在 Java 上使用 https 连接到服务的 Jersey 错误 6
Jersey error to connect to service using https on Java 6
我是 运行 Wildfly 9 上的 REST 服务,使用 https 和使用此 的自签名证书。
为了绕过 ssl 验证,我使用了这个代码:
public static Client createIgnoreSSLClient() {
ClientConfig clientConfig = new ClientConfig();
clientConfig.connectorProvider(new HttpUrlConnectorProvider());
SSLContext sslcontext;
try {
sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(null, new TrustManager[]{new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
}}, new java.security.SecureRandom());
} catch (Exception e) {
throw new RuntimeException(e);
}
return ClientBuilder.newBuilder()
.sslContext(sslcontext)
.hostnameVerifier(createDummyHostnameVerifier())
.withConfig(clientConfig)
.build();
}
我正在使用 Jersey 2.6 来保持与 Java 6 的兼容性(某些应用程序在 Jboss 4 中是 运行)。
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-client</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-moxy</artifactId>
<version>2.6</version>
</dependency>
使用 Java 8 和 7 一切正常。使用 Java 6 我收到此错误:
21/07/2016 16:38:36 org.glassfish.jersey.client.ClientRequest writeEntity
SEVERE: Error while committing the request output stream.
javax.net.ssl.SSLException: Received fatal alert: unexpected_message
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1682)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:904)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
at org.glassfish.jersey.client.HttpUrlConnector.getOutputStream(HttpUrlConnector.java:312)
at org.glassfish.jersey.message.internal.CommittingOutputStream.commitStream(CommittingOutputStream.java:200)
at org.glassfish.jersey.message.internal.CommittingOutputStream.commitStream(CommittingOutputStream.java:194)
at org.glassfish.jersey.message.internal.CommittingOutputStream.commit(CommittingOutputStream.java:262)
at org.glassfish.jersey.message.internal.OutboundMessageContext.commitStream(OutboundMessageContext.java:812)
at org.glassfish.jersey.client.ClientRequest.writeEntity(ClientRequest.java:543)
at org.glassfish.jersey.client.HttpUrlConnector._apply(HttpUrlConnector.java:315)
at org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:227)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
at org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:671)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:667)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:423)
at org.glassfish.jersey.client.JerseyInvocation$Builder.put(JerseyInvocation.java:311)
at com.oki.casi.client.TesteLogin.testeLoginHttps(TesteLogin.java:79)
at com.oki.casi.client.TesteLogin.main(TesteLogin.java:58)
Exception in thread "main" javax.ws.rs.WebApplicationException: HTTP 500 Internal Server Error
at org.eclipse.persistence.jaxb.rs.MOXyJsonProvider.writeTo(MOXyJsonProvider.java:810)
at org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.invokeWriteTo(WriterInterceptorExecutor.java:263)
at org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.aroundWriteTo(WriterInterceptorExecutor.java:250)
at org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:162)
at org.glassfish.jersey.message.internal.MessageBodyFactory.writeTo(MessageBodyFactory.java:1154)
at org.glassfish.jersey.client.ClientRequest.writeEntity(ClientRequest.java:500)
at org.glassfish.jersey.client.HttpUrlConnector._apply(HttpUrlConnector.java:315)
at org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:227)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
at org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:671)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:667)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:423)
at org.glassfish.jersey.client.JerseyInvocation$Builder.put(JerseyInvocation.java:311)
at com.oki.casi.client.TesteLogin.testeLoginHttps(TesteLogin.java:79)
at com.oki.casi.client.TesteLogin.main(TesteLogin.java:58)
Caused by: javax.xml.bind.MarshalException
编辑:我正在尝试通过测试客户端访问两个服务器 Jboss 7.1.1 和 Wildfly 9.0.2 来解决这个问题。
在 Jboss 7 中,我可以让客户端使用 https 将协议从 TLSv1 更改为 SSL:
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="ciac-ssl" key-alias="ciac-cert" password="123456" certificate-key-file="../standalone/configuration/ciac-cert.keystore" protocol="SSL"/>
</connector>
如何在 Wildfly 中更改此配置?
如果我理解正确,您在 Java 下运行的客户端应用程序中会得到 SSLException 6. 在此客户端中,您正尝试访问托管在 Wildfly 9 上的服务,该服务正在使用Java 7 或更高。这意味着服务器正在使用不同的安全机制。 I stumbled upon the same earlier 正如您所见,post 也没有结论。
如果您考虑一下,这很有意义,为什么开发人员可以创建使用过时且不安全的安全机制的服务?
