本文介绍了在使用Spring-Ws过程中遇到的SSL证书问题,主要原因是程序IP地址与证书IP地址不匹配。通过配置HttpsUrlConnectionMessageSender,设置自定义的TrustManager来解决这个问题。代码示例展示了如何创建和设置相关bean,以及调用代码中需要注意的细节。
主要的原因是证书有问题,就是程序的IP地址和证书的IP地址不匹配。
这里是客户端报错,使用的是spring-ws
对应的Maven如下;
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
<version>3.0.8.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-core</artifactId>
<version>3.0.8.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-support</artifactId>
<version>3.0.8.RELEASE</version>
</dependency>
生成的bean
@Bean
HttpsUrlConnectionMessageSender messageSender(
KeyStoreFactoryBean keyStore,
TrustManagersFactoryBean trustManagers
) throws Exception {
HttpsUrlConnectionMessageSender sender = new HttpsUrlConnectionMessageSender();
KeyManagersFactoryBean keyManagersFactoryBean = new KeyManagersFactoryBean();
keyManagersFactoryBean.setKeyStore(keyStore.getObject());
keyManagersFactoryBean.setPassword(KEYSTORE_PASSWORD);
keyManagersFactoryBean.afterPropertiesSet();
sender.setKeyManagers(keyManagersFactoryBean.getObject());
sender.setTrustManagers(trustManagers.getObject());
sender.setHostnameVerifier(new TrustAnyHostnameVerifier());
return sender;
}
public class TrustAnyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
这里调用代码:
@Autowired
HttpsUrlConnectionMessageSender sender;
public XXXResponse clear(String para){
XXXRequest request = new XXXRequest();
request.setValue(para);
getWebServiceTemplate().setMessageSender(sender);
JAXBElement<XXXtResponse> o = (JAXBElement<XXXtResponse>)
getWebServiceTemplate().marshalSendAndReceive("https://xxx.xxx.xxx.xxx:xxx/ws/xxxx", request);
return o.getValue();
}
这里要注意,要将生成的bean放到getWebserviceTemplate()的Sender中才能,不然不会生效的。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
