我正在使用入站 https 端点在 mule 中开发一个 REST Web 服务。我已经使用 tls-key-store 和 tls-server 配置了 https 连接器。(已使用 keytool 生成了相同的内容)。
下面是配置文件:
<https:connector name="httpsConnector" doc:name="HTTP\HTTPS" validateConnections="true">
<https:tls-key-store path="keystore.jks" keyPassword="welcome" storePassword="welcome"/>
<https:tls-server path="truststore.jks" storePassword="welcome"/>
</https:connector>
<flow name="RESTFlow1" doc:name="RESTFlow1">
<https:inbound-endpoint exchange-pattern="request-response" host="0.0.0.0" port="8082" connector-ref="httpsConnector" doc:name="HTTPS"/>
<jersey:resources doc:name="REST">
<component class="com.thinxtream.rest.restWebservices"/>
</jersey:resources>
</flow>
客户端是一个连接到此 mule Rest Web 服务的 Flex 应用程序,它给出以下错误:
httpsConnector.receiver.02] org.mule.exception.DefaultSystemExceptionStrategy: Caught exception in Exception Strategy: Received fatal alert: bad_certificate
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
at sun.security.ssl.AppInputStream.read(Unknown Source)
at sun.security.ssl.AppInputStream.read(Unknown Source)
at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78)
at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106)
at org.mule.transport.http.HttpServerConnection.readLine(HttpServerConnection.java:219)
at org.mule.transport.http.HttpServerConnection.readRequest(HttpServerConnection.java:185)
at org.mule.transport.http.HttpMessageReceiver$HttpWorker.run(HttpMessageReceiver.java:155)
at org.mule.work.WorkerContext.run(WorkerContext.java:311)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Flex 应用程序上也有任何配置吗?
最佳答案
如果您自己创建了服务器端证书,那么它可能是自签名的或使用您自己的 CA 证书签名的。客户端需要信任签名证书或服务器证书本身。为此,您需要将服务器证书(链)导入客户端使用的信任库中。
关于java - mule https 入站端点,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/20718707/