0
我正在爲我的工作構建一個應用程序,並遇到了一個我不知道如何解決的問題。我們正在創建一個應該連接到HTTPS網站的駱駝碼頭代理服務器。我們很容易地爲非安全網站提供了代理,但現在我們遇到了使用Camel和Jetty連接到安全網站的問題。Apache Camel Keystore Jetty代理
org.apache.camel.CamelExchangeException: JettyClient failed cause by: General SSLEngine problem. Exchange[ID-jasonm-win7-53769-1497563726897-0-1]. Caused by: [javax.net.ssl.SSLHandshakeException - General SSLEngine problem]
at org.apache.camel.component.jetty9.JettyContentExchange9.doTaskCompleted(JettyContentExchange9.java:164)
at org.apache.camel.component.jetty9.JettyContentExchange9.onConnectionFailed(JettyContentExchange9.java:130)
at org.apache.camel.component.jetty9.JettyContentExchange9$1.onFailure(JettyContentExchange9.java:225)
at org.eclipse.jetty.client.RequestNotifier.notifyFailure(RequestNotifier.java:253)
at org.eclipse.jetty.client.RequestNotifier.notifyFailure(RequestNotifier.java:239)
at org.eclipse.jetty.client.HttpSender.abort(HttpSender.java:541)
at org.eclipse.jetty.client.HttpSender.anyToFailure(HttpSender.java:342)
at org.eclipse.jetty.client.HttpSender$CommitCallback.failed(HttpSender.java:706)
at org.eclipse.jetty.client.http.HttpSenderOverHTTP$HeadersCallback.failed(HttpSenderOverHTTP.java:280)
at org.eclipse.jetty.io.WriteFlusher$PendingState.fail(WriteFlusher.java:260)
at org.eclipse.jetty.io.WriteFlusher.onFail(WriteFlusher.java:482)
at org.eclipse.jetty.io.AbstractEndPoint.close(AbstractEndPoint.java:120)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.close(SslConnection.java:974)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:678)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:114)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:70)
at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:90)
at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:115)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:202)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1364)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:529)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:807)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:775)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:525)
... 16 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1708)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:303)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:295)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1369)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:156)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:925)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:865)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:862)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1302)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:630)
... 16 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:281)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1356)
... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 29 more
經過審查,我們發現這是因爲我們沒有接受證書。所以,我們發現這個代碼在網上是發生在* .jks文件,並允許安全連接
private void configureSslForJetty()
{
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource("c:\\Projects\\blah\\fakefilter.jks");
ksp.setPassword("123456");
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setKeyStore(ksp);
kmp.setKeyPassword("export-password");
SSLContextParameters scp = new SSLContextParameters();
scp.setKeyManagers(kmp);
JettyHttpComponent jettyComponent = getContext().getComponent("jetty", JettyHttpComponent.class);
jettyComponent.setSslContextParameters(scp);
}
private void configureSslForHttp4()
{
KeyStoreParameters trust_ksp = new KeyStoreParameters();
trust_ksp.setResource("c:\\Projects\\blah\\fakeca.jks");
trust_ksp.setPassword("123456");
TrustManagersParameters trustp = new TrustManagersParameters();
trustp.setKeyStore(trust_ksp);
SSLContextParameters scp = new SSLContextParameters();
scp.setTrustManagers(trustp);
HttpComponent httpComponent = getContext().getComponent("https4", HttpComponent.class);
httpComponent.setSslContextParameters(scp);
}
,我們沒有理解的問題是,我不知道在哪裏* .jks文件來自OR的密碼來自哪裏。這些信息在哪裏?有沒有我可以遵循的相對路徑來獲取* .jks文件?
谷歌更多關於Java SSL和證書。 JKS是Java Key Store。 –