0

我正在尝试从 wso2 集成 studio8.0/MI 4.0 调用安全端点 (https)。创建了集成项目,使用带有安全端点地址的 url 创建了一个端点,在标头上提供了安全端点所需的传输范围。我获得了公钥证书 (.p7b/.cer) 并使用密钥工具实用程序导入到信任库。 keytool -import -alias aliasName -file public-key-from-browser.cer -keystore client-truststore.jks -storepass password。在集成工作室/MI4.0 中的 deployment.toml 中提供了信任库文件路径,但出现以下异常。请让我知道如何解决异常。

[2022-01-17 10:28:09,696] ERROR {TargetHandler} - I/O error: General SSLEngine problem javax.net.ssl.SSLHandshakeException: General SSLEngine problem
    at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1566)
    at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:545)
    at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1217)
    at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1185)
    at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:471)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.doWrap(SSLIOSession.java:270)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:316)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:541)
    at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:120)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:162)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:337)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:315)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:276)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:104)
    at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:591)
    at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:198)
    at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1729)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:333)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:325)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1688)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1082)
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:1015)
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:1012)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1504)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.doRunTask(SSLIOSession.java:288)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:356)
    ... 9 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:450)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
    at sun.security.validator.Validator.validate(Validator.java:262)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:289)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:144)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1675)
4

1 回答 1

0

确保您已导入证书链。如果您已经做了更好的启用 ssl 调试日志 [1] 并分析 ssl 日志以确定问题的确切原因。

[1]-https://dilsichandrasena.medium.com/how-to-enable-ssl-debug-logs-for-wso2-products-6de7276ffe10

于 2022-02-10T17:15:49.587 回答