web-services – java webservice客户端中的握手异常

概述我正在尝试为安全的https连接实现webclient.我导入了服务器证书并将其添加到 java密钥库.但是当我尝试运行客户端时,我得到以下例外： – Oct 18, 2013 3:25:25 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging WARNING: Interceptor for {http://tempu 我正在尝试为安全的https连接实现webclIEnt.我导入了服务器证书并将其添加到 java密钥库.但是当我尝试运行客户端时,我得到以下例外： –

Oct 18,2013 3:25:25 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging WARNING: Interceptor for {http://tempuri.org/}Service#{http://tempuri.org/}GetUserinformation has thrown exception,unwinding Now org.apache.cxf.interceptor.Fault: Could not send Message.    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)    at org.apache.cxf.endpoint.ClIEntImpl.doInvoke(ClIEntImpl.java:565)    at org.apache.cxf.endpoint.ClIEntImpl.invoke(ClIEntImpl.java:474)    at org.apache.cxf.endpoint.ClIEntImpl.invoke(ClIEntImpl.java:377)    at org.apache.cxf.endpoint.ClIEntImpl.invoke(ClIEntImpl.java:330)    at org.apache.cxf.frontend.ClIEntProxy.invokeSync(ClIEntProxy.java:96)    at org.apache.cxf.jaxws.JaxWsClIEntProxy.invoke(JaxWsClIEntProxy.java:135)    at $Proxy29.getUserinformation(UnkNown Source)    at org.tempuri.ServiceSoap_ServiceSoap_ClIEnt.main(ServiceSoap_ServiceSoap_ClIEnt.java:78)Caused by: java.io.IOException: IOException invoking myurl/**/**/asmx: The https URL hostname does not match the Common name (CN) on the server certificate in the clIEnt's truststore.  Make sure server certificate is correct,or to disable this check (NOT recommended for production) set the CXF clIEnt TLS configuration property "disableCNCheck" to true.    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)    at sun.reflect.NativeConstructorAccessorImpl.newInstance(UnkNown Source)    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(UnkNown Source)    at java.lang.reflect.Constructor.newInstance(UnkNown Source)    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.mapException(httpConduit.java:1338)    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.close(httpConduit.java:1322)    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)    at org.apache.cxf.transport.http.httpConduit.close(httpConduit.java:627)    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)    ... 9 moreCaused by: java.io.IOException: The https URL hostname does not match the Common name (CN) on the server certificate in the clIEnt's truststore.  Make sure server certificate is correct,or to disable this check (NOT recommended for production) set the CXF clIEnt TLS configuration property "disableCNCheck" to true.    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.onFirstWrite(httpConduit.java:1241)   at org.apache.cxf.transport.http.URLConnectionhttpConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionhttpConduit.java:195)    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.close(httpConduit.java:1295)    ... 12 moreException in thread "main" javax.xml.ws.WebServiceException: Could not send Message.    at org.apache.cxf.jaxws.JaxWsClIEntProxy.invoke(JaxWsClIEntProxy.java:146)    at $Proxy29.getUserinformation(UnkNown Source)    at org.tempuri.ServiceSoap_ServiceSoap_ClIEnt.main(ServiceSoap_ServiceSoap_ClIEnt.java:78)Caused by: java.io.IOException: IOException invoking myurl/**/**/asmx: The https URL hostname does not match the Common name (CN) on the server certificate in the clIEnt's truststore.  Make sure server certificate is correct,or to disable this check (NOT recommended for production) set the CXF clIEnt TLS configuration property "disableCNCheck" to true.    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)    at sun.reflect.NativeConstructorAccessorImpl.newInstance(UnkNown Source)    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(UnkNown Source)    at java.lang.reflect.Constructor.newInstance(UnkNown Source)    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.mapException(httpConduit.java:1338)    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.close(httpConduit.java:1322)    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)    at org.apache.cxf.transport.http.httpConduit.close(httpConduit.java:627)    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)    at org.apache.cxf.endpoint.ClIEntImpl.doInvoke(ClIEntImpl.java:565)    at org.apache.cxf.endpoint.ClIEntImpl.invoke(ClIEntImpl.java:474)    at org.apache.cxf.endpoint.ClIEntImpl.invoke(ClIEntImpl.java:377)    at org.apache.cxf.endpoint.ClIEntImpl.invoke(ClIEntImpl.java:330)    at org.apache.cxf.frontend.ClIEntProxy.invokeSync(ClIEntProxy.java:96)    at org.apache.cxf.jaxws.JaxWsClIEntProxy.invoke(JaxWsClIEntProxy.java:135)    ... 2 moreCaused by: java.io.IOException: The https URL hostname does not match the Common name (CN) on the server certificate in the clIEnt's truststore.  Make sure server certificate is correct,or to disable this check (NOT recommended for production) set the CXF clIEnt TLS configuration property "disableCNCheck" to true.    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.onFirstWrite(httpConduit.java:1241)    at org.apache.cxf.transport.http.URLConnectionhttpConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionhttpConduit.java:195)    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)    at org.apache.cxf.transport.http.httpConduit$WrappedOutputStream.close(httpConduit.java:1295)

有人可以帮我弄这个吗.提前致谢…

解决方法 根据您必须选择的CXF客户端的类型.如果您具有基于Spring的客户端配置,则必须向http：conduit配置添加属性：

<http:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit">    <http:tlsClIEntParameters disableCNCheck="true">       <!-- other tls configuration parameters,like trustManagers -->    </http:tlsClIEntParameters></http:conduit>

name必须匹配WSDL中的命名空间和端口名称.

如果您使用programmaticaly创建客户端,请使用以下代码：

httpConduit httpConduit = (httpConduit) ClIEntProxy.getClIEnt(port).getConduit();TLSClIEntParameters tlsCP = new TLSClIEntParameters();// other TLS/SSL configuration like setting up TrustManagerstlsCP.setdisableCNCheck(true);httpConduit.setTlsClIEntParameters(tlsCP);

其中port是您调用的实际客户端代理.

这两个选项都可以在CXF example that I modified here中找到

BTW.在生产环境中使用此属性存在真正的威胁,因此请考虑为生产服务器发布具有正确CN的新证书,而不是依赖于此Hack.

总结

以上是内存溢出为你收集整理的web-services – java webservice客户端中的握手异常全部内容，希望文章能够帮你解决web-services – java webservice客户端中的握手异常所遇到的程序开发问题。

如果觉得内存溢出网站内容还不错，欢迎将内存溢出网站推荐给程序员好友。