2,633
社区成员
发帖
与我相关
我的任务
分享跪求No trusted certificate found解决方案
调用交通银行支付接口查询
String srcUrl = "https://ebank.95559.com.cn/corporbank/NsTrans?dse_operationName=cb2202_queryOrderOp&reqData=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22gb2312%22%3F%3E%3CBOCOMB2C%3E%3CopName%3Ecb2202_queryOrderOp%3C%2FopName%3E%3CreqParam%3E%3CmerchantID%3E301440360129520%3C%2FmerchantID%3E%3Cnumber%3E1%3C%2Fnumber%3E%3Cdetail%3E1%3C%2Fdetail%3E%3Corders%3EC20091030000001%3C%2Forders%3E%3C%2FreqParam%3E%3C%2FBOCOMB2C%3E&signData=MIIE%2FgYJKoZIhvcNAQcCoIIE7zCCBOsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA%2BUwggPhMIICyaADAgECAgRMXdLhMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEQMA4GA1UEAxMHQk9DT01DQTAeFw0wOTA5MjIwNzMxMzhaFw0xMTA5MjIwNzMxMzhaMIGAMQswCQYDVQQGEwJDTjEUMBIGA1UEChMLQkFOS0NPTU0gQ0ExETAPBgNVBAsTCEJBTktDT01NMRIwEAYDVQQLEwlNZXJjaGFudHMxNDAyBgNVBAMTKzA0MEAwMTQ0MDQwMDAwMDE1MjcxNkBbMzAxNDQwMzYwMTI5NTIwXUAwMDAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALglwOl2sLwGJ8JiaHp4DtjVygLat2b6ZEvk7qD2heCbpB1CVwhFRvXD8v7Ly%2FQgxjG3G4Z6RuT51f2DLuDACIDTreFTxCvRQIxQA3OYGVnqyq3CC3Qc5kYy6olGGpPYAnoODADchG7jiAFDqU%2FPpvEUuMmhUENoxzIllxQMgSwRAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBTSs9GxOUepN3l34yRNY7X4QsuZczBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly8xOTIuMTY4LjMuMTEwL2Nwcy5odG0wVgYDVR0fBE8wTTBLoEmgR6RFMEMxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEMMAoGA1UECxMDY3JsMRAwDgYDVQQDEwdjcmwzODc1MAwGA1UdDwQFAwMH%2BYAwHQYDVR0OBBYEFAf4PbwEuZqX6aIT4iXipwUfSsMEMA0GCSqGSIb3DQEBBQUAA4IBAQB1lgHmpF6591tUOWmOa61DkJd8ZoV0yk5P2Fl6heGXowH0SUEtIU38m4TTYEEtNYnylbo5XlhhBc0k99lMEXh0gzNhUvmKhnbviHDYzVLNNsF1idRNfqc9rQhrPDoFgJXKqI0cdHAY4%2B27fahfwmiRGVB3SmVekvBloAQFdD4FGEpwI3aB2ITbIisFZbSL70loX9PYj57OLxv4SMm5j1Sx58ZWrOcndOm4cx6TMh6wFK4hB0PqR1h05n45geJlhbTifkewBcOLcIvoK4S8cbrfVMAURHDJDLTcDfIcFUPMxlSaI4JPM3sbtM9VMLngupGv%2BvSKWh8SuL1EPPjgtDhEMYHiMIHfAgEBMD0wNTELMAkGA1UEBhMCQ04xFDASBgNVBAoTC0JBTktDT01NIENBMRAwDgYDVQQDEwdCT0NPTUNBAgRMXdLhMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYAUEnRCOKov%2FkGrYni6fUQaMgZX%2BYCXkLMwGwG%2F0vzmr%2B%2FYPYCc78pkRgI8v%2FFskIXmtSjAeyG3VlytV%2Bq15ZWK1c3RcXWO6DDQGo7MJYAqZ37CwHsx%2Fgy%2B9bp6AizZFW9StGSAw0UEsR5kEEyr8urpr56phWM9vWjxFPIqaurY1w%3D%3D";
===========================简化后的相关代码==================
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
HttpURLConnection connection = null;
InputStream in = null;
URL url = new URL(srcUrl);
connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
in = connection.getInputStream();
in.read(,,,,);
===============================================================
以上程序在开发环境(SUN JDK1.5 + Tomcat5.0)上可以正常运行,获得反馈结果。
部署到生产环境(Ibm JDK1.5 + WebSpere),报异常
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found
at com.ibm.jsse2.n.a(n.java:17)
at com.ibm.jsse2.jc.a(jc.java:541)
at com.ibm.jsse2.db.a(db.java:403)
at com.ibm.jsse2.db.a(db.java:278)
at com.ibm.jsse2.eb.a(eb.java:137)
at com.ibm.jsse2.eb.a(eb.java:157)
at com.ibm.jsse2.db.m(db.java:243)
at com.ibm.jsse2.db.a(db.java:280)
at com.ibm.jsse2.jc.a(jc.java:104)
at com.ibm.jsse2.jc.g(jc.java:470)
