Java &引用;SunX509 TrustManagerFactory不可用“;在AIX上(SSL Web服务客户端)
JBoss 4.2.2容器中的Java组件尝试访问SSL Web服务,但出现异常(不重要,功能正常,从SSL Web服务检索响应) 操作系统:AIX 爪哇:Java &引用;SunX509 TrustManagerFactory不可用“;在AIX上(SSL Web服务客户端),java,web-services,ssl,aix,x509,Java,Web Services,Ssl,Aix,X509,JBoss 4.2.2容器中的Java组件尝试访问SSL Web服务,但出现异常(不重要,功能正常,从SSL Web服务检索响应) 操作系统:AIX 爪哇: > /usr/java6_64/bin/java -version java version "1.6.0" Java(TM) SE Runtime Environment (build pap6460sr9fp1-20110208_03(SR9 FP1)) IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9
> /usr/java6_64/bin/java -version
java version "1.6.0"
Java(TM) SE Runtime Environment (build pap6460sr9fp1-20110208_03(SR9 FP1))
IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 AIX ppc64-64 jvmap6460sr9-20110203_74623 (JIT enabled, AOT enabled)
J9VM - 20110203_074623
JIT - r9_20101028_17488ifx3
GC - 20101027_AA)
JCL - 20110203_01
代码:
连接是SOAPConnection
我得到以下日志输出:
2012-03-29 15:10:17,651 ERROR [org.jboss.remoting.transport.http.HTTPClientInvoker] (Thread-17) Error creating SSL Socket Factory for client invoker.
java.io.IOException: Error initializing socket factory SSL context: SunX509 TrustManagerFactory not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:230)
at javax.net.ssl.TrustManagerFactory.getInstance(TrustManagerFactory.java:11)
at org.jboss.remoting.security.SSLSocketBuilder.loadTrustManagers(SSLSocketBuilder.java:1407)
at org.jboss.remoting.security.SSLSocketBuilder.initializeSocketFactorySSLContext(SSLSocketBuilder.java:1326)
at org.jboss.remoting.security.SSLSocketBuilder.createCustomSocketFactory(SSLSocketBuilder.java:451)
at org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:431)
at org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:381)
at org.jboss.remoting.transport.http.ssl.HTTPSClientInvoker.createSocketFactory(HTTPSClientInvoker.java:140)
at org.jboss.remoting.RemoteClientInvoker.<init>(RemoteClientInvoker.java:46)
at org.jboss.remoting.transport.http.HTTPClientInvoker.<init>(HTTPClientInvoker.java:105)
at org.jboss.remoting.transport.https.TransportClientFactory.createClientInvoker(TransportClientFactory.java:39)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at org.jboss.remoting.InvokerRegistry.loadClientInvoker(InvokerRegistry.java:419)
at org.jboss.remoting.InvokerRegistry.createClientInvoker(InvokerRegistry.java:320)
at org.jboss.remoting.Client.connect(Client.java:459)
at org.jboss.ws.core.client.RemotingConnectionImpl.createRemotingClient(RemotingConnectionImpl.java:247)
at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:165)
at org.jboss.ws.core.client.SOAPRemotingConnection.invoke(SOAPRemotingConnection.java:77)
at org.jboss.ws.core.soap.SOAPConnectionImpl.callInternal(SOAPConnectionImpl.java:106)
at org.jboss.ws.core.soap.SOAPConnectionImpl.call(SOAPConnectionImpl.java:66)
at xxx.yyy.fooservice.FooServiceImpl.foo(FooServiceImpl.java:103)
at xxx.yyy.fooservice.FooAsyncRunner.run(FooAsyncRunner.java:31)
at java.lang.Thread.run(Thread.java:736)
。。。在JBoss 4.2.2启动之前,我遇到了以下异常:
2012-03-28 12:10:13,424 ERROR [org.jboss.remoting.transport.http.HTTPClientInvoker] (Thread-13) Error creating SSL Socket Factory for client invoker.
java.io.IOException: Error initializing socket factory SSL context: Can not find truststore url.
