Java开发网 Java开发网
注册 | 登录 | 帮助 | 搜索 | 排行榜 | 发帖统计  

您没有登录

» Java开发网 » Java Security » Security Week  

按打印兼容模式打印这个话题 打印话题    把这个话题寄给朋友 寄给朋友    该主题的所有更新都将Email到你的邮箱 订阅主题
flat modethreaded modego to previous topicgo to next topicgo to back
作者 求No trusted certificate found解决方案
zijingshanke





发贴: 2
积分: 1
于 2009-12-03 10:42 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
调用交通银行支付接口查询
String srcUrl = "https://ebank.95559.com.cn/corporbank/NsTrans?dse_operationName=cb2202_queryOrderOp&reqData=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22gb2312%22%3F%3E%3CBOCOMB2C%3E%3CopName%3Ecb2202_queryOrderOp%3C%2FopName%3E%3CreqParam%3E%3CmerchantID%3E301440360129520%3C%2FmerchantID%3E%3Cnumber%3E1%3C%2Fnumber%3E%3Cdetail%3E1%3C%2Fdetail%3E%3Corders%3EC20091030000001%3C%2Forders%3E%3C%2FreqParam%3E%3C%2FBOCOMB2C%3E&signData=MIIE%2FgYJKoZIhvcNAQcCoIIE7zCCBOsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA%2BUwggPhMIICyaADAgECAgRMXdLhMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEQMA4GA1UEAxMHQk9DT01DQTAeFw0wOTA5MjIwNzMxMzhaFw0xMTA5MjIwNzMxMzhaMIGAMQswCQYDVQQGEwJDTjEUMBIGA1UEChMLQkFOS0NPTU0gQ0ExETAPBgNVBAsTCEJBTktDT01NMRIwEAYDVQQLEwlNZXJjaGFudHMxNDAyBgNVBAMTKzA0MEAwMTQ0MDQwMDAwMDE1MjcxNkBbMzAxNDQwMzYwMTI5NTIwXUAwMDAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALglwOl2sLwGJ8JiaHp4DtjVygLat2b6ZEvk7qD2heCbpB1CVwhFRvXD8v7Ly%2FQgxjG3G4Z6RuT51f2DLuDACIDTreFTxCvRQIxQA3OYGVnqyq3CC3Qc5kYy6olGGpPYAnoODADchG7jiAFDqU%2FPpvEUuMmhUENoxzIllxQMgSwRAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBTSs9GxOUepN3l34yRNY7X4QsuZczBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly8xOTIuMTY4LjMuMTEwL2Nwcy5odG0wVgYDVR0fBE8wTTBLoEmgR6RFMEMxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEMMAoGA1UECxMDY3JsMRAwDgYDVQQDEwdjcmwzODc1MAwGA1UdDwQFAwMH%2BYAwHQYDVR0OBBYEFAf4PbwEuZqX6aIT4iXipwUfSsMEMA0GCSqGSIb3DQEBBQUAA4IBAQB1lgHmpF6591tUOWmOa61DkJd8ZoV0yk5P2Fl6heGXowH0SUEtIU38m4TTYEEtNYnylbo5XlhhBc0k99lMEXh0gzNhUvmKhnbviHDYzVLNNsF1idRNfqc9rQhrPDoFgJXKqI0cdHAY4%2B27fahfwmiRGVB3SmVekvBloAQFdD4FGEpwI3aB2ITbIisFZbSL70loX9PYj57OLxv4SMm5j1Sx58ZWrOcndOm4cx6TMh6wFK4hB0PqR1h05n45geJlhbTifkewBcOLcIvoK4S8cbrfVMAURHDJDLTcDfIcFUPMxlSaI4JPM3sbtM9VMLngupGv%2BvSKWh8SuL1EPPjgtDhEMYHiMIHfAgEBMD0wNTELMAkGA1UEBhMCQ04xFDASBgNVBAoTC0JBTktDT01NIENBMRAwDgYDVQQDEwdCT0NPTUNBAgRMXdLhMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYAUEnRCOKov%2FkGrYni6fUQaMgZX%2BYCXkLMwGwG%2F0vzmr%2B%2FYPYCc78pkRgI8v%2FFskIXmtSjAeyG3VlytV%2Bq15ZWK1c3RcXWO6DDQGo7MJYAqZ37CwHsx%2Fgy%2B9bp6AizZFW9StGSAw0UEsR5kEEyr8urpr56phWM9vWjxFPIqaurY1w%3D%3D";

