加入收藏 | 设为首页 | 会员中心 | 我要投稿 李大同 (https://www.lidatong.com.cn/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 综合聚焦 > 资源网站 > 资源 > 正文

web-services – java webservice客户端中的握手异常

发布时间:2020-12-14 18:27:43 所属栏目:资源 来源:网络整理
导读:我正在尝试为安全的https连接实现webclient.我导入了服务器证书并将其添加到 java密钥库.但是当我尝试运行客户端时,我得到以下例外: – Oct 18,2013 3:25:25 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging WARNING: Interceptor for {ht
我正在尝试为安全的https连接实现webclient.我导入了服务器证书并将其添加到 java密钥库.但是当我尝试运行客户端时,我得到以下例外: – 
Oct 18,2013 3:25:25 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging WARNING: Interceptor for 

{http://tempuri.org/}Service#{http://tempuri.org/}GetUserInformation has thrown exception,unwinding now org.apache.cxf.interceptor.Fault: Could not send Message.
    at 
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
    at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
    at $Proxy29.getUserInformation(Unknown Source)
    at 
org.tempuri.ServiceSoap_ServiceSoap_Client.main(ServiceSoap_ServiceSoap_Client.java:78)
Caused by: java.io.IOException: IOException invoking 
myurl/**/**/asmx: The https URL hostname does not 
match the Common Name (CN) on the server certificate in the client's truststore.  Make sure 
server certificate is correct,or to disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1338)
    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1322)
    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
    at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:627)
    at 
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
    ... 9 more
Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) 
on the server certificate in the client's truststore.  Make sure server certificate is 
correct,or to disable this check (NOT recommended for production) set the CXF client TLS 
configuration property "disableCNCheck" to true.
    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1241)   at 
org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
    at 
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
    at 
org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1295)
    ... 12 more
Exception in thread "main" javax.xml.ws.WebServiceException: Could not send Message.
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
    at $Proxy29.getUserInformation(Unknown Source)
    at 
org.tempuri.ServiceSoap_ServiceSoap_Client.main(ServiceSoap_ServiceSoap_Client.java:78)
Caused by: java.io.IOException: IOException invoking 
myurl/**/**/asmx: The https URL hostname does not 

match the Common Name (CN) on the server certificate in the client's truststore.  Make sure 

server certificate is correct,or to disable this check (NOT recommended for production) set 

the CXF client TLS configuration property "disableCNCheck" to true.
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1338)
    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1322)
    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
    at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:627)
    at 
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
    at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
    ... 2 more
Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) 
on the server certificate in the client's truststore.  Make sure server certificate is 
correct,or to disable this check (NOT recommended for production) set the CXF client TLS 
configuration property "disableCNCheck" to true.
    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1241)
    at 
org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
    at 
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
    at 
org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)    at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1295)

有人可以帮我弄这个吗.提前致谢…

解决方法

根据您必须选择的CXF客户端的类型.如果您具有基于Spring的客户端配置,则必须向http:conduit配置添加属性: 
<http:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit">
    <http:tlsClientParameters disableCNCheck="true">
       <!-- other tls configuration parameters,like trustManagers -->
    </http:tlsClientParameters>
</http:conduit>

name必须匹配WSDL中的命名空间和端口名称.

如果您使用programmaticaly创建客户端,请使用以下代码:

HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();

TLSClientParameters tlsCP = new TLSClientParameters();
// other TLS/SSL configuration like setting up TrustManagers
tlsCP.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsCP);

其中port是您调用的实际客户端代理.

这两个选项都可以在CXF example that I modified here中找到

BTW.在生产环境中使用此属性存在真正的威胁,因此请考虑为生产服务器发布具有正确CN的新证书,而不是依赖于此hack.

(编辑:李大同)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
    相关内容
      推荐文章
        站长推荐
        热点阅读

          【免责声明】本站内容转载自互联网,其发布内容言论不代表本站观点,如果其链接、内容的侵犯您的权益,烦请提交相关链接至邮箱bqsm@foxmail.com我们将及时予以处理。

          建议您使用1920×1080分辨率、谷歌浏览器Google Chrome、Microsoft Edge以获得本站的最佳浏览效果

          Copygight © 2008-2022 https://www.lidatong.com.cn/ All Rights Reserved. 李大同