at com.ibm.jsse2.jc.a(jc.java:284)
at com.ibm.jsse2.jc.startHandshake(jc.java:172)
at com.ibm.net.ssl.www2.protocol.https.b.afterConnect(b.java:65)
at com.ibm.net.ssl.www2.protocol.https.c.connect(c.java:3)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:942)
at sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:1895)
at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:585)
at java.net.URLConnection.getContentLength(URLConnection.java:480)
at com.ibm.net.ssl.www2.protocol.https.a.getContentLength(a.java:28)
String srcUrl = "https://ebank.95559.com.cn/corporbank/NsTrans?dse_operationName=cb2202_queryOrderOp&reqData=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22gb2312%22%3F%3E%3CBOCOMB2C%3E%3CopName%3Ecb2202_queryOrderOp%3C%2FopName%3E%3CreqParam%3E%3CmerchantID%3E301440360129520%3C%2FmerchantID%3E%3Cnumber%3E1%3C%2Fnumber%3E%3Cdetail%3E1%3C%2Fdetail%3E%3Corders%3EC20091030000001%3C%2Forders%3E%3C%2FreqParam%3E%3C%2FBOCOMB2C%3E&signData=MIIE%2FgYJKoZIhvcNAQcCoIIE7zCCBOsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA%2BUwggPhMIICyaADAgECAgRMXdLhMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEQMA4GA1UEAxMHQk9DT01DQTAeFw0wOTA5MjIwNzMxMzhaFw0xMTA5MjIwNzMxMzhaMIGAMQswCQYDVQQGEwJDTjEUMBIGA1UEChMLQkFOS0NPTU0gQ0ExETAPBgNVBAsTCEJBTktDT01NMRIwEAYDVQQLEwlNZXJjaGFudHMxNDAyBgNVBAMTKzA0MEAwMTQ0MDQwMDAwMDE1MjcxNkBbMzAxNDQwMzYwMTI5NTIwXUAwMDAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALglwOl2sLwGJ8JiaHp4DtjVygLat2b6ZEvk7qD2heCbpB1CVwhFRvXD8v7Ly%2FQgxjG3G4Z6RuT51f2DLuDACIDTreFTxCvRQIxQA3OYGVnqyq3CC3Qc5kYy6olGGpPYAnoODADchG7jiAFDqU%2FPpvEUuMmhUENoxzIllxQMgSwRAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBTSs9GxOUepN3l34yRNY7X4QsuZczBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly8xOTIuMTY4LjMuMTEwL2Nwcy5odG0wVgYDVR0fBE8wTTBLoEmgR6RFMEMxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEMMAoGA1UECxMDY3JsMRAwDgYDVQQDEwdjcmwzODc1MAwGA1UdDwQFAwMH%2BYAwHQYDVR0OBBYEFAf4PbwEuZqX6aIT4iXipwUfSsMEMA0GCSqGSIb3DQEBBQUAA4IBAQB1lgHmpF6591tUOWmOa61DkJd8ZoV0yk5P2Fl6heGXowH0SUEtIU38m4TTYEEtNYnylbo5XlhhBc0k99lMEXh0gzNhUvmKhnbviHDYzVLNNsF1idRNfqc9rQhrPDoFgJXKqI0cdHAY4%2B27fahfwmiRGVB3SmVekvBloAQFdD4FGEpwI3aB2ITbIisFZbSL70loX9PYj57OLxv4SMm5j1Sx58ZWrOcndOm4cx6TMh6wFK4hB0PqR1h05n45geJlhbTifkewBcOLcIvoK4S8cbrfVMAURHDJDLTcDfIcFUPMxlSaI4JPM3sbtM9VMLngupGv%2BvSKWh8SuL1EPPjgtDhEMYHiMIHfAgEBMD0wNTELMAkGA1UEBhMCQ04xFDASBgNVBAoTC0JBTktDT01NIENBMRAwDgYDVQQDEwdCT0NPTUNBAgRMXdLhMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYAUEnRCOKov%2FkGrYni6fUQaMgZX%2BYCXkLMwGwG%2F0vzmr%2B%2FYPYCc78pkRgI8v%2FFskIXmtSjAeyG3VlytV%2Bq15ZWK1c3RcXWO6DDQGo7MJYAqZ37CwHsx%2Fgy%2B9bp6AizZFW9StGSAw0UEsR5kEEyr8urpr56phWM9vWjxFPIqaurY1w%3D%3D";
===========================简化后的相关代码==================
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
HttpURLConnection connection = null;
InputStream in = null;
URL url = new URL(srcUrl);
connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
in = connection.getInputStream();
in.read(,,,,);
===============================================================