最终我们决定进行 JDK 更新。您也可以尝试在 JDK7 下托管 JBoss 4。例如 here 您可以找到一些关于该主题的有趣文章。
我是 运行 Wildfly 9 上的 REST 服务,使用 https 和使用此
为了绕过 ssl 验证,我使用了这个代码:
public static Client createIgnoreSSLClient() {
ClientConfig clientConfig = new ClientConfig();
clientConfig.connectorProvider(new HttpUrlConnectorProvider());
SSLContext sslcontext;
try {
sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(null, new TrustManager[]{new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
}}, new java.security.SecureRandom());
} catch (Exception e) {
throw new RuntimeException(e);
}
return ClientBuilder.newBuilder()
.sslContext(sslcontext)
.hostnameVerifier(createDummyHostnameVerifier())
.withConfig(clientConfig)
.build();
}
我正在使用 Jersey 2.6 来保持与 Java 6 的兼容性(某些应用程序在 Jboss 4 中是 运行)。
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-client</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-moxy</artifactId>
<version>2.6</version>
</dependency>
使用 Java 8 和 7 一切正常。使用 Java 6 我收到此错误:
21/07/2016 16:38:36 org.glassfish.jersey.client.ClientRequest writeEntity
SEVERE: Error while committing the request output stream.
javax.net.ssl.SSLException: Received fatal alert: unexpected_message
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1682)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:904)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
at org.glassfish.jersey.client.HttpUrlConnector.getOutputStream(HttpUrlConnector.java:312)
at org.glassfish.jersey.message.internal.CommittingOutputStream.commitStream(CommittingOutputStream.java:200)
at org.glassfish.jersey.message.internal.CommittingOutputStream.commitStream(CommittingOutputStream.java:194)
at org.glassfish.jersey.message.internal.CommittingOutputStream.commit(CommittingOutputStream.java:262)
at org.glassfish.jersey.message.internal.OutboundMessageContext.commitStream(OutboundMessageContext.java:812)
at org.glassfish.jersey.client.ClientRequest.writeEntity(ClientRequest.java:543)
at org.glassfish.jersey.client.HttpUrlConnector._apply(HttpUrlConnector.java:315)
at org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:227)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
at org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:671)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:667)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:423)
at org.glassfish.jersey.client.JerseyInvocation$Builder.put(JerseyInvocation.java:311)
at com.oki.casi.client.TesteLogin.testeLoginHttps(TesteLogin.java:79)
at com.oki.casi.client.TesteLogin.main(TesteLogin.java:58)
Exception in thread "main" javax.ws.rs.WebApplicationException: HTTP 500 Internal Server Error
at org.eclipse.persistence.jaxb.rs.MOXyJsonProvider.writeTo(MOXyJsonProvider.java:810)
at org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.invokeWriteTo(WriterInterceptorExecutor.java:263)
at org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.aroundWriteTo(WriterInterceptorExecutor.java:250)
at org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:162)
at org.glassfish.jersey.message.internal.MessageBodyFactory.writeTo(MessageBodyFactory.java:1154)
at org.glassfish.jersey.client.ClientRequest.writeEntity(ClientRequest.java:500)
at org.glassfish.jersey.client.HttpUrlConnector._apply(HttpUrlConnector.java:315)
at org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:227)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
at org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:671)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:667)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:423)
at org.glassfish.jersey.client.JerseyInvocation$Builder.put(JerseyInvocation.java:311)
at com.oki.casi.client.TesteLogin.testeLoginHttps(TesteLogin.java:79)
at com.oki.casi.client.TesteLogin.main(TesteLogin.java:58)
Caused by: javax.xml.bind.MarshalException
编辑:我正在尝试通过测试客户端访问两个服务器 Jboss 7.1.1 和 Wildfly 9.0.2 来解决这个问题。
在 Jboss 7 中,我可以让客户端使用 https 将协议从 TLSv1 更改为 SSL:
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="ciac-ssl" key-alias="ciac-cert" password="123456" certificate-key-file="../standalone/configuration/ciac-cert.keystore" protocol="SSL"/>
</connector>
如何在 Wildfly 中更改此配置?
如果我理解正确,您在 Java 下运行的客户端应用程序中会得到 SSLException 6. 在此客户端中,您正尝试访问托管在 Wildfly 9 上的服务,该服务正在使用Java 7 或更高。这意味着服务器正在使用不同的安全机制。 I stumbled upon the same earlier 正如您所见,post 也没有结论。
如果您考虑一下,这很有意义,为什么开发人员可以创建使用过时且不安全的安全机制的服务?
最终我们决定进行 JDK 更新。您也可以尝试在 JDK7 下托管 JBoss 4。例如 here 您可以找到一些关于该主题的有趣文章。