从 WebSphere 连接到受 SSL 证书保护的 WebService
我们有 WAS(Websphere Application Server)7 Web 服务,它是其他方 SSL 安全 Web 服务的某种代理。
当在 WAS 外部使用我们的 WebService(客户端)时(例如使用 eclipse),它将毫无问题地连接,但在 WAS 内部则不行。我还创建了测试服务,该服务使用函数打印其他方 WebService(服务器)wsdl。
public void testSSL() {
URL u;
InputStream is = null;
DataInputStream dis;
String s;
try {
System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
System.setProperty("javax.net.ssl.keyStore", "/home/..."); //path to jks certificate
System.setProperty("javax.net.ssl.keyStorePassword", "******");
System.setProperty("javax.net.ssl.requireClientAuth", "true");
u = new URL("https://...?WSDL");
is = u.openStream(); // throws an IOException
dis = new DataInputStream(new BufferedInputStream(is));
while ((s = dis.readLine()) != null) {
System.out.println(s);
}
} catch (MalformedURLException mue) {
System.out.println("Ouch - a MalformedURLException happened.");
mue.printStackTrace();
System.exit(1);
} catch (IOException ioe) {
System.out.println("Oops- an IOException happened.");
ioe.printStackTrace();
System.exit(1);
} finally {
try {
is.close();
} catch (IOException ioe) {
// just going to ignore this one
}
} // end of 'finally' clause
}
we have WAS (Websphere Application Server) 7 web service, that is somekind of proxy to other party SSL secured WebService.
When using our WebService (Client) outside WAS (for example using eclipse) it will connect with no problem, but not inside WAS. I have also created test service that is using function to print other party WebService (Server) wsdl.
public void testSSL() {
URL u;
InputStream is = null;
DataInputStream dis;
String s;
try {
System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
System.setProperty("javax.net.ssl.keyStore", "/home/..."); //path to jks certificate
System.setProperty("javax.net.ssl.keyStorePassword", "******");
System.setProperty("javax.net.ssl.requireClientAuth", "true");
u = new URL("https://...?WSDL");
is = u.openStream(); // throws an IOException
dis = new DataInputStream(new BufferedInputStream(is));
while ((s = dis.readLine()) != null) {
System.out.println(s);
}
} catch (MalformedURLException mue) {
System.out.println("Ouch - a MalformedURLException happened.");
mue.printStackTrace();
System.exit(1);
} catch (IOException ioe) {
System.out.println("Oops- an IOException happened.");
ioe.printStackTrace();
System.exit(1);
} finally {
try {
is.close();
} catch (IOException ioe) {
// just going to ignore this one
}
} // end of 'finally' clause
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您的问题可能是因为 Websphere 服务器不信任远程服务器的证书。如果您的本地测试是在 Windows 上进行的,它将使用与 Internet Explorer 使用的相同的密钥存储。
不要尝试使用 System.SetProperty() 在 Java 代码中配置密钥库,而是在 Websphere 管理控制台中的 Security > 下查看。 SSL证书和密钥管理>>密钥库和证书
您的 Java 代码很可能被服务器自己的配置覆盖。
如果您发布了您遇到的例外情况,那么提供建议会更容易。
Your issue is probably because the certificate of the remote server is not trusted by the Websphere server. If your local testing is on Windows it will be using the same key store as Internet Explorer uses.
Rather than trying to configure the keystore in your Java code using System.SetProperty() take a look in the Websphere Admin Console under Security > SSL certificate and key management > Key stores and certificates
Its likely that your Java code kis being overridden by the servers own configuration.
If you post the Exceptions you're getting it will be easier to advise.