以上程序在开发环境(SUN JDK1.5 + Tomcat5.0)上可以正常运行,获得反馈结果。
部署到生产环境(Ibm JDK1.5 + WebSpere),报异常
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found
at com.ibm.jsse2.n.a(n.java:17)
at com.ibm.jsse2.jc.a(jc.java:541)
at com.ibm.jsse2.db.a(db.java:403)
at com.ibm.jsse2.db.a(db.java:278)
at com.ibm.jsse2.eb.a(eb.java:137)
at com.ibm.jsse2.eb.a(eb.java:157)
at com.ibm.jsse2.db.m(db.java:243)
at com.ibm.jsse2.db.a(db.java:280)
at com.ibm.jsse2.jc.a(jc.java:104)
at com.ibm.jsse2.jc.g(jc.java:470)
at com.ibm.jsse2.jc.a(jc.java:284)
at com.ibm.jsse2.jc.startHandshake(jc.java:172)
at com.ibm.net.ssl.www2.protocol.https.b.afterConnect(b.java:65)
at com.ibm.net.ssl.www2.protocol.https.c.connect(c.java:3)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:942)
at sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:1895)
at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:585)
at java.net.URLConnection.getContentLength(URLConnection.java:480)
at com.ibm.net.ssl.www2.protocol.https.a.getContentLength(a.java:28)
...全文
请发表友善的回复…
发表回复
Sky20 2010-01-13
- 打赏
- 举报
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
RiboseYim 2009-12-16
- 打赏
- 举报
我的解决方案,但是对其中原理不是很明白,请大家讨论
我主要是参考了sun.com上的一篇帖子,路径一时没找到,以后贴出。
新写一个方法,如下:
public static void trustAllHttpsCertificates() {
// Create a trust manager that does not validate certificate chains:
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new MyTrustManager();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext context;
try {
context = javax.net.ssl.SSLContext.getInstance("SSL");
context.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(context
.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
System.out.println("Warning: URL Host: " + urlHostName
+ " vs. " + session.getPeerHost());
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
下面是调用的方法
public void sendAndReceive(String url){
HttpURLConnection connection = null;
InputStream in = null;
try {
URL url = new URL(srcUrl);
connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
connection.setReadTimeout(10000);
connection.connect();
int contentLen = connection.getContentLength();
in = connection.getInputStream();
。。。。。。。
}
我主要是参考了sun.com上的一篇帖子,路径一时没找到,以后贴出。
新写一个方法,如下:
public static void trustAllHttpsCertificates() {
// Create a trust manager that does not validate certificate chains:
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new MyTrustManager();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext context;
try {
context = javax.net.ssl.SSLContext.getInstance("SSL");
context.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(context
.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
System.out.println("Warning: URL Host: " + urlHostName
+ " vs. " + session.getPeerHost());
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
下面是调用的方法
public void sendAndReceive(String url){
HttpURLConnection connection = null;
InputStream in = null;
try {
URL url = new URL(srcUrl);
connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
connection.setReadTimeout(10000);
connection.connect();
int contentLen = connection.getContentLength();
