您的位置: 首页  >  技术问答  >  无法为Java应用程序安装SSL证书

无法为Java应用程序安装SSL证书

分类: 技术问答 2022-07-11 20:59:51
问题描述:

有点类似于this问题中所述的情况。我也有一个特定链接的WSDL。当我打开该链接时,IE中出现There is a problem with this website's security certificate...错误。当我点击继续时,它打开了WSDL文件。无法为Java应用程序安装SSL证书

现在我正在为此web服务编写客户端程序。而它抛出以下异常:

Exception in thread "main" com.sun.xml.internal.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException. 

java.io.IOException: Got java.security.cert.CertificateException: No subject alternative names matching IP address 172.17.245.196 found while opening stream from https://172.17.245.196/ews/Services.wsdl 
java.io.IOException: Got java.security.cert.CertificateException: No subject alternative names matching IP address 172.17.245.196 found while opening stream from https://172.17.245.196/ews/Services.wsdl?wsdl 
    at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(Unknown Source) 
    at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(Unknown Source)  
    at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(Unknown Source) 
    at com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(Unknown Source) 
    at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source) 
    at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source) 
    at com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(Unknown Source) 
    at javax.xml.ws.Service.<init>(Unknown Source) 
    at com.microsoft.schemas.exchange.services._2006.messages.ExchangeWebService.<init>(ExchangeWebService.java:58) 
    at com.xyz.cms.EWSJavaAPI.ExchangeAuthenticator.getExchangeServicePort(ExchangeAuthenticator.java:32) 
    at com.xyz.cms.test.ExchangeDevelopmentTest.main(ExchangeDevelopmentTest.java:31)

所以我想这是关系到解决证书和自说线程上的家伙得到了类似的例外,我想出来的解决方案建议有 - 下载并添加证书到私人使用keytool.exe,但我真的不认为我已经完全了解这个证书的东西,也0123'。

所以我

  • 通过访问浏览器的链接下载证书,然后复制粘贴日食它的应用程序目录。
  • 此外我复制粘贴$JAVA_HOME/lib/security/cacerts到我的应用程序目录。所以现在我的应用层次结构在eclipse中看起来像这样: enter image description here
  • 然后打开命令提示符并导航到app目录。
  • 最后执行命令(如该线程中建议的那样)。它给了我以下输出。它给了我以下输出 enter image description here

但它给了我完全相同的例外。我该怎么办?

编辑

嗯,这是我的心血编写Java客户端Exchange Web服务。他们是ExchangeAuthenticator,用于管理对Exchange和ExchangeDevelopmentTest的Web服务身份验证请求,其中包含测试上述类功能的主要方法。一下面是代码:

ExchangeAuthenticator

public class ExchangeAuthenticator {  
/** 
* Obtains an authenticated ExchangeServicePortType with given credentials. 
*  
*/ 
    public ExchangeServicePortType getExchangeServicePort(String username, String password, String domain, URL wsdlURL) throws MalformedURLException { 
     // Concatinate our domain and username for the UID needed in authentication. 
     String uid = "domain" + "\\" + "uname"; 

     // Create an ExchangeWebService object that uses the supplied WSDL file, wsdlURL. 
     ExchangeWebService exchangeWebService = new ExchangeWebService(wsdlURL, new QName("<a href=\"http://schemas.microsoft.com/exchange/services/2006/messages\">http://schemas.microsoft.com/exchange/services/2006/messages</a>", "ExchangeWebService")); 
     ExchangeServicePortType port = exchangeWebService.getExchangeWebPort(); 
     // Supply your username and password when the ExchangeServicePortType is used for binding in the SOAP request. 
     ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, uid); 
     ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password); 

     return port; 
    } 
}

ExchangeDevelopmentTest

public class ExchangeDevelopmentTest {  
    public static void main (String[] args) { 
     ExchangeAuthenticator exchangeAuthenticator = new ExchangeAuthenticator(); 

     // Print statement so we can easily see where our statements start in the Java console. 
     System.out.println("Let's get started!"); 

     try { 
      // Create a URL object which points at the .wsdl we deployed in the previous step. 
      URL wsdlURL = new URL("https://172.17.245.196/ews/Services.wsdl"); 
      //URL wsdlURL = new URL("<a href=\"https://172.17.245.196/ews/Services.wsdl\">https://172.17.245.196/ews/Services.wsdl</a>"); 
      // Call to the class we just created to return an ExchangeServicePortType with authentication credentials. 
      ExchangeServicePortType port = exchangeAuthenticator.getExchangeServicePort("uname", "[email protected]", "domain", wsdlURL); 

      // Prints out the default toString() for the ExchangeServicePortType. 
      System.out.println(port.toString()); 
     } catch (MalformedURLException ex) { 
      // Catch any errors that may occur. 
      Logger.getLogger(ExchangeDevelopmentTest.class.getName()).log(Level.SEVERE, null, ex); 
      System.out.println(ex.getMessage()+"\n"+ex.getStackTrace()); 
     } 
    } 
}
+0

我认为你忘记告诉你的连接信任新的密钥库。张贴您用来获取wsdl的代码。 – tom

+0

ohkay等待一秒 – Mahesha999

+0

与[这里](http://stackoverflow.com/a/8444863/372643)完全相同的问题:这是服务器证书不正确(或者您应该使用它的名称,而不是它的IP地址)。 – Bruno

的问题是,你的证书不发出172.17.245.196 IP地址,因此使用的客户端解析WSDL不信任它。该IP地址应位于证书的主题字段中。

您的证书是官方认证机构信任的还是自签名的?可能你需要Java来信任它。将它添加到密钥库,然后设置系统属性:

System.setProperty("javax.net.ssl.keyStore", "lfkeystore2"); 
System.setProperty("javax.net.ssl.keyStorePassword", "wshr.ut");
+0

您的意思是在命令提示符下''keytool'输出'SubjectAlternativeName'应该有'172.17.245.196'? – Mahesha999

+0

是,而且类型为“IP地址”而不是“DNSName”。只有当您要使用带有IP地址的网址时才会这样。您当然可以使用现有DNS SAN的URL(当然,如果它解析为该IP地址)。 – Bruno

+0

ohkay但为什么它不在那里,我的意思是为什么它显示DNSName不是IP地址 - 以及应该怎么做才能得到它? - 我可能听起来很愚蠢 – Mahesha999

相关推荐