HTTP传输错误:javax.net.ssl.SSLHandshakeException with WSO2 DSS
我使用JDeveloper 11.1.2.3.0从WSO2 DSS创建了一个Web服务客户端和代理 使用UsernameToken保护我的数据服务(基本场景) 这是我的客户代码:HTTP传输错误:javax.net.ssl.SSLHandshakeException with WSO2 DSS,wso2,wso2dss,Wso2,Wso2dss,我使用JDeveloper 11.1.2.3.0从WSO2 DSS创建了一个Web服务客户端和代理 使用UsernameToken保护我的数据服务(基本场景) 这是我的客户代码: package pmis.wsdl2; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.List; import java.util.Map; import javax.annotati
package pmis.wsdl2;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.annotation.Generated;
import javax.xml.ws.BindingProvider;
import weblogic.security.SSL.TrustManager;
import weblogic.wsee.security.bst.ClientBSTCredentialProvider;
import weblogic.wsee.security.saml.SAMLTrustCredentialProvider;
import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
import weblogic.wsee.security.util.CertUtils;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.provider.CredentialProvider;
// This source file is generated by Oracle tools.
// Contents may be subject to change.
// For reporting problems, use the following:
// Generated by Oracle JDeveloper 11g Release 2 11.1.2.3.0.6276
public class SecureSOAP11EndpointClient {
public static void main(String[] args) {
IAWSDLREGISTRATIONDataService iAWSDLREGISTRATIONDataService = new IAWSDLREGISTRATIONDataService();
IAWSDLREGISTRATIONDataServicePortType iAWSDLREGISTRATIONDataServicePortType =
iAWSDLREGISTRATIONDataService.getSecureSOAP11Endpoint();
String username = "admin";
String password = "admin";
String clientKeyStore = "d:/wso2keystore.jks";
String clientKeyStorePass = "mypkpassword";
String clientKeyAlias = "wso2cert";
String clientKeyPass = "mypkpassword";
String serverCertFile = "d:/wso2cert.cer";
List credProviders = new ArrayList();
//use x509 to secure wssc handshake
try {
X509Certificate serverCert = (X509Certificate)CertUtils.getCertificate(serverCertFile);
CredentialProvider cp =
new ClientBSTCredentialProvider(clientKeyStore, clientKeyStorePass, clientKeyAlias, clientKeyPass,
"JKS", serverCert);
credProviders.add(cp);
cp = new ClientUNTCredentialProvider(username.getBytes(), password.getBytes());
credProviders.add(cp);
Map<String, Object> rc = ((BindingProvider)iAWSDLREGISTRATIONDataServicePortType).getRequestContext();
rc.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
rc.put(WSSecurityContext.TRUST_MANAGER, new TrustManager() {
public boolean certificateCallback(X509Certificate[] chain, int validateErr) {
return true;
}
});
iAWSDLREGISTRATIONDataServicePortType.selectAllIAWSDLREGISTRATIONOperation();
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
我已按以下方式创建了我的证书:
keytool -genkey -alias wso2cert -keyalg RSA -keysize 1024 -keypass mypkpassword -keystore wso2keystore.jks -storepass mypkpassword
keytool -export -alias wso2cert -keystore wso2keystore.jks -storepass mypkpassword -file wso2cert.cer
keytool -import -alias wso2newcert -file wso2cert.cer -keystore client-truststore.jks -storepass wso2carbon
请建议我,我如何调用?UsernameToken+SSL。
是否还需要其他步骤
问候,,
Eba导入新证书后,应编辑carbon.xml以指向密钥库路径
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
${carbon.home}/repository/resources/security/wso2carbon.jks
是的,我已经编辑过了。但我还是犯了同样的错误。请为我提供一些在SSL中从java客户端调用安全DSS的教程。请为我提供如何创建客户端密钥库和服务器证书文件。还有,如何导入到服务器密钥库?请查看本文。
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>