我有 javax.websocket 问题(使用 Eclipse IDE 和 Jetty 9 服务器)。 我写了 ClientEnpdoint(带有所有注释)。此代码适用于“ws://”,但我在尝试使用“wss://”时遇到问题。
我正在尝试使用 SSLContext,但不知道如何将 SSLContextFactory 添加到我的 session 或套接字容器中。
import java.io.FileInputStream;
import java.io.IOException;
import java.net.URI;
import java.security.KeyStore;
import java.util.Date;
import java.text.SimpleDateFormat;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.websocket.*;
import javax.websocket.CloseReason.CloseCodes;
import javax.websocket.ClientEndpointConfig;
import javax.websocket.WebSocketContainer;
@ClientEndpoint
public class ScriptSocketJavax extends Thread{
final static Logger logger = LogManager.getLogger(ScriptSocketJavax.class);
public int checkWork;
private String type;
private String opertr;
private String client;
private Date date = new Date();
private SimpleDateFormat formatForDateNow = new SimpleDateFormat("MM/dd/yyyy");
private Session session;
private URI uri;
WebSocketContainer container;
ClientEndpointConfig endpointConfig;
public ScriptSocketJavax(String opertr, String client, String type) throws Exception{
this.checkWork = 0;
this.uri = URI.create("wss://*****"); //ws://****
this.type = type;
this.client = client;
this.opertr = opertr;
this.container = ContainerProvider.getWebSocketContainer();
this.container.setDefaultMaxTextMessageBufferSize(1024*1024);
this.container.setDefaultMaxBinaryMessageBufferSize(1024*1024);
try {
String STORETYPE = "JKS";
String KEYSTORE = "C:\\****";
String STOREPASSWORD = "123456";
String KEYPASSWORD = "123456";
KeyStore ks = KeyStore.getInstance(STORETYPE);
ks.load(new FileInputStream(KEYSTORE), STOREPASSWORD.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, KEYPASSWORD.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
SSLContext sslContext = null;
sslContext = SSLContext.getInstance( "TLS" );
sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );
sslContext.getSocketFactory();
SSLSocketFactory factory = sslContext.getSocketFactory();
this.session = this.container.connectToServer(this, this.uri); //obj, not class
或者我如何才能使所有连接都可信?
堆栈跟踪:
java.io.IOException: Connect failure
at org.eclipse.jetty.websocket.jsr356.ClientContainer.connect(ClientContainer.java:231)
at org.eclipse.jetty.websocket.jsr356.ClientContainer.connectToServer(ClientContainer.java:261)
at com.stepanov.utils.ScriptSocketJavax.<init>(ScriptSocketJavax.java:80)
...
at java.lang.Thread.run(Unknown Source)
Caused by: org.eclipse.jetty.websocket.api.UpgradeException: 0 null
...
at org.eclipse.jetty.websocket.client.WebSocketUpgradeRequest.onComplete(WebSocketUpgradeRequest.java:513)
... 3 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
...
... 15 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 29 more
最佳答案
首先,您的 JAVA 应该信任 URI 的证书。要使其受 JAVA 信任,您需要将证书添加到 Java keystore 。
关于javax websocket客户端ssl连接,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/49635357/