java 带有自签名 SSL 证书的“SocketException:未实现未连接的套接字”
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/116635/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
"SocketException: Unconnected sockets not implemented" with self-signed SSL certificate
提问by matt b
(I've asked the same question of the jmeter-user mailing list, but I wanted to try here as well - so at the least I can update this with the answer once I find it).
(我在 jmeter-user 邮件列表中问了同样的问题,但我也想在这里尝试 - 所以至少我可以在找到答案后更新它)。
I'm having trouble using JMeterto test a Tomcat webapp using a self-signed SSL cert. JMeter throws a SocketException with message Unconnected sockets not implemented. According to JMeter's docs, the application is designed and written to accept any certificate, self-signed or CA signed or whatever.
我在使用JMeter使用自签名 SSL 证书测试 Tomcat webapp 时遇到问题。JMeter 抛出一个带有 message 的 SocketException Unconnected sockets not implemented。根据 JMeter 的文档,该应用程序被设计和编写为接受任何证书,自签名或 CA 签名或其他任何证书。
Has anyone run into this specific exception before?
有没有人遇到过这个特定的异常?
I've attempted to export this certificate from the server and import it into my local keystore (with keytool -import -alias tomcat -file ), but the result is the same.
我试图从服务器导出此证书并将其导入我的本地密钥库(使用keytool -import -alias tomcat -file),但结果是一样的。
I've also tried setting javax.net.debug=all as a JVM arg (the JSSE reference guidelists this as a debugging step); however, I don't see any debugging output anywhere - should I expect this somewhere other than standard out/error?
我还尝试将 javax.net.debug=all 设置为 JVM arg(JSSE 参考指南将此列为调试步骤);但是,我在任何地方都没有看到任何调试输出 - 除了标准输出/错误之外,我应该期待这个吗?
回答by Flow
Most javax.net.SocketFactoryimplementations define all createSocket()methods that have parametersas abstract. But have a createSocket()method without parameters that looks like this:
大多数javax.net.SocketFactory实现将所有具有参数的createSocket()方法定义为抽象的。但是有一个没有参数的方法,如下所示:createSocket()
public Socket createSocket() throws IOException {
throw new SocketException("Unconnected sockets not implemented");
}
So if you subclass the abstract javax.net.SocketFactoryyou will be force to override the methods with parameter, but it's easy to miss to override the createSocket()method without parameters. Thus the exception is thrown if your code calls createSocket(). Simply override the method and the be done. :)
因此,如果您对抽象进行子类化,javax.net.SocketFactory您将被迫覆盖带参数的方法,但很容易错过覆盖createSocket()不带参数的方法。因此,如果您的代码调用createSocket(). 只需覆盖该方法并完成即可。:)
回答by Dikla
I had the same problem in my code (not related to JMeter).
我的代码中有同样的问题(与 JMeter 无关)。
My code uses a self-defined SocketFactory. What I found out is that the class com.sun.jndi.ldap.Connectioncalls some methods of the SocketFactoryusing Method.invoke(). One of the methods it tries to call is createSocket()- without parameters.
我的代码使用自定义的SocketFactory. 我发现该类com.sun.jndi.ldap.Connection调用了SocketFactoryusing 的一些方法Method.invoke()。它尝试调用的方法之一是createSocket()- 不带参数。
When I added such method to my factory all worked fine.
当我将这种方法添加到我的工厂时,一切正常。
回答by Alexander
This is a hint rather than a proper answer: A cursory glance at Google results seems to suggest that the exception is usually caused by the code forcing the use of a default SSL socket factory that on purpose throws the exception when createSocket() is invoked on it. What some of the results seem to suggest is that the issue sometimes happens due to a bug in certain version in Java 6, or when the incorrect path or password is provided to the keystore.
这是一个提示而不是一个正确的答案:粗略浏览一下 Google 结果似乎表明异常通常是由强制使用默认 SSL 套接字工厂的代码引起的,该工厂在调用 createSocket() 时故意抛出异常它。一些结果似乎表明,该问题有时是由于 Java 6 中某些版本的错误,或者当提供给密钥库的路径或密码不正确时发生的。
So, I'd say, try using Java 5. Also, try pointing JMeter to a well-known site that uses proper SSL certificates. This way you could test the self-signed certificate hypothesis.
所以,我想说,尝试使用 Java 5。另外,尝试将 JMeter 指向使用正确 SSL 证书的知名站点。通过这种方式,您可以测试自签名证书假设。
回答by ScArcher2
I had Web Service problems similar to this with jdk 1.6.0_10.
我在 jdk 1.6.0_10 上遇到了与此类似的 Web 服务问题。
I upgraded to 1.6.0_16 and everything worked.
我升级到 1.6.0_16 并且一切正常。
回答by Suppressingfire
Try searching your classpath (in Eclipse, I do ctrl-shift-t to do this) for SSLSocketFactory*. If you find one, set it as a property on the Security class:
尝试搜索 SSLSocketFactory* 的类路径(在 Eclipse 中,我按 ctrl-shift-t 执行此操作)。如果找到,请将其设置为 Security 类的一个属性:
In my environment, I've found the following two:
在我的环境中,我发现了以下两个:
Security.setProperty("ssl.SocketFactory.provider", "com.ibm.jsse2.SSLSocketFactoryImpl");
or
或者
Security.setProperty("ssl.SocketFactory.provider", "com.ibm.websphere.ssl.protocol.SSLSocketFactory");
(or for whatever other class you find)
(或您找到的任何其他课程)
Similarly for ServerSocketFactory, if you need server sockets.
类似的ServerSocketFactory,如果您需要服务器套接字。
回答by hoangthienan
Here is my solution (java 1.6) removing TLS_DHE_ ciphers completely, force to override the methods createSocket()
这是我的解决方案 (java 1.6) 完全删除 TLS_DHE_ 密码,强制覆盖方法 createSocket()
(https://gist.github.com/hoangthienan/735afb17ffd6955de95a49aa0138dbaa)
( https://gist.github.com/hoangthienan/735afb17ffd6955de95a49aa0138dbaa)
