我已经为部署在 ServiceMix 服务器上的 Web 服务打开了 SSL 客户端身份验证。我已经导入了客户端和服务器证书。我已经使用独立应用程序对其进行了测试,一切正常。但是当我尝试从部署在 Tomcat 上的应用程序调用此 Web 服务时,出现异常:
Caused by: java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:150)
at java.net.SocketInputStream.read(SocketInputStream.java:121)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:312)
at sun.security.ssl.InputRecord.read(InputRecord.java:350)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1689)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:972)
at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1083)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1002)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:282)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:998)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1294)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1321)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1305)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:523)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1087)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1916)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1871)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1934)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
... 107 more
当我未能使用客户端私钥指定 keyStore 时,我收到了来自独立 Java 应用程序的 recv failed 消息。然而,堆栈跟踪是其他的:
Exception in thread "main" com.sun.xml.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException.
java.net.SocketException: Software caused connection abort: recv failed
java.net.SocketException: Software caused connection abort: recv failed
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:172)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144)
at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:263)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:226)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:174)
at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104)
at javax.xml.ws.Service.<init>(Service.java:56)
在那种情况下,我没能阅读 WSDL。但是在 Tomcat 上,读取了 WSDL,但是当 CXF 尝试发送消息时抛出错误。
什么会导致 Tomcat 出现该错误?是证书问题吗?在这两种情况下,指向 trustStore 和 keyStore 的 Java 变量是相同的:
javax.net.ssl.keyStoreType=jks
javax.net.ssl.trustStoreType=jks
javax.net.ssl.keyStore=c:/cert/gen.keystore
javax.net.ssl.trustStore=c:/cert/client.keystore
javax.net.ssl.keyStorePassword=changeit
javax.net.ssl.trustStorePassword=changeit
java : Java 版本“1.6.0_30” Java(TM) SE 运行时环境(build 1.6.0_30-b12) Java HotSpot(TM) 客户端 VM(build 20.5-b03,混合模式,共享)
Tomcat :6.0.26
最佳答案
甚至我以前也遇到过同样的错误。但是当我执行以下操作之一时,它不会发生
- 重新启动服务器。
- 重新生成证书。
尝试从服务器端设置所有这些变量,这意味着在 Tomcat 的
server.xml文件中:javax.net.ssl.keyStoreType=jks javax.net.ssl.trustStoreType=jks javax.net.ssl.keyStore=c:/cert/gen.keystore javax.net.ssl.trustStore=c:/cert/client.keystore javax.net.ssl.keyStorePassword=changeit javax.net.ssl.trustStorePassword=changeit
关于java - 使用 ClientAuth : recv failed on Tomcat, 在独立应用程序上工作的 WebService 调用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/11471542/