at org.jboss.remoting.security.SSLSocketBuilder.initializeSocketFactorySSLContext(SSLSocketBuilder.java:1340)
at org.jboss.remoting.security.SSLSocketBuilder.createCustomSocketFactory(SSLSocketBuilder.java:451)
at org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:431)
at org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:381)
at org.jboss.remoting.transport.http.ssl.HTTPSClientInvoker.createSocketFactory(HTTPSClientInvoker.java:140)
at org.jboss.remoting.RemoteClientInvoker.<init>(RemoteClientInvoker.java:46)
at org.jboss.remoting.transport.http.HTTPClientInvoker.<init>(HTTPClientInvoker.java:105)
at org.jboss.remoting.transport.https.TransportClientFactory.createClientInvoker(TransportClientFactory.java:39)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at org.jboss.remoting.InvokerRegistry.loadClientInvoker(InvokerRegistry.java:419)
at org.jboss.remoting.InvokerRegistry.createClientInvoker(InvokerRegistry.java:320)
at org.jboss.remoting.Client.connect(Client.java:459)
at org.jboss.ws.core.client.RemotingConnectionImpl.createRemotingClient(RemotingConnectionImpl.java:247)
at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:165)
at org.jboss.ws.core.client.SOAPRemotingConnection.invoke(SOAPRemotingConnection.java:77)
at org.jboss.ws.core.soap.SOAPConnectionImpl.callInternal(SOAPConnectionImpl.java:106)
at org.jboss.ws.core.soap.SOAPConnectionImpl.call(SOAPConnectionImpl.java:66)
at xxx.yyy.fooservice.FooServiceImpl.foo(FooServiceImpl.java:103)
at xxx.yyy.fooservice.FooAsyncRunner.run(FooAsyncRunner.java:31)
at java.lang.Thread.run(Thread.java:736)
2012-03-28 12:10:13424错误[org.jboss.remoting.transport.http.HTTPClientInvoker](线程-13)为客户端调用程序创建SSL套接字工厂时出错。
java.io.IOException:初始化套接字工厂SSL上下文时出错:找不到信任库url。
位于org.jboss.remoting.security.SSLSocketBuilder.initializeSocketFactorySSLContext(SSLSocketBuilder.java:1340)
位于org.jboss.remoting.security.SSLSocketBuilder.createCustomSocketFactory(SSLSocketBuilder.java:451)
位于org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:431)
位于org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:381)
位于org.jboss.remoting.transport.http.ssl.HTTPSClientInvoker.createSocketFactory(HTTPSClientInvoker.java:140)
位于org.jboss.remoting.RemoteClientInvoker。(RemoteClientInvoker.java:46)
位于org.jboss.remoting.transport.http.HTTPClientInvoker(HTTPClientInvoker.java:105)
位于org.jboss.remoting.transport.https.TransportClientFactory.createClientInvoker(TransportClientFactory.java:39)
在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)处
位于sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
在sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)中
位于java.lang.reflect.Method.invoke(Method.java:611)
位于org.jboss.remoting.InvokerRegistry.loadClientInvoker(InvokerRegistry.java:419)
位于org.jboss.remoting.InvokerRegistry.createClientInvoker(InvokerRegistry.java:320)
位于org.jboss.remoting.Client.connect(Client.java:459)
位于org.jboss.ws.core.client.RemotingConnectionImpl.createRemotingClient(RemotingConnectionImpl.java:247)
位于org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:165)
位于org.jboss.ws.core.client.SOAPRemotingConnection.invoke(SOAPRemotingConnection.java:77)
位于org.jboss.ws.core.soap.SOAPConnectionImpl.callInternal(SOAPConnectionImpl.java:106)
位于org.jboss.ws.core.soap.SOAPConnectionImpl.call(SOAPConnectionImpl.java:66)
位于xxx.yyy.fooservice.FooServiceImpl.foo(FooServiceImpl.java:103)
