Java 尝试连接到 Web 套接字服务器时,不断收到 No X509TrustManager implementation available 错误
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38353944/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Keep getting No X509TrustManager implementation available error when trying to connect to web socket server
提问by jgr208
I have the following code for connecting to a web socket server in my java application using secure websockets.
我有以下代码用于使用安全 websockets 连接到我的 java 应用程序中的 web socket服务器。
private boolean openConnection(boolean tried) {
String sslFile =
ConfigMgr.getValue(Constants.SSL_CFG_NAME, "sslfile");
String sslPassword =
ConfigMgr.getValue(Constants.SSL_CFG_NAME, "sslpassword");
try {
System.setProperty("javax.net.ssl.trustStore",
//sslFile);
System.setProperty("javax.net.ssl.trustStorePassword", sslPassword);
System.out.println(System.getProperty("javax.net.ssl.trustStore"));
System.out.println(System.getProperty("javax.net.ssl.trustStorePassword"));
} catch (Exception e) {
if (!tried) {
logger.error("unable to get certificates", e);
}
return false;
}
try {
WebSocketContainer container = ContainerProvider
.getWebSocketContainer();
container.connectToServer(this, new URI(websocketServer));
} catch (Exception e) {
// only log error trying to connection to web application first
// time
if (!tried) {
logger.error("error while trying to connect daemon to websocket"
+ " server", e);
}
return false;
}
return true;
}
I can see from my print statements
我可以从我的打印报表中看到
System.setProperty("javax.net.ssl.trustStorePassword", sslPassword);
and
和
System.out.println(System.getProperty("javax.net.ssl.trustStore"));
That the correct password and certificate (a .cerin this case) with the contents
正确的密码和证书(.cer在本例中为 a)与内容
-----BEGIN CERTIFICATE-----
MIIDmTCCAoGgAwIBAgIEB/pKmDANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJV
UzELMAkGA1UECBMCUEExGDAWBgNVBAcTD0ZvcnQgV2FzaGluZ3RvbjEXMBUGA1UE
ChMOTWlrcm9zIFN5c3RlbXMxFzAVBgNVBAsTDk1pa3JvcyBTeXN0ZW1zMRUwEwYD
VQQDEwxKYXNvbiBSaWNsZXMwHhcNMTYwNjIyMTcwOTQ0WhcNMTYwOTIwMTcwOTQ0
WjB9MQswCQYDVQQGEwJVUzELMAkGA1UECBMCUEExGDAWBgNVBAcTD0ZvcnQgV2Fz
aGluZ3RvbjEXMBUGA1UEChMOTWlrcm9zIFN5c3RlbXMxFzAVBgNVBAsTDk1pa3Jv
cyBTeXN0ZW1zMRUwEwYDVQQDEwxKYXNvbiBSaWNsZXMwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCsha/dfnWIibmtySZuE8H+3AOa8/QuARKsFgmZJmWZ
ZErjlzN6liUO1Q9pzYXoka69tiIOw0KDWwGAHCAK8mjNpdcs9XiYq3QMZjNAUhqP
rRU5oDn9jwCwQnpepBhH6uiMaBcvrMsvLTaD4HvwoVyMROEhIWywBYMdHk86gcGr
ALz+iMhE8017CAA2n/35fqwDjxeGxDgY3Ove/fTKoeA+ItKOwsYeFZUeej9omTz+
UcdXJ6fu312At/Sh7YZpgP3LsX+rMfdD9sHn80UTy46UoT5UNW0Me40+S47/oh4H
VeOeR5XpcBPHnqbAJAvPAqD/sF9xbvhESwfoSkMB26drAgMBAAGjITAfMB0GA1Ud
DgQWBBQ7YV0yIawkjCCp0crz52BGwMPHnzANBgkqhkiG9w0BAQsFAAOCAQEAdmwo
8ZXZMxKzyfolVKj2UQBzkeSies133nRns0jFbkzm8N4lNtcWiShfLtlTQAuUZNMl
JK7Eax+weLq7tNMZyBdLWse8E4oe8m3XY/Xe7oQGs2EzdlHVZk7JuDHU63mC33cz
xvoNutE+y1Zonce9WaxACuNNMuxyYTVg6yqz/psjYE2YOajc1MmXjI38FkfmQ1bL
ByeNEvnLT1IcQ0OmaSuk2ESj144y/EtkN9/GKFOTPjSRL3zIStNBytn7WNlFV/ch
qaF/eOJRQMlHDosX40IrkHHIoc/pbTKYmjoreC/+biMKc0gUk+EN/uBrcJrVRFnl
dXTNJe6/sNzvkTc/IA==
-----END CERTIFICATE-----
are being set correctly.
