웹 서비스를 사용하기위한 SSL 연결

Question

웹 서비스에 대한 SSL 연결 설정에 대한 몇 가지 질문이 있습니다. 그래서 CXF의 도구 "WsdlToJava"로 자바 웹 서비스 프로젝트를 생성했습니다. 이제 SSL 프로토콜 액세스로 내 서버에서 호스팅되는 웹 서비스를 사용하지 않아도됩니다.

이 페이지를 따르려고하면 How to configure the HTTPConduit for the SOAP Client 몇 가지 SSL 문제가 발생합니다. 에 의해

URL wsdl = getClass().getResource("wsdl/greeting.wsdl"); 
SOAPService service = new SOAPService(wsdl, serviceName); 
Greeter greeter = service.getPort(portName, Greeter.class); 

: 나는이 부분을 대체

URL WSDL_LOC = new URL("https://myserver.com/ws/myWS?wsdl"); 
MyWS_Service myws_serv = new MyWS_Service(WSDL_LOC); 
MyWS mywebservice = myws_serv.getMyWSSOAP(); 

하지만 SSL 이유로,이 코드의 seconde 줄에 실패합니다. 이 튜토리얼에서는이 부분 이후에 SSL 연결이 설정되었으며, 일부 예제에서는 wsdl 파일을 가져 오지 못하기 때문에 문제가 없다고 생각합니다. 그러나 로컬에서 가져옵니다.

WSDL 파일을 가져 오기 전에 SSL 연결을 설정하려면 어떻게해야합니까? 당신에게

오류 메시지 감사합니다 :

Exception in thread "main" javax.xml.ws.WebServiceException: org.apache.cxf.service.factory.ServiceConstructionException: Failed to create service. 
    at org.apache.cxf.jaxws.ServiceImpl.<init>(ServiceImpl.java:150) 
    at org.apache.cxf.jaxws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:91) 
    at javax.xml.ws.Service.<init>(Service.java:92) 
    at com.myserver.MyWS_Service.<init>(MyWS_Service.java:37) 
    at tests.MyWSTest.main(MyWSTest.java:49) 
Caused by: org.apache.cxf.service.factory.ServiceConstructionException: Failed to create service. 
    at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:94) 
    at org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:204) 
    at org.apache.cxf.jaxws.ServiceImpl.<init>(ServiceImpl.java:148) 
    ... 4 more 
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: Problem parsing 'https://myserver.com/ws/myWS?wsdl'.: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source) 
    at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) 
    at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) 
    at org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:244) 
    at org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:191) 
    at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:92) 
    ... 6 more 
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) 
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source) 
    at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(Unknown Source) 
    at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(Unknown Source) 
    at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) 
    at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) 
    at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source) 
    at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(Unknown Source) 
    at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Unknown Source) 
    ... 12 more 
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source) 
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) 
    at sun.security.validator.Validator.validate(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) 
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) 
    ... 31 more 
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) 
    at java.security.cert.CertPathBuilder.build(Unknown Source) 
    ... 37 more 

Answer 1

당신은 "https://myserver.com/"에 대한 인증서를 발급 한 서명 기관의 CA 인증서가 필요합니다. 가장 쉬운 방법은 웹 브라우저를 통해 "https://myserver.com/"인증서를받은 다음 CA 계층 구조를 확인하는 것입니다. 상위 인증서를 가져온 후 JKS 트러스트 스토어로 가져옵니다. 자바 프로그램을 실행하면 시스템 속성 "-Djavax.net.ssl.trustStore = yourtruststore.jks"로 전달됩니다.