使用 wsimport 时出现安全异常
我想从 wsdl 文件生成存根文件,该文件可通过带有自签名证书的 ssl 连接访问。
<exec executable="wsimport">
<arg value="-d" />
<arg value="${absolute.path.to.project}/gen" />
<arg value="-s" />
<arg value="${absolute.path.to.project}/src" />
<arg value="https://host:8443/wsrf/services/WS?wsdl" />
</exec>
当我在 ant 中执行此操作时,出现此错误:
generate-from-wsdl:
[exec] parsing WSDL...
[exec] [ERROR] sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[exec] Failed to read the WSDL document: https://192.168.56.101:8443/wsrf/services/KnowledgebaseWebservice?wsdl, because 1) could not find the document; /2) the document could not be read; 3) the root element of the document is not <wsdl:definitions>.
[exec] [ERROR] failed.noservice=Could not find wsdl:service in the provided WSDL(s):
[exec] At least one WSDL with at least one service definition needs to be provided.
[exec] Failed to parse the WSDL.
[exec] Result: 1
为了避免这种情况,我尝试
- 使用
keytool -importcert -file ~/path/server.crt导入 server.crt 文件 - 复制 server.crt到 $JAVA_HOME/lib/security
UPDATE
我也尝试过以下操作:
<wsimport wsdl="https://host:8443/Webservice?wsdl" destdir="gen"
sourcedestdir="src"
verbose="true">
<jvmarg value="-Djavax.net.ssl.trustStore=/path/host.cer" />
<jvmarg value="-Djavax.net.ssl.trustStorePassword=changeit" />
</wsimport>
我仍然收到此错误。我能做什么?
I want to generate stub files from a wsdl file which is reachable over a ssl connection with a self-signed certificate.
<exec executable="wsimport">
<arg value="-d" />
<arg value="${absolute.path.to.project}/gen" />
<arg value="-s" />
<arg value="${absolute.path.to.project}/src" />
<arg value="https://host:8443/wsrf/services/WS?wsdl" />
</exec>
When I execute this in ant, I get this error:
generate-from-wsdl:
[exec] parsing WSDL...
[exec] [ERROR] sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[exec] Failed to read the WSDL document: https://192.168.56.101:8443/wsrf/services/KnowledgebaseWebservice?wsdl, because 1) could not find the document; /2) the document could not be read; 3) the root element of the document is not <wsdl:definitions>.
[exec] [ERROR] failed.noservice=Could not find wsdl:service in the provided WSDL(s):
[exec] At least one WSDL with at least one service definition needs to be provided.
[exec] Failed to parse the WSDL.
[exec] Result: 1
To avoid this, I tried to
- Import the server.crt file with
keytool -importcert -file ~/path/server.crt - Copying the server.crt to $JAVA_HOME/lib/security
UPDATE
I've also tried the following:
<wsimport wsdl="https://host:8443/Webservice?wsdl" destdir="gen"
sourcedestdir="src"
verbose="true">
<jvmarg value="-Djavax.net.ssl.trustStore=/path/host.cer" />
<jvmarg value="-Djavax.net.ssl.trustStorePassword=changeit" />
</wsimport>
I still get this error. What could I do?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我认为您需要通过指定
-keystore/jre/lib/security/cacerts 将服务器证书导入到 JRE 的密钥库中。如果您坚持使用以前的命令行,我认为您需要为执行 Ant 的同一用户执行该命令。I think you will need to import the server cert into the JRE's keystore by specifying
-keystore <path_to>/jre/lib/security/cacerts. If you stick with your previous command line, I think you'll need to execute that command for the same user who executes Ant.我无法将证书导入到我的 /jre/lib/security/cacerts。
所以我最终采用了以下解决方法:
I cannot import cert to my /jre/lib/security/cacerts.
So I ended up with the following workaround: