Java ApacheCamel密钥库Jetty代理_Java_Proxy_Apache Camel_Jetty_Keystore

Java ApacheCamel密钥库Jetty代理

java proxy apache-camel jetty

Java ApacheCamel密钥库Jetty代理,java,proxy,apache-camel,jetty,keystore,Java,Proxy,Apache Camel,Jetty,Keystore,我正在为我的工作构建一个应用程序，遇到了一个我不知道如何解决的问题。我们正在创建一个骆驼码头代理，该代理应该连接到HTTPS网站。我们很容易就为不安全的站点设置了代理，但是现在我们在使用Camel和Jetty连接到安全网站时遇到了问题 org.apache.camel.CamelExchangeException: JettyClient failed cause by: General SSLEngine problem. Exchange[ID-jasonm-win7-53769-14975

我正在为我的工作构建一个应用程序，遇到了一个我不知道如何解决的问题。我们正在创建一个骆驼码头代理，该代理应该连接到HTTPS网站。我们很容易就为不安全的站点设置了代理，但是现在我们在使用Camel和Jetty连接到安全网站时遇到了问题

org.apache.camel.CamelExchangeException: JettyClient failed cause by: General SSLEngine problem. Exchange[ID-jasonm-win7-53769-1497563726897-0-1]. Caused by: [javax.net.ssl.SSLHandshakeException - General SSLEngine problem]
    at org.apache.camel.component.jetty9.JettyContentExchange9.doTaskCompleted(JettyContentExchange9.java:164)
    at org.apache.camel.component.jetty9.JettyContentExchange9.onConnectionFailed(JettyContentExchange9.java:130)
    at org.apache.camel.component.jetty9.JettyContentExchange9$1.onFailure(JettyContentExchange9.java:225)
    at org.eclipse.jetty.client.RequestNotifier.notifyFailure(RequestNotifier.java:253)
    at org.eclipse.jetty.client.RequestNotifier.notifyFailure(RequestNotifier.java:239)
    at org.eclipse.jetty.client.HttpSender.abort(HttpSender.java:541)
    at org.eclipse.jetty.client.HttpSender.anyToFailure(HttpSender.java:342)
    at org.eclipse.jetty.client.HttpSender$CommitCallback.failed(HttpSender.java:706)
    at org.eclipse.jetty.client.http.HttpSenderOverHTTP$HeadersCallback.failed(HttpSenderOverHTTP.java:280)
    at org.eclipse.jetty.io.WriteFlusher$PendingState.fail(WriteFlusher.java:260)
    at org.eclipse.jetty.io.WriteFlusher.onFail(WriteFlusher.java:482)
    at org.eclipse.jetty.io.AbstractEndPoint.close(AbstractEndPoint.java:120)
    at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.close(SslConnection.java:974)
    at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:678)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:114)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:70)
    at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:90)
    at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:115)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
    at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:202)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
    at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
    at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
    at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1364)
    at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:529)
    at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:807)
    at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:775)
    at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
    at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:525)
    ... 16 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1708)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:303)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:295)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1369)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:156)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:925)
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:865)
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:862)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1302)
    at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:630)
    ... 16 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
    at sun.security.validator.Validator.validate(Validator.java:260)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:281)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1356)
    ... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
    ... 29 more

经审查，我们发现这是因为我们不接受证书。因此，我们在网上找到了这段代码，它接收*.jks文件并允许安全连接

private void configureSslForJetty()
{
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource("c:\\Projects\\blah\\fakefilter.jks");
    ksp.setPassword("123456");

    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyStore(ksp);
    kmp.setKeyPassword("export-password");

    SSLContextParameters scp = new SSLContextParameters();
    scp.setKeyManagers(kmp);

    JettyHttpComponent jettyComponent = getContext().getComponent("jetty", JettyHttpComponent.class);
    jettyComponent.setSslContextParameters(scp);
}

private void configureSslForHttp4()
{
    KeyStoreParameters trust_ksp = new KeyStoreParameters();
    trust_ksp.setResource("c:\\Projects\\blah\\fakeca.jks");
    trust_ksp.setPassword("123456");

    TrustManagersParameters trustp = new TrustManagersParameters();
    trustp.setKeyStore(trust_ksp);

    SSLContextParameters scp = new SSLContextParameters();
    scp.setTrustManagers(trustp);

    HttpComponent httpComponent = getContext().getComponent("https4", HttpComponent.class);
    httpComponent.setSslContextParameters(scp);
}

我们不了解的问题是，我不知道*.jks文件来自哪里，也不知道密码来自哪里。这些信息在哪里？是否有一个相对路径可以让我获得*.jks文件

通过运行javaskeytool，您可以将证书插入Java的密钥库，这将解决找不到证书的问题。不需要密钥库代码

谷歌提供了更多关于Java SSL和证书的信息。JKS是Java密钥库。