【发布时间】:2016-06-17 07:52:58
【问题描述】:
我正在用 Java 编写一个 JAX-WS 客户端。对 WebService 的访问受到客户端证书的保护。我知道客户端证书是正确的,因为只有在导入客户端证书(在 Firefox 中)时,我才能在 Firefox 中获取 WSDL。
但是我在编写应该使用 WebService 的 java 应用程序时遇到问题。我要做的是:
MyOwnService svc = new MyOwnService(getServerURL(), MYOWNSERVICE_QNAME);
...
...
private URL getServerURL() throws IOException {
URL url = new URL((String) cfg.get(ConfigData.SERVER_URL));
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
try {
con.setSSLSocketFactory(getFactory(new File("/etc/pki/wildfly/client.keystore"), "123456"));
} catch (Exception exc) {
throw new IOException("Client certificate error!", exc);
}
return url;
}
private SSLSocketFactory getFactory(File pKeyFile, String pKeyPassword )
throws ... {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance("PKCS12");
InputStream keyInput = new FileInputStream(pKeyFile);
keyStore.load(keyInput, pKeyPassword.toCharArray());
keyInput.close();
keyManagerFactory.init(keyStore, pKeyPassword.toCharArray());
SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
return context.getSocketFactory();
}
但这没有用。如果我运行它,我会在 MyOwnService 构造函数中得到以下异常
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty.
如何正确实现支持客户端认证的 JAX-WS 客户端?
【问题讨论】:
标签: java web-services soap jax-ws client-certificates