您的位置: 首页  >  技术问答  >  wso2密钥存储问题

wso2密钥存储问题

分类: 技术问答 2022-08-29 20:34:30
问题描述:

我正在使用wso2 sso version 5.3。我正在配置新的jks密钥来代替wso2carbon.jks并按照步骤操作。wso2密钥存储问题

  1. 使用自-signed证书和密钥复制到文件夹${carbon.home}/repository/resources/security/test2.jks 命令生成的密钥:- keytool -genkey -keyalg RSA -alias wso2carbon -keystore keystore.jks -validity 360

  2. 更新新carbon.xmltest2.jks文件。

    <KeyStore> 
    <!-- Keystore file location--> 
    <Location>${carbon.home}/repository/resources/security/test2.jks</Location> 
    <!-- Keystore type (JKS/PKCS12 etc.)--> 
    <Type>JKS</Type> 
    <!-- Keystore password--> 
    <Password>xxxxxx</Password> 
    <!-- Private Key alias--> 
    <KeyAlias>wso2carbon</KeyAlias> 
    <!-- Private Key password--> 
    <KeyPassword>xxxxxx</KeyPassword> 
</KeyStore>

错误消息:

异常当使用轴2库从Java调用。 “sun.security.provider.certpath.SunCertPathBuilderException:无法找到要求的目标的有效证书路径”。

代码段:

public static void main (String[] args) throws Exception { 

    final String SERVER_URL = "https://XXXXXXX:9443/services/"; 
    //setting jks key 
    System.setProperty("javax.net.ssl.trustStore", "test2.jks"); 
    System.setProperty("javax.net.ssl.trustStorePassword", "XXXXX"); 
    System.setProperty("javax.net.ssl.trustStoreType", "JKS"); 

    try{  
     String cookie = null; 
     AuthenticationAdminStub authstub = new AuthenticationAdminStub(SERVER_URL+"AuthenticationAdmin"); 

     // Authenticates as a user having rights to add users. 
     if (authstub.login(XXXXXX, XXXXXX, null)) { 
      cookie = (String) authstub._getServiceClient().getServiceContext().getProperty( 
        HTTPConstants.COOKIE_STRING); 
      System.out.println("cookie "+cookie); 
     } 
    } catch (Exception e) { 
     e.printStackTrace(); 
     System.exit(0); 
    } 
}

堆栈跟踪:

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source) 
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) 
    at sun.security.validator.Validator.validate(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) 
    ... 42 more 
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source) 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) 
    at java.security.cert.CertPathBuilder.build(Unknown Source) 
    ... 48 more

尝试设置绝对路径javax.net.ssl.trustStore

相关推荐