引起:javax.net.ssl.SSLHandshakeException:java.security.cert.CertificateException:java(spring)中没有可用的X50

Posted

技术标签:

【中文标题】引起:javax.net.ssl.SSLHandshakeException:java.security.cert.CertificateException:java(spring)中没有可用的X509TrustManager实现【英文标题】:Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available in java(spring) 【发布时间】:2015-12-08 19:14:48 【问题描述】:

我正在尝试验证我拥有服务器证书的服务器,并且我已经创建了密钥库和信任库。异常发生在代码中的 rest 模板中,我没有得到我在网上搜索过的错误,但我没有找到解决方案

我的java代码:

org.json.JSONObject json = new org.json.JSONObject();

    org.json.JSONObject root = new org.json.JSONObject();
    root.put("Version", "1");
    json.put("key", "test");
    root.put("message", json);
    System.out.println(root);

    String url = "https://example.com";
App obi = new App();
    obi.trustSelfSignedSSL();

    System.setProperty("javax.net.ssl.keyStore", "/Users/crohitk/Desktop/spring/keystore.jks");

   System.setProperty("javax.net.ssl.keyStorePassword", "password");
   System.setProperty("javax.net.ssl.trustStore","/Users/crohitk/Desktop/spring/ca-certs.jks");

   System.setProperty("javax.net.ssl.trustStorePassword","");


   KeyStore keyStore = null;
   KeyStore truststore = null;

        keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

        keyStore.load(new FileInputStream("/Users/crohitk/Desktop/spring/keystore.jks"),
                "password".toCharArray());


    SSLConnectionSocketFactory socketFactory = null;

        socketFactory = new SSLConnectionSocketFactory(
                new SSLContextBuilder()

                        .loadKeyMaterial(keyStore, "password".toCharArray()).build());


    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();

    ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(
            httpClient);

    RestTemplate restTemplate = new RestTemplate(requestFactory);





  String result = restTemplate.postForObject(url, root , String.class);
    System.out.println(result);
    System.out.println( "Hello World!" );


    public static void trustSelfSignedSSL() 
        try 
            SSLContext ctx = SSLContext.getInstance("TLS");
            X509TrustManager tm = new X509TrustManager() 

                public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException 
                

                public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException 
                

                public X509Certificate[] getAcceptedIssuers() 
                    return null;
                
            ;
            ctx.init(null, new TrustManager[]tm, null);
            SSLContext.setDefault(ctx);
         catch (Exception ex) 
            ex.printStackTrace();

错误跟踪:

Exception in thread "main" org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://example.com":java.security.cert.CertificateException: No X509TrustManager implementation available; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:602)
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:552)
    at org.springframework.web.client.RestTemplate.postForObject(RestTemplate.java:352)
    at url.url1.App.main(App.java:258)

我的 pom.xml:

<dependencies>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.11</version>
            <scope>test</scope>
        </dependency>
        <!-- Spring dependencies -->
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-core</artifactId>
            <version>$spring.version</version>
        </dependency>

        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-web</artifactId>
            <version>$spring.version</version>
        </dependency>

        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-webmvc</artifactId>
            <version>$spring.version</version>
        </dependency>


        <dependency>
    <groupId>commons-codec</groupId>
    <artifactId>commons-codec</artifactId>
    <version>1.9</version>
</dependency>


    <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-jdbc</artifactId>
    <version>4.1.0.RELEASE</version>
</dependency>



    <dependency>
        <groupId>mysql</groupId>
        <artifactId>mysql-connector-java</artifactId>
        <version>5.1.9</version>
    </dependency>



        <!-- Spring AOP dependency -->
        <dependency>
                <groupId>cglib</groupId>
        <artifactId>cglib</artifactId>
        <version>2.2</version>
    </dependency>

    <!-- Hibernate framework -->
        <dependency>
    <groupId>org.hibernate</groupId>
    <artifactId>hibernate</artifactId>
    <version>3.2.3.ga</version>
</dependency>

    <!--<dependency>
        <groupId>hibernate</groupId>
        <artifactId>hibernate3</artifactId>
        <version>3.2.3.GA</version>
    </dependency> -->


    <!-- Hibernate library dependecy start -->
    <dependency>
        <groupId>dom4j</groupId>
        <artifactId>dom4j</artifactId>
        <version>1.6.1</version>
    </dependency>

    <dependency>
        <groupId>commons-logging</groupId>
        <artifactId>commons-logging</artifactId>
        <version>1.1.1</version>
    </dependency>

    <dependency>
        <groupId>commons-collections</groupId>
        <artifactId>commons-collections</artifactId>
        <version>3.2.1</version>
    </dependency>

    <dependency>
        <groupId>antlr</groupId>
        <artifactId>antlr</artifactId>
        <version>2.7.7</version>
    </dependency>
    <!-- Hibernate library dependecy end -->

 <dependency>
            <groupId>javax.transaction</groupId>
            <artifactId>jta</artifactId>
            <version>1.1</version>
</dependency>

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-orm</artifactId>
    <version>$spring.version</version>
    <type>jar</type>
    <scope>compile</scope>
</dependency>

  <dependency>
    <groupId>org.hibernate</groupId>
    <artifactId>hibernate-core</artifactId>
    <version>3.6.0.Final</version>
</dependency>
<dependency>


    <groupId>org.slf4j</groupId>
    <artifactId>slf4j-log4j12</artifactId>
    <version>1.6.5</version>
  </dependency>

