我正在尝试使用带有 wsimport 目标的 jaxws-maven-plugin 创建 Web 服务客户端,带有这个 pom:
<plugin>
<groupId>org.jvnet.jax-ws-commons</groupId>
<artifactId>jaxws-maven-plugin</artifactId>
<version>2.2</version>
<executions>
<execution>
<goals>
<goal>wsimport</goal>
</goals>
</execution>
</executions>
<configuration>
<wsdlUrls>
<wsdlUrl>
https://test.test/WSTtest?wsdl
</wsdlUrl>
</wsdlUrls>
<verbose>true</verbose>
</configuration>
<dependencies>
<dependency>
<groupId>javax.xml</groupId>
<artifactId>webservices-api</artifactId>
<version>1.4</version>
</dependency>
</dependencies>
</plugin>
但是我得到了错误
[错误] java.security.cert.CertificateException:找不到与 IP 地址 93.92.169.114 匹配的主题备用名称
因为我需要证书。正如我在 SSL client certificate in Maven 阅读的那样我在我的 POM 中添加了与认证文件位置相关的属性:
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>properties-maven-plugin</artifactId>
<version>1.0-alpha-2</version>
<executions>
<execution>
<goals>
<goal>set-system-properties</goal>
</goals>
<configuration>
<properties>
<property>
<name>javax.net.ssl.trustStore</name>
<value>c:\certificate.crt</value>
</property>
</properties>
</configuration>
</execution>
</executions>
</plugin>
但现在我得到了其他错误:
[错误] java.security.NoSuchAlgorithmException:构建实现时出错(算法:默认,提供者:SunJSSE,类:sun.security.ssl.SSLContextImpl$DefaultSSLContext)
正如我在 Java Exception on SSLSocket creation 读到的那样似乎与认证文件的格式有关。我试图通过在 POM 中添加具有相同结果的属性来指示文件的类型。
<properties>
<property>
<name>javax.net.ssl.trustStoreType</name>
<value>JCEKS</value>
</property>
<property>
<name>javax.net.ssl.trustStore</name>
<value>c:\certificate.crt</value>
</property>
</properties>
知道如何解决这个问题吗?我做错了什么?这是指示证书文件位置的正确方法吗?
谢谢
最佳答案
那么,您可以尝试禁用所有 SSL 信任检查:
import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivilegedAction;
import java.security.Security;
import java.security.cert.X509Certificate;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;
public final class XTrustProvider extends java.security.Provider {
private final static String NAME = "XTrustJSSE";
private final static String INFO = "XTrust JSSE Provider (implements trust factory with truststore validation disabled)";
private final static double VERSION = 1.0D;
public XTrustProvider() {
super(NAME, VERSION, INFO);
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
put("TrustManagerFactory." + TrustManagerFactoryImpl.getAlgorithm(), TrustManagerFactoryImpl.class.getName());
return null;
}
});
}
public static void install() {
if(Security.getProvider(NAME) == null) {
Security.insertProviderAt(new XTrustProvider(), 2);
Security.setProperty("ssl.TrustManagerFactory.algorithm", TrustManagerFactoryImpl.getAlgorithm());
}
}
public final static class TrustManagerFactoryImpl extends TrustManagerFactorySpi {
public TrustManagerFactoryImpl() { }
public static String getAlgorithm() { return "XTrust509"; }
protected void engineInit(KeyStore keystore) throws KeyStoreException { }
protected void engineInit(ManagerFactoryParameters mgrparams) throws InvalidAlgorithmParameterException {
throw new InvalidAlgorithmParameterException( XTrustProvider.NAME + " does not use ManagerFactoryParameters");
}
protected TrustManager[] engineGetTrustManagers() {
return new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() { return null; }
public void checkClientTrusted(X509Certificate[] certs, String authType) { }
public void checkServerTrusted(X509Certificate[] certs, String authType) { }
}
};
}
}
}
只需调用 XTrustProvider.install(); 即可禁用所有证书检查。也许此解决方法也可以解决您的问题。但请记住,这只是一种解决方法。
关于java - 使用 Maven 的 Web 服务客户端 - SSL 证书,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24776378/