Java 使用 SSL 访问 Web 服务时出错
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2776149/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Error accessing a Web Service with SSL
提问by Elie
I have a program that is supposed to send a file to a web service, which requires an SSL connection. I run the program as follows:
我有一个程序应该将文件发送到需要 SSL 连接的 Web 服务。我运行程序如下:
SET JAVA_HOME=C:\Program Files\Java\jre1.6.0_07
SET com.ibm.SSL.ConfigURL=ssl.client.props
"%JAVA_HOME%\bin\java" -cp ".;Test.jar" ca.mypackage.Main
This was works fine, but when I change the first line to
这很好用,但是当我将第一行更改为
SET JAVA_HOME=C:\Program Files\IBM\SDP\runtimes\base_v7\java\jre
I get the following error:
我收到以下错误:
com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:119)
at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:140)
at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:86)
at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Fiber.java:593)
at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Fiber.java:552)
at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Fiber.java:537)
at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Fiber.java:434)
at com.sun.xml.internal.ws.client.Stub.process(Stub.java:247)
at com.sun.xml.internal.ws.client.sei.SEIStub.doProcess(SEIStub.java:132)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:242)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:222)
at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:115)
at $Proxy26.fileSubmit(Unknown Source)
at com.testing.TestingSoapProxy.fileSubmit(TestingSoapProxy.java:81)
at ca.mypackage.Main.main(Main.java:63)
Caused by: java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
at javax.net.ssl.DefaultSSLSocketFactory.a(SSLSocketFactory.java:7)
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:1)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:110)
at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:14)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:902)
at com.ibm.net.ssl.www2.protocol.https.b.getOutputStream(b.java:86)
at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:107)
... 14 more
Caused by: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
at javax.net.ssl.SSLJsseUtil.b(SSLJsseUtil.java:20)
at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:36)
at javax.net.ssl.HttpsURLConnection.getDefaultSSLSocketFactory(HttpsURLConnection.java:16)
at javax.net.ssl.HttpsURLConnection.<init>(HttpsURLConnection.java:36)
at com.ibm.net.ssl.www2.protocol.https.b.<init>(b.java:1)
at com.ibm.net.ssl.www2.protocol.https.Handler.openConnection(Handler.java:11)
at java.net.URL.openConnection(URL.java:995)
at com.sun.xml.internal.ws.api.EndpointAddress.openConnection(EndpointAddress.java:206)
at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.createHttpConnection(HttpClientTransport.java:277)
at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:103)
... 14 more
So it seems that this problem would be related to the JRE I'm using, but what doesn't seem to make sense is that the non-IBM JRE works fine, but the IBM JRE does not. Any ideas, or suggestions?
所以这个问题似乎与我正在使用的 JRE 相关,但似乎没有意义的是非 IBM JRE 工作正常,但 IBM JRE 没有。有什么想法或建议吗?
采纳答案by Fazal
If your non IBM jre is sun, then it already comes with SSL classes implementation packaged along with it.
如果您的非 IBM jre 是 sun,那么它已经附带了与它一起打包的 SSL 类实现。
It seems the IBM jre is not containing SSL implementation classes at all.
似乎 IBM jre 根本不包含 SSL 实现类。
回答by Jeff Olson
Try adding these two lines somewhere in your setup code:
尝试在设置代码的某处添加这两行:
Security.setProperty("ssl.SocketFactory.provider", "com.ibm.jsse2.SSLSocketFactoryImpl");
Security.setProperty("ssl.ServerSocketFactory.provider", "com.ibm.jsse2.SSLServerSocketFactoryImpl");
回答by Ashish
one may set these properties at WAS_HOME/*/java/jre/lib/security/java.security file by uncomenting the following JSSE props.
