67,513
社区成员
发帖
与我相关
我的任务
分享I have a trouble with ssl , and need your help ,thanks a lot!
Hello everyone!
I have a trouble with ssl , and need your help ,thanks a lot!
I use Tomcat4.0 + ssl + saop to translate data , get a Exception as below:
Error opening socket: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
Here is my simple code,I send data two time ,one is to 172.16.4.201,and other is to 172.16.4.62 . and when send to 201 ,use certification is "c:\\test\\myKeystore". When send to 62 ,use certification is c:\\test\\abc :
/** Here is the First send data */
Send send1 = Send.getInstance();
Info info1 = new Info();
info.setTransContent(“aaaaaaaaaaaaaa”);
info1.setCertificateKeyStore("c:\\test\\myKeystore");
info1.setUseHttps(true);
info1.setTargetSystem(
"https://172.16.4.201:8443/soap/servlet/rpcrouter");
try {
send1.sendString(info1);
} catch (Exception e) {
e.printStackTrace();
}
/** Here is the Second send data*/
Send send = Send.getInstance();
Info info = new Info();
info.setTransContent(“bbbbbbbbbbbbbbb”);
info.setCertificateKeyStore("c:\\test\\abc");
info.setUseHttps(true);
info.setTargetSystem(
"https://172.16.4.62:8443/soap/servlet/rpcrouter");
try {
send.sendString(info);
} catch (Exception e) {
e.printStackTrace();
}
these code was write in my java appalication,when I run this ,will get error above ,say that No trusted certificate found.but ,if I only run the first send ,or I only run the second send ,that will be ok ,will no error .why ??
I think may be first use certification ,then system catched the content ,so when I send the second time ,that need use other certification,but system still use first certification.
I use below code to remove catched :
System.setProperty("networkaddress.cache.ttl ","0");
But has no effect!
By the way , I use
System.setProperty("javax.net.debug","all");
And in the debug info ,I saw that system read Certificate chain for two times ,and ervery time it is not the same ,it is said that system has read two deferent certification ,but why he still say No trusted certificate found??
I have a trouble with ssl , and need your help ,thanks a lot!
I use Tomcat4.0 + ssl + saop to translate data , get a Exception as below:
Error opening socket: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
Here is my simple code,I send data two time ,one is to 172.16.4.201,and other is to 172.16.4.62 . and when send to 201 ,use certification is "c:\\test\\myKeystore". When send to 62 ,use certification is c:\\test\\abc :
/** Here is the First send data */
Send send1 = Send.getInstance();
Info info1 = new Info();
info.setTransContent(“aaaaaaaaaaaaaa”);
info1.setCertificateKeyStore("c:\\test\\myKeystore");
info1.setUseHttps(true);
info1.setTargetSystem(
"https://172.16.4.201:8443/soap/servlet/rpcrouter");
try {
send1.sendString(info1);
} catch (Exception e) {
e.printStackTrace();
}
/** Here is the Second send data*/
Send send = Send.getInstance();
Info info = new Info();
info.setTransContent(“bbbbbbbbbbbbbbb”);
info.setCertificateKeyStore("c:\\test\\abc");
info.setUseHttps(true);
info.setTargetSystem(
"https://172.16.4.62:8443/soap/servlet/rpcrouter");
try {
send.sendString(info);
} catch (Exception e) {
e.printStackTrace();
}
these code was write in my java appalication,when I run this ,will get error above ,say that No trusted certificate found.but ,if I only run the first send ,or I only run the second send ,that will be ok ,will no error .why ??
I think may be first use certification ,then system catched the content ,so when I send the second time ,that need use other certification,but system still use first certification.
I use below code to remove catched :
System.setProperty("networkaddress.cache.ttl ","0");
But has no effect!
By the way , I use
System.setProperty("javax.net.debug","all");
And in the debug info ,I saw that system read Certificate chain for two times ,and ervery time it is not the same ,it is said that system has read two deferent certification ,but why he still say No trusted certificate found??
...全文
请发表友善的回复…
发表回复
wooddoor 2004-06-22
- 打赏
- 举报
The reason of error ,is that when connect two computer ,I use two deffrent certifications .
