我正在尝试使用带有ssl ws的soap请求节点,就我而言,我将certif .cer下载到了文件夹(E:\ truststore)中,并且尝试了一些思考:
class Exam:
# COMMENT: set a default importance of False...
def __init__(self, day, importance=False):
self.day = day
self.importance = importance
# COMMENT: since you provide the day when the object is created,
# use that value (ie, self.day) in the input function call
# and overwrite the existing self.importance value.
def is_important(self):
answer = input("Ìs " + self.day + " Important?")
if answer == "True":
self.importance = True
elif answer == "False":
self.importance = False
# COMMENT: When you call the Class, you can provide it with the day
# and immediately provide it with an importance level.
mon = Exam("Monday", True)
tue = Exam("Tuesday", False)
# COMMENT: but you also have the flexibility to call the class and accept
# the default importance OR overwrite it later by calling the
# is_important() method
wed = Exam("Wednesday")
wed.is_important()
print(mon.importance)
print(tue.importance)
print(wed.importance)
但是我有这个错误:
文本:CHARACTER:javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:否X509TrustManager 可以实施
能帮我吗,谢谢
答案 0 :(得分:0)
您的问题可能有多种原因,所以我将尝试在这里总结一下一切:
您用于设置密钥库的命令未指定密钥库/信任库名称。另外,在我的记忆中,您应该将其设置在BrokerRegistry上,而不是ComIbmJVMManager上(但是它可能会起作用) 有效命令的示例:
mqsichangeproperties $BROKERNAME -o BrokerRegistry -n brokerKeystoreFile -v $KEYSTORE_iib_PATH/iib.jks
mqsichangeproperties $BROKERNAME -o BrokerRegistry -n brokerTruststoreFile -v $KEYSTORE_iibTrust_PATH/iibTrust.jks
mqsisetdbparms $BROKERNAME -n brokerTruststore::password -u $KEYSTORE_USER -p $KEYSTORE_PASSWORD
mqsisetdbparms $BROKERNAME -n brokerKeystore::password -u $KEYSTORE_USER-p $KEYSTORE_PASSWORD
此外,您可能还需要针对HTTP侦听器的以下命令:
mqsichangeproperties $BROKERNAME -b httplistener -o HTTPListener -n enableSSLConnector -v true
mqsichangeproperties $BROKERNAME -b httplistener -o HTTPSConnector -n keystoreFile -v $KEYSTORE_iib_PATH/iib.jks
mqsichangeproperties $BROKERNAME -b httplistener -o HTTPSConnector -n truststoreFile -v $KEYSTORE_iibTrust_PATH/iibTrust.jks
mqsichangeproperties $BROKERNAME -b httplistener -o HTTPSConnector -n keystorePass -v $KEYSTORE_PASSWORD
mqsichangeproperties $BROKERNAME -b httplistener -o HTTPListener -n startListener -v true
这是集成总线部分的内容。您的第二个错误(可能是最大的错误)是您不知道什么是密钥库/ trustore。将证书放入存储库中不是密钥库。 (搜索有关JKS的信息:Java密钥库)
您可以执行以下操作在Unix上生成您的信任库/密钥库:
keystoreName=iibTrust.jks
KEYSTORE_PASSWORD=123qwerty ## DO NOT USE THAT PLEASE
for certificate in `ls *.cer`;
do
alias=`echo $certificate | rev | cut -d '.' -f 2- | rev | cut -d '_' -f2`
keytool -importcert -file $certificate -keystore ${keystoreName}.jks -alias $alias -storepass $KEYSTORE_PASSWORD -noprompt
if [[ $? -ne 0 ]]; then "Unable to add $certificate in keystore $keystoreName.jks";
done
keytool -list -keystore ${keystoreName}.jks -storepass $KEYSTORE_PASSWORD
我基本上已经复制/粘贴了所有脚本以在IIB上启用SSL,因此使用所有这些信息,您应该能够使其工作。