我有一个jar,需要从REST API中获取实例。我已经完成了SSL证书的设置,并已将私钥和公钥生成为JKS。我已将证书导入到Java \ jdk1.8.0_201 \ jre \ lib \ security \ cacerts中。它以一种方式进行身份验证。但是,在我更改为双向身份验证之后,我得到了致命警报:bad_certificate错误。

我在Response Response = invocationBuilder.get();行中遇到错误。

WebTarget target = cp.getClient()
            .target("https://" + cp.getServerIp() + ":" + cp.getRestAPIPort() + "/product-info").path("");
    Invocation.Builder invocationBuilder = target
            .request(new String[] { MediaType.APPLICATION_JSON_TYPE.toString() });
    invocationBuilder.header("Authorization", "Bearer " + cp.getAccessToken());
    Response response = invocationBuilder.get();


错误响应:

    javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
        at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:284)
        at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:278)
        at org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$0(JerseyInvocation.java:753)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:316)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:298)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:229)
        at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:414)
        at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:752)
        at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:419)
        at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:319)
        at com.p3.ca.ia.rest.RestLayerActivities.getInstanceInformation(RestLayerActivities.java:108)
        at com.p3.ca.ia.rest.IaRestMain.begin(IaRestMain.java:87)
        at com.p3.ca.CaIaApplication.main(CaIaApplication.java:28)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48)
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:87)
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:50)
        at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:51)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2020)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1127)
        at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1761)
        at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124)
        at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1152)
        at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1280)
        at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1190)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:369)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
        at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:347)
        at org.glassfish.jersey.client.internal.HttpUrlConnector._apply(HttpUrlConnector.java:390)
        at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:282)
        ... 20 more

最佳答案

服务器很可能不信任您的CA客户端证书。

08-26 05:48