1. 首頁
  2. 問答
  3. 無法爲Java應用程序安裝SSL證書

無法爲Java應用程序安裝SSL證書

2013-10-03 72 views
1

有點類似於this問題中所述的情況。我也有一個特定鏈接的WSDL。當我打開該鏈接時,IE中出現There is a problem with this website's security certificate...錯誤。當我點擊繼續時,它打開了WSDL文件。無法爲Java應用程序安裝SSL證書

現在我正在爲此web服務編寫客戶端程序。而它拋出以下異常:

Exception in thread "main" com.sun.xml.internal.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException. 

java.io.IOException: Got java.security.cert.CertificateException: No subject alternative names matching IP address 172.17.245.196 found while opening stream from https://172.17.245.196/ews/Services.wsdl 
java.io.IOException: Got java.security.cert.CertificateException: No subject alternative names matching IP address 172.17.245.196 found while opening stream from https://172.17.245.196/ews/Services.wsdl?wsdl 
    at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(Unknown Source) 
    at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(Unknown Source)  
    at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(Unknown Source) 
    at com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(Unknown Source) 
    at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source) 
    at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source) 
    at com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(Unknown Source) 
    at javax.xml.ws.Service.<init>(Unknown Source) 
    at com.microsoft.schemas.exchange.services._2006.messages.ExchangeWebService.<init>(ExchangeWebService.java:58) 
    at com.xyz.cms.EWSJavaAPI.ExchangeAuthenticator.getExchangeServicePort(ExchangeAuthenticator.java:32) 
    at com.xyz.cms.test.ExchangeDevelopmentTest.main(ExchangeDevelopmentTest.java:31)

所以我想這是關係到解決證書和自說線程上的傢伙得到了類似的例外,我想出來的解決方案建議有 - 下載並添加證書到私人使用keytool.exe,但我真的不認爲我已經完全瞭解這個證書的東西,也0123'。

所以我

  • 通過訪問瀏覽器的鏈接下載證書,然後複製粘貼日食它的應用程序目錄。
  • 此外我複製粘貼$JAVA_HOME/lib/security/cacerts到我的應用程序目錄。所以現在我的應用層次結構在eclipse中看起來像這樣: enter image description here
  • 然後打開命令提示符並導航到app目錄。
  • 最後執行命令(如該線程中建議的那樣)。它給了我以下輸出。它給了我以下輸出 enter image description here

但它給了我完全相同的例外。我該怎麼辦?

編輯

嗯,這是我的心血編寫Java客戶端Exchange Web服務。他們是ExchangeAuthenticator,用於管理對Exchange和ExchangeDevelopmentTest的Web服務身份驗證請求,其中包含測試上述類功能的主要方法。一下面是代碼:

ExchangeAuthenticator

public class ExchangeAuthenticator {  
/** 
* Obtains an authenticated ExchangeServicePortType with given credentials. 
*  
*/ 
    public ExchangeServicePortType getExchangeServicePort(String username, String password, String domain, URL wsdlURL) throws MalformedURLException { 
     // Concatinate our domain and username for the UID needed in authentication. 
     String uid = "domain" + "\\" + "uname"; 

     // Create an ExchangeWebService object that uses the supplied WSDL file, wsdlURL. 
     ExchangeWebService exchangeWebService = new ExchangeWebService(wsdlURL, new QName("<a href=\"http://schemas.microsoft.com/exchange/services/2006/messages\">http://schemas.microsoft.com/exchange/services/2006/messages</a>", "ExchangeWebService")); 
     ExchangeServicePortType port = exchangeWebService.getExchangeWebPort(); 
     // Supply your username and password when the ExchangeServicePortType is used for binding in the SOAP request. 
     ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, uid); 
     ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password); 

     return port; 
    } 
}

ExchangeDevelopmentTest

public class ExchangeDevelopmentTest {  
    public static void main (String[] args) { 
     ExchangeAuthenticator exchangeAuthenticator = new ExchangeAuthenticator(); 

     // Print statement so we can easily see where our statements start in the Java console. 
     System.out.println("Let's get started!"); 

     try { 
      // Create a URL object which points at the .wsdl we deployed in the previous step. 
      URL wsdlURL = new URL("https://172.17.245.196/ews/Services.wsdl"); 
      //URL wsdlURL = new URL("<a href=\"https://172.17.245.196/ews/Services.wsdl\">https://172.17.245.196/ews/Services.wsdl</a>"); 
      // Call to the class we just created to return an ExchangeServicePortType with authentication credentials. 
      ExchangeServicePortType port = exchangeAuthenticator.getExchangeServicePort("uname", "[email protected]", "domain", wsdlURL); 

      // Prints out the default toString() for the ExchangeServicePortType. 
      System.out.println(port.toString()); 
     } catch (MalformedURLException ex) { 
      // Catch any errors that may occur. 
      Logger.getLogger(ExchangeDevelopmentTest.class.getName()).log(Level.SEVERE, null, ex); 
      System.out.println(ex.getMessage()+"\n"+ex.getStackTrace()); 
     } 
    } 
}

來源

2013-10-03 Mahesha999

+0

我認爲你忘記告訴你的連接信任新的密鑰庫。張貼您用來獲取wsdl的代碼。 – tom

+0

ohkay等待一秒 – Mahesha999

+0

與[這裏](http://stackoverflow.com/a/8444863/372643)完全相同的問題:這是服務器證書不正確(或者您應該使用它的名稱,而不是它的IP地址)。 – Bruno

回答

3

的問題是,你的證書不發出172.17.245.196 IP地址,因此使用的客戶端解析WSDL不信任它。該IP地址應位於證書的主題字段中。

您的證書是官方認證機構信任的還是自簽名的?可能你需要Java來信任它。將它添加到密鑰庫,然後設置系統屬性:

System.setProperty("javax.net.ssl.keyStore", "lfkeystore2"); 
System.setProperty("javax.net.ssl.keyStorePassword", "wshr.ut");

來源

2013-10-03 13:56:11

+0

您的意思是在命令提示符下''keytool'輸出'SubjectAlternativeName'應該有'172.17.245.196'? – Mahesha999

+0

是,而且類型爲「IP地址」而不是「DNSName」。只有當您要使用帶有IP地址的網址時纔會這樣。您當然可以使用現有DNS SAN的URL(當然,如果它解析爲該IP地址)。 – Bruno

+0

ohkay但爲什麼它不在那裏,我的意思是爲什麼它顯示DNSName不是IP地址 - 以及應該怎麼做才能得到它? - 我可能聽起來很愚蠢 – Mahesha999

相關問題

 相關問題