009d id=SystemOut  O update handshake state: finished[20]
[26.03.19, 11:04:30:467 MEZ] 0000009d id=SystemOut  O %% Cached server session: [Session-3, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
[26.03.19, 11:04:30:468 MEZ] 0000009d id=SystemOut  O Default Executor-thread-116, WRITE: TLSv1.2 Change Cipher Spec, length = 1
[26.03.19, 11:04:30:468 MEZ] 0000009d id=SystemOut  O Default Executor-thread-116, WRITE: TLSv1.2 Handshake, length = 16
[26.03.19, 11:04:30:479 MEZ] 000000ab id=SystemOut  O Default Executor-thread-129, called closeOutbound()
[26.03.19, 11:04:30:479 MEZ] 000000ab id=SystemOut  O Default Executor-thread-129, closeOutboundInternal()
[26.03.19, 11:04:30:480 MEZ] 000000ab id=SystemOut  O Default Executor-thread-129, WRITE: TLSv1.2 Alert, length = 2
[26.03.19, 11:04:30:481 MEZ] 000000ab id=SystemOut  O Default Executor-thread-129, called closeInbound()
[26.03.19, 11:04:30:484 MEZ] 000000ab id=SystemOut  O Default Executor-thread-129, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack? javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
[26.03.19, 11:04:30:484 MEZ] 000000ab id=SystemOut  O %% Invalidated:  [Session-3, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
[26.03.19, 11:05:00:192 MEZ] 0000009c id=SystemOut  O Default Executor-thread-115, called closeOutbound()
[26.03.19, 11:05:00:192 MEZ] 0000009c id=SystemOut  O Default Executor-thread-115, closeOutboundInternal()
[26.03.19, 11:05:00:193 MEZ] 0000009c id=SystemOut  O Default Executor-thread-115, WRITE: TLSv1.2 Alert, length = 2
[26.03.19, 11:05:00:193 MEZ] 0000009c id=SystemOut  O Default Executor-thread-115, called closeInbound()
[26.03.19, 11:05:00:193 MEZ] 0000009c id=SystemOut  O Default Executor-thread-115, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack? javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
[26.03.19, 11:05:00:193 MEZ] 0000009c id=SystemOut  O %% Invalidated:  [Session-2, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]

Answer 1

1. 您是否可以通过https连接访问Application Center服务器？理想情况下，访问网址应类似于https://<hostname>:<port>/applicationcenter

2. 如果移动客户端为iOS，则自签名证书将不起作用，只有受信任的CA证书才能起作用。