位于xxx.yyy.fooservice.fooancyrunner.run(fooancyrunner.java:31)
运行(Thread.java:736)
我该怎么做才能使这些异常消失?非常感谢您的帮助!提前感谢。对于IBM JVM,名称是IbmX509,而不是SunX509,这是JBoss使用的默认值,除非另有明确配置
有关详细信息,请参阅。搜索IbmX509。使用IBM JVM的名称,名称是IbmX509,而不是SunX509,这是JBoss使用的默认值,除非另有明确配置
有关详细信息,请参阅。搜索IbmX509。快速查看JBoss后,它尝试使用配置中的
org.JBoss.remoting.trustStoreAlgorithm
属性,返回到org.JBoss.remoting.keystrealGorithm
,然后返回到硬编码默认值SunX509
请注意,即使在Sun/Oracle JRE上,这也不是trust manager算法的默认值
我会将此作为bug/RFE报告给JBoss:它可能会退回到未设置任何内容时(这就是此方法的要点)
您可能必须在配置中明确设置其中一个属性,才能使用IBM的默认信任管理器算法,以防止它返回到这些硬编码的默认值。快速查看JBoss后,它尝试在配置中使用
org.JBoss.remoting.trustStoreAlgorithm
属性,返回到org.jboss.remoting.keystrealgorithm
,然后返回到硬编码默认值SunX509
请注意,即使在Sun/Oracle JRE上,这也不是trust manager算法的默认值
我会将此作为bug/RFE报告给JBoss:它可能会退回到未设置任何内容时(这就是此方法的要点)
您可能必须在配置中明确设置其中一个属性,才能使用IBM的默认信任管理器算法,以防止它返回到这些硬编码的默认值。是的,我怀疑其中的“Sun”指示出了什么问题。但是我的web服务代码根本没有指定关于HTTPS/SSL的任何内容,因此我非常好奇如何让系统在AIX上运行以用于更正类。我在$JAVA_HOME/jre/lib/security/JAVA.security中尝试了ssl.KeyManagerFactory.algorithm=IbmX509和ssl.TrustManagerFactory.algorithm=PKIX的各种设置,因此非常感谢提供某种特定的解决方案建议。我现在还尝试在server/default/jboss-service.xml()中指定配置,但没有任何运气。我怎样才能使这个错误消失?很抱歉没有注意到你对我答案的评论。我不知道为什么我没有这么做。是的,我怀疑里面的“太阳”暗示了什么是错的。但是我的web服务代码根本没有指定关于HTTPS/SSL的任何内容,因此我非常好奇如何让系统在AIX上运行以用于更正类。我在$JAVA_HOME/jre/lib/security/JAVA.security中尝试了ssl.KeyManagerFactory.algorithm=IbmX509和ssl.TrustManagerFactory.algorithm=PKIX的各种设置,因此非常感谢您提供某种特定的解决方案建议。我现在还尝试在server/default/jboss-service.xml()中指定配置,而不使用
export JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=$JAVA_HOME/jre/lib/security/cacerts -Djavax.net.ssl.trustStorePassword=foo"
2012-03-28 12:10:13,424 ERROR [org.jboss.remoting.transport.http.HTTPClientInvoker] (Thread-13) Error creating SSL Socket Factory for client invoker.
java.io.IOException: Error initializing socket factory SSL context: Can not find truststore url.
at org.jboss.remoting.security.SSLSocketBuilder.initializeSocketFactorySSLContext(SSLSocketBuilder.java:1340)
at org.jboss.remoting.security.SSLSocketBuilder.createCustomSocketFactory(SSLSocketBuilder.java:451)
at org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:431)
at org.jboss.remoting.security.SSLSocketBuilder.createSSLSocketFactory(SSLSocketBuilder.java:381)
at org.jboss.remoting.transport.http.ssl.HTTPSClientInvoker.createSocketFactory(HTTPSClientInvoker.java:140)
at org.jboss.remoting.RemoteClientInvoker.<init>(RemoteClientInvoker.java:46)
at org.jboss.remoting.transport.http.HTTPClientInvoker.<init>(HTTPClientInvoker.java:105)
at org.jboss.remoting.transport.https.TransportClientFactory.createClientInvoker(TransportClientFactory.java:39)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at org.jboss.remoting.InvokerRegistry.loadClientInvoker(InvokerRegistry.java:419)
at org.jboss.remoting.InvokerRegistry.createClientInvoker(InvokerRegistry.java:320)
at org.jboss.remoting.Client.connect(Client.java:459)
at org.jboss.ws.core.client.RemotingConnectionImpl.createRemotingClient(RemotingConnectionImpl.java:247)
at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:165)
at org.jboss.ws.core.client.SOAPRemotingConnection.invoke(SOAPRemotingConnection.java:77)
at org.jboss.ws.core.soap.SOAPConnectionImpl.callInternal(SOAPConnectionImpl.java:106)
at org.jboss.ws.core.soap.SOAPConnectionImpl.call(SOAPConnectionImpl.java:66)
at xxx.yyy.fooservice.FooServiceImpl.foo(FooServiceImpl.java:103)
at xxx.yyy.fooservice.FooAsyncRunner.run(FooAsyncRunner.java:31)
at java.lang.Thread.run(Thread.java:736)