I change it and use only one certification ,just copy one certification to two computer.it's ok!
---thanks very much!
I change it and use only one certification ,just copy one certification to two computer.it's ok!
---thanks very much!
usabcd 2004-06-11
- 打赏
- 举报
不知道你这个info.setCertificateKeyStore方法具体是怎么做的,
其实你只要设2个系统参数即可:
System.setProperty("javax.net.ssl.trustStore", "yourTrustStoreFileName");
System.setProperty("javax.net.ssl.trustStorePassword", "yourTrustStorePassword");
你把其他的代码去掉看看,只设这两个参数。
奇怪,你一个客户端为甚么要用2个 keystore,只要用一个keystore然后倒入
2个服务端的证书不是就可以了吗
其实你只要设2个系统参数即可:
System.setProperty("javax.net.ssl.trustStore", "yourTrustStoreFileName");
System.setProperty("javax.net.ssl.trustStorePassword", "yourTrustStorePassword");
你把其他的代码去掉看看,只设这两个参数。
奇怪,你一个客户端为甚么要用2个 keystore,只要用一个keystore然后倒入
2个服务端的证书不是就可以了吗
wooddoor 2004-06-11
- 打赏
- 举报
我觉得好像不是证书出错得问题.
因为,如果我单独象一台机器发送,那么没有问题.只有同时向两台机器发送数据,那么回出现问题.
I use keytool to generate certificate, with the certificate,I can send data to one computer without any error. Only when I send data to more than one computer ,such as two computer ,in the same time ,it will be error.
may be when I send data to two computer the same time, then system initialized ,and catched the first certification content ,and when I send the data to other computer ,system still use the first certificate, so get a error say that “No trusted certificate found”. I don’t know is it for this reason.
After I use System.setProperty("javax.net.debug","all"); I can see this Information:
For first send will show :
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: c:\t\myKeystore
trustStore type is : jks
init truststore
adding as trusted cert:
Subject: CN=a, OU=b, O=c, L=d, ST=e, C=f
Issuer: CN=a, OU=b, O=c, L=d, ST=e, C=f
Algorithm: RSA; Serial number: 0x40c67e6c
Valid from Wed Jun 09 11:05:16 CST 2004 until Tue Sep 07 11:05:16 CST 2004
init context
trigger seeding of SecureRandom
done seeding SecureRandom
but when the second send it will not be shown.
Why ??
因为,如果我单独象一台机器发送,那么没有问题.只有同时向两台机器发送数据,那么回出现问题.
I use keytool to generate certificate, with the certificate,I can send data to one computer without any error. Only when I send data to more than one computer ,such as two computer ,in the same time ,it will be error.
may be when I send data to two computer the same time, then system initialized ,and catched the first certification content ,and when I send the data to other computer ,system still use the first certificate, so get a error say that “No trusted certificate found”. I don’t know is it for this reason.
After I use System.setProperty("javax.net.debug","all"); I can see this Information:
For first send will show :
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: c:\t\myKeystore
trustStore type is : jks
init truststore
adding as trusted cert:
Subject: CN=a, OU=b, O=c, L=d, ST=e, C=f
Issuer: CN=a, OU=b, O=c, L=d, ST=e, C=f
Algorithm: RSA; Serial number: 0x40c67e6c
Valid from Wed Jun 09 11:05:16 CST 2004 until Tue Sep 07 11:05:16 CST 2004
init context
trigger seeding of SecureRandom
done seeding SecureRandom
but when the second send it will not be shown.
Why ??
usabcd 2004-06-10
- 打赏
- 举报
不知道你的Send 和Info具体是干嘛的,SSL是标准加密协议,一般情况下并不需要你另外写代码进行加密解密,只要配置好系统环境就可以了。
不过出现上面错误的原因一般是因为你的客户端keystore没有倒入服务端的证书。检查下你的keystore的内容就知道了。
c:\\test\\myKeystore
不过出现上面错误的原因一般是因为你的客户端keystore没有倒入服务端的证书。检查下你的keystore的内容就知道了。
c:\\test\\myKeystore
