1

我已经为部署在 ServiceMix 服务器上的 Web 服务打开了 SSL 客户端身份验证。我已经导入了客户端和服务器证书。我已经使用独立应用程序对其进行了测试,一切正常。但是,当我尝试从部署在 Tomcat 上的应用程序调用此 Web 服务时,出现异常:

Caused by: java.net.SocketException: Software caused connection abort: recv failed
    at java.net.SocketInputStream.socketRead0(Native Method)
    at java.net.SocketInputStream.read(SocketInputStream.java:150)
    at java.net.SocketInputStream.read(SocketInputStream.java:121)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:312)
    at sun.security.ssl.InputRecord.read(InputRecord.java:350)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
    at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1689)
    at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
    at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:972)
    at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1083)
    at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1002)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:282)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:998)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1294)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1321)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1305)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:523)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1087)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1916)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1871)
    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1934)
    at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47)
    at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188)
    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
    at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
    ... 107 more

recv failed当我未能使用客户端私钥指定 keyStore 时,我收到了来自独立 java 应用程序的消息。然而,堆栈跟踪是其他的:

Exception in thread "main" com.sun.xml.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException.

java.net.SocketException: Software caused connection abort: recv failed
java.net.SocketException: Software caused connection abort: recv failed

    at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:172)
    at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144)
    at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:263)
    at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:226)
    at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:174)
    at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104)
    at javax.xml.ws.Service.<init>(Service.java:56)

在那种情况下,我没有阅读 WSDL。但是在 Tomcat 上,读取 WSDL,但是当 CXF 尝试发送消息时会抛出错误。

什么可能导致Tomcat上出现该错误?是证书问题吗?在这两种情况下,指向 trustStore 和 keyStore 的 Java 变量是相同的:

javax.net.ssl.keyStoreType=jks
javax.net.ssl.trustStoreType=jks
javax.net.ssl.keyStore=c:/cert/gen.keystore
javax.net.ssl.trustStore=c:/cert/client.keystore
javax.net.ssl.keyStorePassword=changeit
javax.net.ssl.trustStorePassword=changeit

Java:Java 版本“1.6.0_30”Java(TM) SE 运行时环境(构建 1.6.0_30-b12)Java HotSpot(TM) 客户端 VM(构建 20.5-b03,混合模式,共享)

雄猫:6.0.26

4

1 回答 1

1

即使我曾经得到同样的错误。但是当我执行以下操作之一时,它不会发生

  1. 重新启动服务器。
  2. 重新生成证书。
  3. 尝试从服务器端设置所有这些变量,这意味着在 Tomcat 的server.xml文件中:

    javax.net.ssl.keyStoreType=jks
    javax.net.ssl.trustStoreType=jks
    javax.net.ssl.keyStore=c:/cert/gen.keystore
    javax.net.ssl.trustStore=c:/cert/client.keystore
    javax.net.ssl.keyStorePassword=changeit
    javax.net.ssl.trustStorePassword=changeit
    
于 2012-07-18T13:45:07.837 回答