我正在发送 https 请求。我已经添加了客户端证书并导入到jvm仍然无法执行请求,显示连接请求。
private static Registry<ConnectionSocketFactory> scheme = null;
static {
SSLConnectionSocketFactory socketFactory = null;
try {
System.setProperty("javax.net.debug", "all");
String KEYSTORE_LOCATION = "C:\\Users\\pritesha\\Desktop\\TS1_certs\\wwwin-ts1fin.cisco.com.jks";
FileInputStream is = new FileInputStream(new File(KEYSTORE_LOCATION));
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(is, "changeit".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);
SSLContext ctx = SSLContext.getInstance("TLSv1");
ctx.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sslFactory = ctx.getSocketFactory();
SSLContextBuilder sslContextBuilder = SSLContexts.custom().useTLS().loadTrustMaterial(trustStore);
socketFactory = new SSLConnectionSocketFactory(sslContextBuilder.build());
} catch (KeyStoreException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (KeyManagementException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (NoSuchAlgorithmException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (CertificateException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (IOException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
}
scheme = RegistryBuilder.<ConnectionSocketFactory>create().register("https", socketFactory).build();
}
public static String connect() {
CloseableHttpClient httpclient = null;
try {
String URL = "https://wwwin-ts1fin.cisco.com/bpelpcicreatereceipt_client_ep";
String requestBody = "<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"http://xmlns.oracle.com/I2C/PrjPCIReceiptCreation/BPELPCICreateReceipt\"><SOAP-ENV:Header/><SOAP-ENV:Body>"
+ "<ns1:process><ns1:SourceSystem>CCW</ns1:SourceSystem> <ns1:PaymentId>" + 123
+ "</ns1:PaymentId> <ns1:Retry>No</ns1:Retry></ns1:process></SOAP-ENV:Body></SOAP-ENV:Envelope>";
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(scheme);
connectionManager.setMaxTotal(200);
connectionManager.setDefaultMaxPerRoute(20);
httpclient = HttpClients.custom().setConnectionManager(connectionManager).build();
HttpPost httpPost = new HttpPost(URL);
httpPost.setHeader("Content-Type", "text/xml");
httpPost.setEntity(new StringEntity(requestBody));
HttpResponse httpResponse = httpclient.execute(httpPost);
HttpEntity entity = httpResponse.getEntity();
if (entity != null) {
return EntityUtils.toString(entity);
}
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
这是我得到的完整堆栈跟踪:
[Raw read]: length = 5 0000: 15 03 03 00 02 ..... main, handling exception: java.net.SocketException: Connection reset main, SEND TLSv1 ALERT: fatal, description = unexpected_message main, WRITE: TLSv1 Alert, length = 2 main, Exception sending alert: java.net.SocketException: Connection reset by peer: socket write error main, called closeSocket()
最佳答案
首先,这是一个 TLS 警报,您需要更好地了解它是什么警报。安装wireshark并嗅探 session 。深入研究警报消息和wireshark解析器将更多地解释这个问题。
我怀疑您没有协商通用的密码套件。您选择了 tls v1,但 cicso 可能有更高的版本,因此您选择通过降级到 tls 1.0(即 ssl v3,毫不奇怪地被 cisco 拒绝)来不提供一组密码套件。
关于java - 无法发送显示 SocketException : Connection reset 的 post https 请求,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57374895/