可以通过取消注释以下 JSSE 道具在 WAS_HOME/*/java/jre/lib/security/java.security 文件中设置这些属性。
Default JSSE socket factories
默认 JSSE 套接字工厂
ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl
ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl
回答by Anil
Java only allows one SSL connection factory class for a JVM. If you are using a JDK thats shipped with WebSphere Application Server v6x/7x/8x or any other WebSphere server tools in Rational Application Developer, then those require IBM ( com.ibm.websphere.ssl.protocol.SSLSocketFactory ) specific class from WebSphere Application Server runtime. because the java security file has the JSSE socket factories set like below
Java 只允许一个 JVM 使用一个 SSL 连接工厂类。如果您在 Rational Application Developer 中使用 WebSphere Application Server v6x/7x/8x 或任何其他 WebSphere 服务器工具附带的 JDK,那么这些需要来自 WebSphere Application 的 IBM ( com.ibm.websphere.ssl.protocol.SSLSocketFactory ) 特定类服务器运行时。因为 java 安全文件具有如下设置的 JSSE 套接字工厂
# Default JSSE socket factories
#ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl
#ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl
# WebSphere socket factories (in cryptosf.jar)
ssl.SocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLSocketFactory
ssl.ServerSocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLServerSocketFactory
So, If you uncomment the Default JSSE Socket factories and comment out the WebSphere ones then WAS is going to puke.
因此,如果您取消对默认 JSSE 套接字工厂的注释并注释掉 WebSphere 工厂,那么 WAS 就会呕吐。
Better work around would be to have com.ibm.ws.security.crypto.jar file in your class path. This jar file has a dependency on com.ibm.ffdc.jar file so you need that in your class path well. Both these jarfiles are available under <WebSphere_Install_Dirctory>/plugins/
更好的解决方法是在类路径中包含 com.ibm.ws.security.crypto.jar 文件。此 jar 文件依赖于 com.ibm.ffdc.jar 文件,因此您在类路径中需要它。这两个 jarfiles 都可以在<WebSphere_Install_Dirctory>/plugins/
回答by peater
One more "solution" which seems to be working for me. Create your own security properties file, my.java.securitywith contents like:
另一种似乎对我有用的“解决方案”。创建您自己的安全属性文件,my.java.security内容如下:
ssl.SocketFactory.provider=
ssl.ServerSocketFactory.provider=
When calling Java (or in my case maven), add the command line option:
在调用 Java(或在我的情况下是 maven)时,添加命令行选项:
-Djava.security.properties=C:\myfiles\my.java.security
Cribbed from the IBM Liberty documentation: http://www-01.ibm.com/support/knowledgecenter/was_beta_liberty/com.ibm.websphere.wlp.nd.multiplatform.doc/ae/rwlp_trouble.html?lang=en
摘自 IBM Liberty 文档:http://www-01.ibm.com/support/knowledgecenter/was_beta_liberty/com.ibm.websphere.wlp.nd.multiplatform.doc/ae/rwlp_trouble.html?lang=en
回答by JStefan
Found this topic while searching for the same error message but found a different solution. To test a https REST service using the Apache Wink client:
在搜索相同的错误消息时发现了此主题,但找到了不同的解决方案。要使用 Apache Wink 客户端测试 https REST 服务:
ClientConfig config = new ClientConfig();
config.setBypassHostnameVerification(true);
RestClient client = new RestClient(config);
And set the Factory's empty:
并将工厂设置为空:
Security.setProperty("ssl.SocketFactory.provider", "");
Security.setProperty("ssl.ServerSocketFactory.provider", "");
My runtime is a standalone Camel test using IBM JRE 1.7 from IBM WebSphere v8.5.5.
我的运行时是使用 IBM WebSphere v8.5.5 中的 IBM JRE 1.7 的独立 Camel 测试。
回答by Ghulam Mohammed Taher
I had a similar issue when my Batch application was trying to fetch data from Restful web service using Apache wink. I was using MyEclipse as my dev environment. And was using the jre provided by IBM webSphere 8.5. When I changed to Sun 1.6 jre, the issue got resolved.
当我的 Batch 应用程序尝试使用 Apache wink 从 Restful Web 服务获取数据时,我遇到了类似的问题。我使用 MyEclipse 作为我的开发环境。并且使用了 IBM webSphere 8.5 提供的 jre。当我更改为 Sun 1.6 jre 时,问题得到了解决。