in = connection.getInputStream();
。。。。。。。
}
woaimmwwyy 2009-12-16
- 打赏
- 举报
兄弟,威哥顶一下,赐予你superMen的力量
明天你就解决了
明天你就解决了
anchor 2009-12-10
- 打赏
- 举报
顶下,关注正解
RiboseYim 2009-11-24
- 打赏
- 举报
问题已于不懈的努力下解决,请大家回帖讨论。
dengj1990 2009-11-12
- 打赏
- 举报
我顶
RiboseYim 2009-11-12
- 打赏
- 举报
补充说明,已将交行提供的root.cer导入到WebSpere运行依赖的JVM下的cacerts文件中
RiboseYim 2009-11-12
- 打赏
- 举报
第二修改方案,指定密钥库、信任库。结果:失败。异常同顶楼。
public SSLSocketFactory getSSLSocketFactory() {
SSLSocketFactory sslSocketFactory = null;
String keystore = ".....";
String truststore = ".....";
String keypass="....";
try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystore), keypass.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("IbmX509");
kmf.init(ks,keypass.toCharArray());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(truststore),trustpass.toCharArray());
TrustManager[] tm;
TrustManagerFactory tmf = TrustManagerFactory.getInstance("IbmPKIX");
tmf.init(ts);
tm = tmf.getTrustManagers();
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(kmf.getKeyManagers(), tm, null);
sslSocketFactory = sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
}
return sslSocketFactory;
}
public String sendAndReceive(String srcUrl) {
SSLSocketFactory factory = getSSLSocketFactory();
HttpsURLConnection connection = null;
InputStream in = null;
URL url = new URL(srcUrl);
connection = (HttpsURLConnection) url.openConnection();
connection.setSSLSocketFactory(factory);
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
int contentLen = connection.getContentLength();
in = connection.getInputStream();
in.read(,,,,);
public SSLSocketFactory getSSLSocketFactory() {
SSLSocketFactory sslSocketFactory = null;
String keystore = ".....";
String truststore = ".....";
String keypass="....";
try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystore), keypass.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("IbmX509");
kmf.init(ks,keypass.toCharArray());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(truststore),trustpass.toCharArray());
TrustManager[] tm;
TrustManagerFactory tmf = TrustManagerFactory.getInstance("IbmPKIX");
tmf.init(ts);
tm = tmf.getTrustManagers();
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(kmf.getKeyManagers(), tm, null);
sslSocketFactory = sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
}
return sslSocketFactory;
}
public String sendAndReceive(String srcUrl) {
SSLSocketFactory factory = getSSLSocketFactory();
HttpsURLConnection connection = null;
InputStream in = null;
URL url = new URL(srcUrl);
connection = (HttpsURLConnection) url.openConnection();
connection.setSSLSocketFactory(factory);
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
int contentLen = connection.getContentLength();
in = connection.getInputStream();
in.read(,,,,);
RiboseYim 2009-11-12
- 打赏
- 举报
第一修改方案,在执行查询之前,指定Provider、系统属性,结果:失败。异常信息同楼上。
Security.addProvider(new com.ibm.jsse.IBMJSSEProvider());
System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
Security.addProvider(new com.ibm.jsse.IBMJSSEProvider());
System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
