web-dev-qa-db-fra.com

Continuez à obtenir une erreur d'implémentation Non X509TrustManager disponible lorsque vous essayez de vous connecter au serveur de socket Web

J'ai le code suivant pour me connecter à un serveur de socket Web dans mon Java utilisant des websockets sécurisées.

private boolean openConnection(boolean tried) {
    String sslFile = 
        ConfigMgr.getValue(Constants.SSL_CFG_NAME, "sslfile"); 
    String sslPassword = 
        ConfigMgr.getValue(Constants.SSL_CFG_NAME, "sslpassword"); 
    try {
        System.setProperty("javax.net.ssl.trustStore",
                //sslFile);
        System.setProperty("javax.net.ssl.trustStorePassword", sslPassword);
        System.out.println(System.getProperty("javax.net.ssl.trustStore"));
        System.out.println(System.getProperty("javax.net.ssl.trustStorePassword"));
    } catch (Exception e) {
        if (!tried) {
            logger.error("unable to get certificates", e);
        }
        return false;
    }
    try {
        WebSocketContainer container = ContainerProvider
                .getWebSocketContainer();
        container.connectToServer(this, new URI(websocketServer));
    } catch (Exception e) {
        // only log error trying to connection to web application first
        // time
        if (!tried) {
            logger.error("error while trying to connect daemon to websocket"
                    + " server", e);
        }
        return false;
    }
    return true;
}

Je peux voir sur mes relevés imprimés

 System.setProperty("javax.net.ssl.trustStorePassword", sslPassword);

et

System.out.println(System.getProperty("javax.net.ssl.trustStore"));

Que le mot de passe et le certificat corrects (un .cer Dans ce cas) avec le contenu

-----BEGIN CERTIFICATE-----
MIIDmTCCAoGgAwIBAgIEB/pKmDANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJV
UzELMAkGA1UECBMCUEExGDAWBgNVBAcTD0ZvcnQgV2FzaGluZ3RvbjEXMBUGA1UE
ChMOTWlrcm9zIFN5c3RlbXMxFzAVBgNVBAsTDk1pa3JvcyBTeXN0ZW1zMRUwEwYD
VQQDEwxKYXNvbiBSaWNsZXMwHhcNMTYwNjIyMTcwOTQ0WhcNMTYwOTIwMTcwOTQ0
WjB9MQswCQYDVQQGEwJVUzELMAkGA1UECBMCUEExGDAWBgNVBAcTD0ZvcnQgV2Fz
aGluZ3RvbjEXMBUGA1UEChMOTWlrcm9zIFN5c3RlbXMxFzAVBgNVBAsTDk1pa3Jv
cyBTeXN0ZW1zMRUwEwYDVQQDEwxKYXNvbiBSaWNsZXMwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCsha/dfnWIibmtySZuE8H+3AOa8/QuARKsFgmZJmWZ
ZErjlzN6liUO1Q9pzYXoka69tiIOw0KDWwGAHCAK8mjNpdcs9XiYq3QMZjNAUhqP
rRU5oDn9jwCwQnpepBhH6uiMaBcvrMsvLTaD4HvwoVyMROEhIWywBYMdHk86gcGr
ALz+iMhE8017CAA2n/35fqwDjxeGxDgY3Ove/fTKoeA+ItKOwsYeFZUeej9omTz+
UcdXJ6fu312At/Sh7YZpgP3LsX+rMfdD9sHn80UTy46UoT5UNW0Me40+S47/oh4H
VeOeR5XpcBPHnqbAJAvPAqD/sF9xbvhESwfoSkMB26drAgMBAAGjITAfMB0GA1Ud
DgQWBBQ7YV0yIawkjCCp0crz52BGwMPHnzANBgkqhkiG9w0BAQsFAAOCAQEAdmwo
8ZXZMxKzyfolVKj2UQBzkeSies133nRns0jFbkzm8N4lNtcWiShfLtlTQAuUZNMl
JK7Eax+weLq7tNMZyBdLWse8E4oe8m3XY/Xe7oQGs2EzdlHVZk7JuDHU63mC33cz
xvoNutE+y1Zonce9WaxACuNNMuxyYTVg6yqz/psjYE2YOajc1MmXjI38FkfmQ1bL
ByeNEvnLT1IcQ0OmaSuk2ESj144y/EtkN9/GKFOTPjSRL3zIStNBytn7WNlFV/ch
qaF/eOJRQMlHDosX40IrkHHIoc/pbTKYmjoreC/+biMKc0gUk+EN/uBrcJrVRFnl
dXTNJe6/sNzvkTc/IA==
-----END CERTIFICATE-----

sont définis correctement.

