0

我在我的项目中使用 WSO2 消息代理作为消息代理系统。为了获取队列信息(例如获取在 wso2mb 服务器中创建的所有队列、每个队列中的消息数量等信息),我从 AndesAdminServics WSDL 生成客户端并尝试从我的 api 调用 getAllQueues() api。每次我都无法找到请求的目标异常的有效认证路径。我无法弄清楚问题所在。例外是 -

Jul 06, 2016 5:21:19 PM org.apache.axis.utils.JavaUtils isAttachmentSupported
WARNING: Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
 faultSubcode: 
 faultString: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
 faultActor: 
 faultNode: 
 faultDetail: 
    {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.ssl.Alerts.getSSLException(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
    at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
    at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
    at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
    at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
    at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:2443)
    at org.apache.axis.client.Call.invoke(Call.java:2366)
    at org.apache.axis.client.Call.invoke(Call.java:1812)
    at org.wso2.carbon.andes.admin.AndesAdminServiceSoap11BindingStub.getAllQueues(AndesAdminServiceSoap11BindingStub.java:858)
    at org.wso2.carbon.andes.admin.AndesAdminServicePortTypeProxy.getAllQueues(AndesAdminServicePortTypeProxy.java:62)
    at org.wso2.carbon.andes.admin.TestClass.main(TestClass.java:11)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
    at sun.security.validator.Validator.validate(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
    ... 24 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
    at java.security.cert.CertPathBuilder.build(Unknown Source)
    ... 30 more

    {http://xml.apache.org/axis/}hostname:RIL15066YJB152

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
    at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
    at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
    at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:2443)
    at org.apache.axis.client.Call.invoke(Call.java:2366)
    at org.apache.axis.client.Call.invoke(Call.java:1812)
    at org.wso2.carbon.andes.admin.AndesAdminServiceSoap11BindingStub.getAllQueues(AndesAdminServiceSoap11BindingStub.java:858)
    at org.wso2.carbon.andes.admin.AndesAdminServicePortTypeProxy.getAllQueues(AndesAdminServicePortTypeProxy.java:62)
    at org.wso2.carbon.andes.admin.TestClass.main(TestClass.java:11)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.ssl.Alerts.getSSLException(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
    at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
    at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
    ... 12 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
    at sun.security.validator.Validator.validate(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
    ... 24 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
    at java.security.cert.CertPathBuilder.build(Unknown Source)
    ... 30 more

我调用 getAllQueues() 方法的 api 是 -

package org.wso2.carbon.andes.admin;

import java.rmi.RemoteException;

public class TestClass {

    public static void main(String args[]) {
        AndesAdminServiceSoap11BindingStub aadptp;
    AndesAdminServiceLocator loact = new AndesAdminServiceLocator();

    try {
        aadptp = new AndesAdminServiceSoap11BindingStub();
        aadptp._setProperty(org.apache.axis.client.Stub.USERNAME_PROPERTY, "admin");
        aadptp._setProperty(org.apache.axis.client.Stub.PASSWORD_PROPERTY, "admin"); 
        aadptp._setProperty(org.apache.axis.client.Stub.ENDPOINT_ADDRESS_PROPERTY,
                loact.getAndesAdminServiceHttpsSoap11EndpointAddress());

        org.wso2.carbon.andes.admin.internal.xsd.Queue[] queues = aadptp.getAllQueues();
        System.out.println(queues.length);
    } catch (AxisFault e1) {
        e1.printStackTrace();
    } catch (RemoteException e) {
        e.printStackTrace();
    }
    }

}
4

1 回答 1

0

首先,请尝试使用 SoapUI 或任何其他您喜欢的工具访问您的端点。如果您可以访问它,听起来您需要将 wso2 证书添加到您的 JVM 密钥库中。

WSO2 产品使用位于${carbon.home}/repository/resources/security/目录中的自定义密钥存储。如果您需要使用 java 客户端访问 WSO2 服务器中的任何 https 端点,您需要将证书添加到位于 `${JAVA_HOME}/lib/security/cacerts' 的所用 JVM 的密钥库文件中。

首先,您可以通过运行以下命令检查您的证书是否已经在密钥库中:(keytool -list -keystore "${JAVA_HOME}/lib/security/cacerts"您不需要提供密码)

如果您的证书丢失,请使用以下命令将其添加到密钥库:

keytool -import -noprompt -trustcacerts -alias wso2carbon -file ${carbon.home}/repository/resources/security/ -keystore ${JAVA_HOME}/lib/security/cacerts -storepass wso2carbon

于 2016-07-11T08:34:44.180 回答