6

嗨,我已经从 wsdl 文件在 Eclipse 中创建了一个 Web 服务客户端。但是当我尝试从客户端访问服务时,它会说。没有可用于端点的 SSL 配置。然后是我的端点地址。请让我知道如何通过密钥库向我的 Web 服务客户端提供 ssl 配置。我有客户端提供的独立客户端和密钥库。TIA

4

2 回答 2

3

您可以通过使用Apache CXF并设置客户端管道来执行此操作。请参阅本教程Configuring SSL Support中的部分。

希望这可以帮助。

于 2013-09-27T21:22:53.370 回答
1

您可以从检查密钥库中的内容开始:

keytool -list -keystore D:\Tomcat\ukdp.keystore -storepass 123456

您的管道定义可能如下所示的示例:-

<beans xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:sec="http://cxf.apache.org/configuration/security"
  xmlns:http="http://cxf.apache.org/transports/http/configuration"
  xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
  xsi:schemaLocation="
      http://cxf.apache.org/configuration/security
      http://cxf.apache.org/schemas/configuration/security.xsd
      http://cxf.apache.org/transports/http/configuration
      http://cxf.apache.org/schemas/configuration/http-conf.xsd
      http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">

  <http:conduit name="{http://apache.org/hello_world}HelloWorld.http-conduit">

    <http:tlsClientParameters>
      <sec:keyManagers keyPassword="password">
        <sec:keyStore type="JKS" password="password"
                      file="my/file/dir/Morpit.jks"/>
      </sec:keyManagers>
      <sec:trustManagers>
        <sec:keyStore type="JKS" password="password"
                      file="my/file/dir/Truststore.jks"/>
      </sec:trustManagers>
      <sec:cipherSuitesFilter>
        <!-- these filters ensure that a ciphersuite with
             export-suitable or null encryption is used,
             but exclude anonymous Diffie-Hellman key change as
             this is vulnerable to man-in-the-middle attacks -->
        <sec:include>.*_EXPORT_.*</sec:include>
        <sec:include>.*_EXPORT1024_.*</sec:include>
        <sec:include>.*_WITH_DES_.*</sec:include>
        <sec:include>.*_WITH_AES_.*</sec:include>
        <sec:include>.*_WITH_NULL_.*</sec:include>
        <sec:exclude>.*_DH_anon_.*</sec:exclude>
      </sec:cipherSuitesFilter>
    </http:tlsClientParameters>
    <http:authorization>
      <sec:UserName>Betty</sec:UserName>
      <sec:Password>password</sec:Password>
    </http:authorization>
    <http:client AutoRedirect="true" Connection="Keep-Alive"/>

  </http:conduit>

</beans>

我还发现了一些可以帮助您的线程:-

于 2013-10-02T19:03:16.010 回答