(这是在Windows计算机上运行jboss eap7.0)生成一个jax-ws客户端以连接到外部Web服务。jboss eap使用https的jax-ws客户端失败
它使用的https与url的https://smartpayform.com/api/transaction/transaction.asmx
我导出了站点证书并插入到我创建的密钥库中。我找不到如何直接配置JBoss(在standalone.xml或CLI)足够的细节,所以我 发现了一些Java代码证书添加到JAX-WS客户:
SSLContext sc = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(new FileInputStream("C:\\Users\\amikaml\\.keystore"), certPassword.toCharArray());
kmf.init(ks, certPassword.toCharArray());
sc.init(kmf.getKeyManagers(), null, null);
binding.getRequestContext().put("com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory",sc.getSocketFactory());
运行代码,而不任何例外。当我执行SOAP调用时,我得到下面的错误。如果我尝试使用普通的旧的独立Java应用程序访问EAP以外的Web服务,它可以正常工作。我究竟做错了什么?
Caused by: java.net.SocketException: Unrecognized Windows Sockets error: 0: recv failed
at java.net.SocketInputStream.socketRead0(Native Method) ~[?:1.8.0_111]
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) ~[?:1.8.0_111]
at java.net.SocketInputStream.read(SocketInputStream.java:170) ~[?:1.8.0_111]
at java.net.SocketInputStream.read(SocketInputStream.java:141) ~[?:1.8.0_111]
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) ~[?:?]
at sun.security.ssl.InputRecord.read(InputRecord.java:503) ~[?:?]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) ~[?:?]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[?:?]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[?:?]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[?:?]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:?]
Caused by: java.net.SocketException: Unrecognized Windows Sockets error: 0: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
at java.net.SocketInputStream.read(SocketInputStream.java:170)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1316)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1291)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:236)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1319)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1279)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:267)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1332)
UPDATE 我在JBoss中打开完整的SSL调试日志记录。我看到了终点的加载证书:
Subject: CN=*.smartpayform.com, OU=Domain Control Validated
Issuer: CN=AlphaSSL CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE
Algorithm: RSA; Serial number: 0xc2d0a153e5915039e88cbf7
Valid from Mon Sep 05 12:33:58 EDT 2016 until Wed Sep 06 12:33:58 EDT 2017
,这里是插座错误的更完整的跟踪:
handling exception: java.net.SocketException: Unrecognized Windows Sockets error: 0: recv failed
SEND TLSv1.2 ALERT: fatal, description = unexpected_message
WRITE: TLSv1.2 Alert, length = 2
Exception sending alert: java.net.SocketException: Connection reset by peer: socket write error
called closeSocket()
called close()
called closeInternal(true)
下面的第一个三排从wireshark,显示不起作用的连接。您会注意到它正在使用SSL。第二组线是从soapui中运行相同的soap调用。你会看到它的客户端Hello有“TLSv1”。所以我猜这是问题,但不知道为什么。
都能跟得上。没有改变问题。 – OldProgrammer
看到这里 - https://stackoverflow.com/questions/45313201/tls1-2-support-in-jboss问题是一个jdk错误。 – OldProgrammer