<dependency>
    <groupId>javassist</groupId>
    <artifactId>javassist</artifactId>
    <version>3.12.1.GA</version>
</dependency>
<dependency>

    <groupId>com.google.code.gson</groupId>
    <artifactId>gson</artifactId>
    <version>2.3.1</version>
</dependency>


 <dependency>
    <groupId>org.apache.poi</groupId>
    <artifactId>poi</artifactId>
    <version>3.11</version>
</dependency>
<dependency>
    <groupId>org.apache.poi</groupId>
    <artifactId>poi-ooxml</artifactId>
    <version>3.9</version>
</dependency>

<dependency>
    <groupId>commons-io</groupId>
    <artifactId>commons-io</artifactId>
    <version>2.4</version>
</dependency>

<dependency>
    <groupId>org.json</groupId>
    <artifactId>json</artifactId>
    <version>20141113</version>
</dependency>


<dependency>
    <groupId>org.apache.httpcomponents</groupId>
    <artifactId>httpclient</artifactId>
    <version>4.3.4</version>
</dependency>

<dependency>
    <groupId>commons-httpclient</groupId>
    <artifactId>commons-httpclient</artifactId>
    <version>3.1</version>
</dependency>

<dependency>
    <groupId>net.sf.hibernate</groupId>
    <artifactId>hibernate</artifactId>
    <version>2.1.8</version>
</dependency>



<dependency>
   <groupId>org.hibernate</groupId>
   <artifactId>hibernate-validator</artifactId>
   <version>5.2.1.Final</version>
</dependency>

<dependency>
    <groupId>org.apache.logging.log4j</groupId>
    <artifactId>log4j-core</artifactId>
    <version>2.3</version>
</dependency>

<dependency>
    <groupId>log4j</groupId>
    <artifactId>log4j</artifactId>
    <version>1.2.17</version>
</dependency>
<dependency>
    <groupId>commons-lang</groupId>
    <artifactId>commons-lang</artifactId>
    <version>2.3</version>
</dependency>

<!--  <dependency>
    <groupId>javax.servlet</groupId>
    <artifactId>servlet-api</artifactId>
    <version>3.0-alpha-1</version>
</dependency>-->

<dependency>
    <groupId>org.igniterealtime.smack</groupId>
    <artifactId>smack-core</artifactId>
    <version>4.2.0-alpha1</version>
</dependency>

<dependency>
    <groupId>org.apache.commons</groupId>
    <artifactId>commons-io</artifactId>
    <version>1.3.2</version>
</dependency>

<dependency>
    <groupId>ca.juliusdavies</groupId>
    <artifactId>not-yet-commons-ssl</artifactId>
    <version>0.3.11</version>
</dependency>
 <dependency>
       <groupId>javax.ws.rs</groupId>
       <artifactId>javax.ws.rs-api</artifactId>
       <version>2.0</version>
    </dependency>
    <dependency>
       <groupId>org.glassfish.jersey.media</groupId>
       <artifactId>jersey-media-moxy</artifactId>
       <version>2.8</version>
    </dependency>
    <dependency>
        <groupId>org.glassfish.jersey.core</groupId>
        <artifactId>jersey-common</artifactId>
        <version>2.8</version>
    </dependency>

    <dependency>
  <groupId>org.glassfish.jersey.core</groupId>
  <artifactId>jersey-client</artifactId>
  <version>2.8</version>
</dependency>

</dependencies>

【问题讨论】:

类似问题,虽然***.com/a/22467085/3166303可能不是同一个问题 我没有那个依赖 App.java 中的第 258 行是哪一行? 在我的 java 代码中具有 String result = restTemplate.postForObject(url, root , String.class);第 258 行 您应该在项目中包含 Bouncy Castle,然后将提供程序添加到静态初始化程序中,这应该可以工作 【参考方案1】:

您必须添加安全提供程序才能使用 X509TrustManager 和 X509Certificate 等加密类。

您可以随时添加提供商。你只需要在使用这些类之前完成它。

这是一个如何在 Java 中添加安全提供程序的示例:

//check if provider is not already added
Provider aProvider = Security.getProvider("MyProvider");
if (aProvider == null) 
    //add provider
    Security.addProvider(new MyProvider());

MyProvider 只是一个占位符。您必须导入提供程序(例如 BouncyCastle)或使用来自 Sun 的提供程序

【讨论】:

在最后一行 Security.addProvider(new MyProvider());我得到 MyProvider 无法解析为我已导入 java.security.Provider 的类型 是否有任何预定义的安全提供程序 如果还没有,可以导入充气城堡,然后使用BouncyCastleProvider。如果你不能或不想导入充气城堡,我认为 sun 有一个,但我从未使用过。 您不必添加安全提供程序。已经内置了两三个。 是否有预定义的提供者

以上是关于引起:javax.net.ssl.SSLHandshakeException:java.security.cert.CertificateException:java(spring)中没有可用的X50的主要内容,如果未能解决你的问题,请参考以下文章

如何区分两个“onpause”事件 - 由单击“暂停”按钮引起,以及由到达媒体片段末尾引起?

查询如何引起gc

杂牌设备网络接入引起交换机引起端口翻转的故障

csharp 可能会引起问题的类的继承问题,父类后来增加的方法可能会引起子类的函数重载错误

两则dhcp设置引起的故障

大开测试:性能-如何解决由于设置引起的运行失败问题(连载22)