我正在尝试进行两种方式的 ssl 通信。我的服务器部署在一个 weblogic 服务器上,客户端部署在另一个服务器上。我在客户端导入了有效证书并尝试调用在 https 上运行的 web 服务。我编写了简单的 serverlet 类,它在 https 上调用 web 服务。我在客户端代码中设置了以下属性。
System.setProperty("javax.net.ssl.keyStore","/opt/bea1/certificates/VDFNLimitedV01.p12");
System.setProperty("javax.net.ssl.keyStorePassword", "XXXXX");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
当我通过 unix 服务器编译和运行独立的简单客户端代码时,它运行良好,但是当我在 weblogic 上部署客户端并点击 url 时,我遇到了错误的证书异常。 客户端错误
oled Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred during SSLEngine.unwrap(ByteBuffer,ByteBuffer).
javax.net.ssl.SSLException: Received fatal alert: bad_certificate
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1467)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1435)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1601)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1031)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:845)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:721)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at weblogic.security.SSL.jsseadapter.JaSSLEngine$4.run(JaSSLEngine.java:118)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:732)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java:116)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:93)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:59)
at weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:391)
at weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:78)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:162)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:376)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at java.net.URL.openStream(URL.java:1010)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:842)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:289)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:138)
at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:284)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:246)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:197)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:187)
at weblogic.wsee.jaxws.spi.WLSServiceDelegate.<init>(WLSServiceDelegate.java:84)
at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.<init>(WLSProvider.java:598)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:120)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:112)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:83)
at javax.xml.ws.Service.<init>(Service.java:56)
at com.vodafone.main.TokenService.<init>(TokenService.java:49)
at vodafone.TransactClient.getMessage(TransactClient.java:65)
at vodafone.TransactClient.doGet(TransactClient.java:77)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3717)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
服务器端错误:
[Raw read]: length = 5>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <0000: 16 03 01 00 4D ....M
[Raw read]: length = 77>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 49 59 42 ..........B.@IYB
0010: 09 08 EF 92 70 2E E7 49 E6 73 00 B0 33 7C A9 F0 ....p..I.s..3...
0020: 42 D1 3F F2 DA B9 80 FD 9E E8 15 21 C3 7E 42 A2 B.?........!..B.
0030: CF 1A 20 A0 17 ED B3 D6 3B 5C 68 1E 49 06 97 65 .. .....;\h.I..e
0040: 70 8A 40 03 C1 93 FB 3F A9 26 B6 E9 67 p.@....?.&..g
ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', READ: TLSv1 Handshake, length = 77>
**<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <*** Certificate chain>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <***>**
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', fatal error: 42: null cert chain
javax.net.ssl.SSLHandshakeException: null cert chain>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', SEND TLSv1 ALERT: fatal, description = bad_certificate>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', WRITE: TLSv1 Alert, length = 2>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', fatal: engine already closed. Rethrowing javax.net.ssl.SSLHandshakeException: null cert chain>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', called closeOutbound()>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', closeOutboundInternal()>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <[Raw write]: length = 7>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <0000: 15 03 01 00 02 02 2A ......*
ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', called closeOutbound()>
<Dec 12, 2012 3:06:54 PM UTC> <Notice> <Stdout> <BEA-000000> <ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', closeOutboundInternal()>
当我通过 unix 框而不是 weblogic 运行 java 代码时,我能够发送客户端证书。有人可以帮我吗?我应该如何配置 weblogic 以充当 ssl 客户端?
谢谢,普加库尔卡尼