Cependant, lorsque j'exécute mon code, l'erreur suivante est imprimée lorsque container.connectToServer(this, new URI(websocketServer)); est exécuté

    javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed
        at org.Apache.Tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.Java:434) ~[Tomcat7-websocket.jar:7.0.68]
        at org.Apache.Tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.Java:184) ~[Tomcat7-websocket.jar:7.0.68]
        at 
cored.web.CoreWebSocket.openConnection(CoreWebSocket.Java:278) [cored.jar:3.0.10.160712122615]
        at cored.web.CoreWebSocket.establishConnection(CoreWebSocket.Java:1150) [cored.jar:3.0.10.160712122615]
        at 
cored.web.CoreWebSocket.access$100(CoreWebSocket.Java:85) [cored.jar:3.0.10.160712122615]
        at 
cored.web.CoreWebSocket$2.execute(CoreWebSocket.Java:138) [cored.jar:3.0.10.160712122615]
        at utils.AThread.run(AThread.Java:51) 
[utils.jar:3.0.10.160712122615]
    Caused by: Java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
        at org.Apache.Tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.Java:511) ~[Tomcat7-websocket.jar:7.0.68]
        at org.Apache.Tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.Java:379) ~[Tomcat7-websocket.jar:7.0.68]
        ... 6 more
    Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
        at Sun.security.ssl.Handshaker.checkThrown(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.SSLEngineImpl.writeAppRecord(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.SSLEngineImpl.wrap(Unknown Source) ~[?:1.8.0_92]
        at javax.net.ssl.SSLEngine.wrap(Unknown Source) ~[?:1.8.0_92]
        at org.Apache.Tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.Java:371) ~[Tomcat7-websocket.jar:7.0.68]
    Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
        at Sun.security.ssl.Alerts.getSSLException(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.SSLEngineImpl.fatal(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker.fatalSE(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker.fatalSE(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker.processLoop(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker$1.run(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker$1.run(Unknown Source) ~[?:1.8.0_92]
        at Java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source) ~[?:1.8.0_92]
        at org.Apache.Tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.Java:397) ~[Tomcat7-websocket.jar:7.0.68]
    Caused by: Java.security.cert.CertificateException: No X509TrustManager implementation available
        at Sun.security.ssl.DummyX509TrustManager.checkServerTrusted(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker.processLoop(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker$1.run(Unknown Source) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker$1.run(Unknown Source) ~[?:1.8.0_92]
        at Java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_92]
        at Sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source) ~[?:1.8.0_92]
        at org.Apache.Tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.Java:397) ~[Tomcat7-websocket.jar:7.0.68]

Je sais que le fichier .cer Que j'utilise n'est pas corrompu car il est également utilisé sur un serveur Web Tomcat et n'a aucun problème.

Quelle est la cause de cette erreur No X509TrustManager implementation available?

8
jgr208

.cer le fichier n'est pas un type valide pour votre magasin de clés de confiance. Vous pouvez utiliser la variable système javax.net.ssl.trustStoreType pour définir le type. Par défaut est défini sur JKS, vous pouvez également utiliser PKCS12 par exemple.

Vous devez créer un fichier JKS et inclure le fichier .cer. Configurez également le mot de passe pour le trusttore

System.setProperty("javax.net.ssl.trustStore", "path/to/truststore");
System.setProperty("javax.net.ssl.trustStorePassword", truststorepassword); 

Pour importer un fichier .cer dans un JKS, utilisez

keytool -importcert -file certificate.cer -keystore keystore.jks -alias "Alias"
11
pedrofb