0
JDeveloper 11.1.2.3.0을 사용하여 WSO2 DSS에서 생성 된 웹 서비스 클라이언트와 프록시가 있습니다.HTTP 전송 오류 : WSO2가있는 javax.net.ssl.SSLHandshakeException DSS
내 데이터 서비스가 UsernameToken (기본 시나리오)으로 보호됩니다.
이 내 클라이언트 코드 : 나는 내 인증서를 생성 한 다음과 같은 방법으로
com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:138)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:187)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:124)
at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:121)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:866)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:815)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:778)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:680)
at com.sun.xml.ws.client.Stub.process(Stub.java:272)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:153)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:136)
at $Proxy35.selectAllIAWSDLREGISTRATIONOperation(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.wsee.jaxws.spi.ClientInstanceInvocationHandler.invoke(ClientInstanceInvocationHandler.java:84)
at $Proxy36.selectAllIAWSDLREGISTRATIONOperation(Unknown Source)
at pmis.wsdl2.SecureSOAP11EndpointClient.main(SecureSOAP11EndpointClient.java:66)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1014)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:126)
... 20 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
... 32 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 38 more
:
keytool -genkey -alias wso2cert -keyalg RSA -keysize 1024 -keypass mypkpassword -keystore wso2keystore.jks -storepass mypkpassword
keytool -export -alias wso2cert -keystore wso2keystore.jks -storepass mypkpassword -file wso2cert.cer
keytool -import -alias wso2newcert -file wso2cert.cer -keystore client-truststore.jks -storepass wso2carbon
package pmis.wsdl2;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.annotation.Generated;
import javax.xml.ws.BindingProvider;
import weblogic.security.SSL.TrustManager;
import weblogic.wsee.security.bst.ClientBSTCredentialProvider;
import weblogic.wsee.security.saml.SAMLTrustCredentialProvider;
import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
import weblogic.wsee.security.util.CertUtils;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.provider.CredentialProvider;
// This source file is generated by Oracle tools.
// Contents may be subject to change.
// For reporting problems, use the following:
// Generated by Oracle JDeveloper 11g Release 2 11.1.2.3.0.6276
public class SecureSOAP11EndpointClient {
public static void main(String[] args) {
IAWSDLREGISTRATIONDataService iAWSDLREGISTRATIONDataService = new IAWSDLREGISTRATIONDataService();
IAWSDLREGISTRATIONDataServicePortType iAWSDLREGISTRATIONDataServicePortType =
iAWSDLREGISTRATIONDataService.getSecureSOAP11Endpoint();
String username = "admin";
String password = "admin";
String clientKeyStore = "d:/wso2keystore.jks";
String clientKeyStorePass = "mypkpassword";
String clientKeyAlias = "wso2cert";
String clientKeyPass = "mypkpassword";
String serverCertFile = "d:/wso2cert.cer";
List credProviders = new ArrayList();
//use x509 to secure wssc handshake
try {
X509Certificate serverCert = (X509Certificate)CertUtils.getCertificate(serverCertFile);
CredentialProvider cp =
new ClientBSTCredentialProvider(clientKeyStore, clientKeyStorePass, clientKeyAlias, clientKeyPass,
"JKS", serverCert);
credProviders.add(cp);
cp = new ClientUNTCredentialProvider(username.getBytes(), password.getBytes());
credProviders.add(cp);
Map<String, Object> rc = ((BindingProvider)iAWSDLREGISTRATIONDataServicePortType).getRequestContext();
rc.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
rc.put(WSSecurityContext.TRUST_MANAGER, new TrustManager() {
public boolean certificateCallback(X509Certificate[] chain, int validateErr) {
return true;
}
});
iAWSDLREGISTRATIONDataServicePortType.selectAllIAWSDLREGISTRATIONOperation();
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
, 나는 다음과 같은 오류를 받고 있어요
제게 제안 해주세요, 어떻게 호출 할 수 있습니까? UsernameToken + SSL. 다른 단계가 필요합니까?
감사합니다, 에바
네, 이미 편집했습니다. 하지만 여전히 같은 오류가 발생합니다. SSL 내의 Java 클라이언트에서 보안 DSS를 호출하는 자습서를 제공해주십시오. –
클라이언트 키 저장소 및 서버 인증서 파일을 만드는 방법을 알려주십시오. 또한 서버 키 저장소로 가져 오는 방법은 무엇입니까? –
이 게시물을 확인하십시오. http://hasini-gunasinghe.blogspot.com/2011/12/installing-new-keystore-into-wso2.html – Ratha