正在正确设置。
However when I run my code the following error gets printed when container.connectToServer(this, new URI(websocketServer));is ran
然而,当我我的代码运行时会打印下面的错误container.connectToServer(this, new URI(websocketServer));就是跑
javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed
at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:434) ~[tomcat7-websocket.jar:7.0.68]
at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:184) ~[tomcat7-websocket.jar:7.0.68]
at
cored.web.CoreWebSocket.openConnection(CoreWebSocket.java:278) [cored.jar:3.0.10.160712122615]
at cored.web.CoreWebSocket.establishConnection(CoreWebSocket.java:1150) [cored.jar:3.0.10.160712122615]
at
cored.web.CoreWebSocket.access0(CoreWebSocket.java:85) [cored.jar:3.0.10.160712122615]
at
cored.web.CoreWebSocket.execute(CoreWebSocket.java:138) [cored.jar:3.0.10.160712122615]
at utils.AThread.run(AThread.java:51)
[utils.jar:3.0.10.160712122615]
Caused by: java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.java:511) ~[tomcat7-websocket.jar:7.0.68]
at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:379) ~[tomcat7-websocket.jar:7.0.68]
... 6 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.SSLEngineImpl.writeAppRecord(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.SSLEngineImpl.wrap(Unknown Source) ~[?:1.8.0_92]
at javax.net.ssl.SSLEngine.wrap(Unknown Source) ~[?:1.8.0_92]
at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.java:371) ~[tomcat7-websocket.jar:7.0.68]
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.fatalSE(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.fatalSE(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.processLoop(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.run(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.run(Unknown Source) ~[?:1.8.0_92]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source) ~[?:1.8.0_92]
at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.java:397) ~[tomcat7-websocket.jar:7.0.68]
Caused by: java.security.cert.CertificateException: No X509TrustManager implementation available
at sun.security.ssl.DummyX509TrustManager.checkServerTrusted(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.processLoop(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.run(Unknown Source) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker.run(Unknown Source) ~[?:1.8.0_92]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_92]
at sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source) ~[?:1.8.0_92]
at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.java:397) ~[tomcat7-websocket.jar:7.0.68]
I know the .cerfile I am using is not corrupt since it is also being used on a tomcat webserver and has no problem.
我知道.cer我使用的文件没有损坏,因为它也在 tomcat 网络服务器上使用并且没有问题。
What may be causing this No X509TrustManager implementation availableerror?
什么可能导致此No X509TrustManager implementation available错误?
采纳答案by pedrofb
.cerfile is not a valid type for your truststore. You can use the system variable javax.net.ssl.trustStoreTypeto set the type. By default is set to JKS, you can also use PKCS12 for example.
.cer文件不是您的信任库的有效类型。您可以使用系统变量javax.net.ssl.trustStoreType来设置类型。默认设置为JKS,例如您也可以使用 PKCS12。
You have to create a JKS file and include the .cer file. Configure also the password for the trusttore
您必须创建一个 JKS 文件并包含 .cer 文件。还配置信任库的密码
System.setProperty("javax.net.ssl.trustStore", "path/to/truststore");
System.setProperty("javax.net.ssl.trustStorePassword", truststorepassword);
To import a .cer file into a JKS use
要将 .cer 文件导入 JKS 使用
keytool -importcert -file certificate.cer -keystore keystore.jks -alias "Alias"
