我正在尝试将自签名证书与 JBoss 一起使用并尝试信任代码。但我得到 javax.net.ssl.SSLPeerUnverifiedException:。这是我尝试过的事情,
创建了一个密钥库
创建了信任库
在 JBoss AS 7.1.1 中配置 SSL
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl password="password" certificate-key-file="C:\work\certs\ks" protocol="TLSv1" verify-client="false" certificate-file="C:\work\certs\ks"/>
</connector>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="localhost"/>
<alias name="example.com"/>
</virtual-server>
</subsystem>
启动了 JBoss。现在我可以通过单击“继续”按钮以 chrome 访问该站点。
但是当我尝试从代码访问时,我遇到了异常。
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
at com.test.utility.TestHttps.main(TestHttps.java:61)
这是我的代码,
public class TestHttps {
private static TrustManager[] getTrustManagers() throws IOException, GeneralSecurityException {
String trustStorePassword = "password";
String alg = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmFact = TrustManagerFactory.getInstance(alg);
FileInputStream fis = new FileInputStream("C:\\work\\certs\\trust");
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(fis, trustStorePassword.toCharArray());
fis.close();
tmFact.init(ks);
TrustManager[] tms = tmFact.getTrustManagers();
return tms;
}
public static void main(String[] args) throws Exception {
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, getTrustManagers(), null);
SSLSocketFactory ssf = new SSLSocketFactory(context);
HttpClient base = new DefaultHttpClient();
ClientConnectionManager ccm = base.getConnectionManager();
SchemeRegistry registry = ccm.getSchemeRegistry();
registry.register(new Scheme("https", 8443, ssf));
try {
DefaultHttpClient httpClient = new DefaultHttpClient(ccm, base.getParams());
HttpGet getRequest = new HttpGet("https://localhost:8443/cafe/");
HttpResponse response = httpClient.execute(getRequest);
if (response.getStatusLine().getStatusCode() != 200) {
throw new RuntimeException("Failed : HTTP error code : "
+ response.getStatusLine().getStatusCode());
}
BufferedReader br = new BufferedReader(new InputStreamReader(
(response.getEntity().getContent())));
String output;
while ((output = br.readLine()) != null) {
System.out.println(output);
}
httpClient.getConnectionManager().shutdown();
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
请让我知道我做错了什么。提前致谢。