无法为Apache CXF和JAX-RS配置SSL

时间:2011-04-29 16:20:44

标签: rest cxf jax-rs

我无法正确配置以使我的CXF REST客户端与我的CXF服务器通信。我得到了可怕的javax.net.ssl.SSLHandshakeException:收到致命警报:handshake_failure。奇怪的是,当我们使用CXF for SOAP时,这种配置很有用。任何提示都表示赞赏。

这是服务器端配置:

<httpj:engine-factory bus="cxf">
<httpj:engine port="443">
<httpj:tlsServerParameters>
    <sec:keyManagers keyPassword="password">
        <sec:keyStore type="JKS" password="password" file="cxf.jks"/>
    </sec:keyManagers>
    <sec:trustManagers>
        <sec:keyStore type="JKS" password="password" file="cxf.jks"/>
    </sec:trustManagers>
    <sec:cipherSuitesFilter>
        <sec:include>.*_EXPORT_.*</sec:include>
        <sec:include>.*_EXPORT1024_.*</sec:include>
        <sec:include>.*_WITH_DES_.*</sec:include>
        <sec:include>.*_WITH_NULL_.*</sec:include>
        <sec:exclude>.*_DH_anon_.*</sec:exclude>
    </sec:cipherSuitesFilter>
</httpj:tlsServerParameters>
<httpj:sessionSupport>true</httpj:sessionSupport>
</httpj:engine>
</httpj:engine-factory>


<jaxrs:server id="restContainer" bus="cxf" address="/" >
<jaxrs:serviceBeans>
    <ref bean="policyService"/>
</jaxrs:serviceBeans>
</jaxrs:server>

这是客户端配置:

<http:conduit name="*.http-conduit">
    <http:tlsClientParameters>
        <sec:keyManagers
            keyPassword="password">
            <sec:keyStore type="JKS"
                password="password"
                file="cxf.jks" />
        </sec:keyManagers>
        <sec:trustManagers>
            <sec:keyStore type="JKS"
                password="password"
                file="cxf.jks" />
        </sec:trustManagers>
        <sec:cipherSuitesFilter>
            <sec:include>.*_EXPORT_.*</sec:include>
            <sec:include>.*_EXPORT1024_.*</sec:include>
            <sec:include>.*_WITH_DES_.*</sec:include>
            <sec:include>.*_WITH_NULL_.*</sec:include>
            <sec:exclude>.*_DH_anon_.*</sec:exclude>
        </sec:cipherSuitesFilter>
    </http:tlsClientParameters>
    <http:client AutoRedirect="true" ReceiveTimeout="0"  Connection="Keep-Alive" />
</http:conduit>

这是我正在使用的客户端的味道:

MyRestApi api = JAXRSClientFactory.create(myRestUri, MyRestApi.class);

这一切都运行正常,只是SSL这是一个问题。

1 个答案:

答案 0 :(得分:1)

确保您拥有正确的设置,您可以对其进行硬编码(温度),如下所示:

    System.setProperty("javax.net.ssl.keyStore", "/usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts");
    System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
    System.setProperty("javax.net.ssl.trustStore", "/usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts");
    System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
    System.setProperty("javax.net.debug", "all");

然后通过输出检查你可以调试更多......

相关问题
最新问题