当我尝试在Weblogic中调用HTTPS服务时,出现了SSL握手失败的情况。我已经将服务器证书添加到Weblogic的信任存储-"cacerts"中。
在Weblogic启动脚本中添加信任存储的命令如下:
在Weblogic启动脚本中添加信任存储的命令如下:
JAVA_OPTIONS="-Dweblogic.security.SSL.trustedCAKeyStore="/weblogic92/server/lib/cacerts" ${JAVA_OPTIONS}"
导出JAVA_OPTIONS
我是否遗漏了其他内容 - 有没有解决此问题的指针?
使用SSLPoke.java在应用服务器框中测试ssl连接并且测试成功。
java -Djavax.net.ssl.trustStore=/weblogic92/server/lib/cacerts
-Djavax.net.ssl.trustStorePassword=changeit SSLPoke 192.16.2.6 8443
Weblogic服务器日志跟踪:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1628)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:230)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:224)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1027)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:120)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:574)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:510)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:888)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1117)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:629)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
keytool -v -list -keystore /weblogic92/server/lib/cacerts
命令时,你可以看到你的服务器吗?另外你也可以尝试使用-Djavax.net.ssl.trustStore=/weblogic92/server/lib/cacerts
。 - Display Name is missing