===========================简化后的相关代码===========
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;

HttpURLConnection connection = null;
InputStream in = null;
URL url = new URL(srcUrl);
connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
in = connection.getInputStream();
in.read(,,,,);
===============================================================

以上程序在开发环境(SUN JDK1.5 + Tomcat5.0)上可以正常运行,获得反馈结果。

部署到生产环境(Ibm JDK1.5 + WebSpere),报异常

javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found
at com.ibm.jsse2.n.a(n.java:17)
at com.ibm.jsse2.jc.a(jc.java:541)
at com.ibm.jsse2.db.a(db.java:403)
at com.ibm.jsse2.db.a(db.java:278)
at com.ibm.jsse2.eb.a(eb.java:137)
at com.ibm.jsse2.eb.a(eb.java:157)
at com.ibm.jsse2.db.m(db.java:243)
at com.ibm.jsse2.db.a(db.java:280)
at com.ibm.jsse2.jc.a(jc.java:104)
at com.ibm.jsse2.jc.g(jc.java:470)
at com.ibm.jsse2.jc.a(jc.java:284)
at com.ibm.jsse2.jc.startHandshake(jc.java:172)
at com.ibm.net.ssl.www2.protocol.https.b.afterConnect(b.java:65)
at com.ibm.net.ssl.www2.protocol.https.c.connect(c.java:3)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:942)
at sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:1895)
at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:585)
at java.net.URLConnection.getContentLength(URLConnection.java:480)
at com.ibm.net.ssl.www2.protocol.https.a.getContentLength(a.java:28)

调用交通银行支付接口查询
String srcUrl = "https://ebank.95559.com.cn/corporbank/NsTrans?dse_operationName=cb2202_queryOrderOp&reqData=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22gb2312%22%3F%3E%3CBOCOMB2C%3E%3CopName%3Ecb2202_queryOrderOp%3C%2FopName%3E%3CreqParam%3E%3CmerchantID%3E301440360129520%3C%2FmerchantID%3E%3Cnumber%3E1%3C%2Fnumber%3E%3Cdetail%3E1%3C%2Fdetail%3E%3Corders%3EC20091030000001%3C%2Forders%3E%3C%2FreqParam%3E%3C%2FBOCOMB2C%3E&signData=MIIE%2FgYJKoZIhvcNAQcCoIIE7zCCBOsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA%2BUwggPhMIICyaADAgECAgRMXdLhMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEQMA4GA1UEAxMHQk9DT01DQTAeFw0wOTA5MjIwNzMxMzhaFw0xMTA5MjIwNzMxMzhaMIGAMQswCQYDVQQGEwJDTjEUMBIGA1UEChMLQkFOS0NPTU0gQ0ExETAPBgNVBAsTCEJBTktDT01NMRIwEAYDVQQLEwlNZXJjaGFudHMxNDAyBgNVBAMTKzA0MEAwMTQ0MDQwMDAwMDE1MjcxNkBbMzAxNDQwMzYwMTI5NTIwXUAwMDAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALglwOl2sLwGJ8JiaHp4DtjVygLat2b6ZEvk7qD2heCbpB1CVwhFRvXD8v7Ly%2FQgxjG3G4Z6RuT51f2DLuDACIDTreFTxCvRQIxQA3OYGVnqyq3CC3Qc5kYy6olGGpPYAnoODADchG7jiAFDqU%2FPpvEUuMmhUENoxzIllxQMgSwRAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBTSs9GxOUepN3l34yRNY7X4QsuZczBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly8xOTIuMTY4LjMuMTEwL2Nwcy5odG0wVgYDVR0fBE8wTTBLoEmgR6RFMEMxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEMMAoGA1UECxMDY3JsMRAwDgYDVQQDEwdjcmwzODc1MAwGA1UdDwQFAwMH%2BYAwHQYDVR0OBBYEFAf4PbwEuZqX6aIT4iXipwUfSsMEMA0GCSqGSIb3DQEBBQUAA4IBAQB1lgHmpF6591tUOWmOa61DkJd8ZoV0yk5P2Fl6heGXowH0SUEtIU38m4TTYEEtNYnylbo5XlhhBc0k99lMEXh0gzNhUvmKhnbviHDYzVLNNsF1idRNfqc9rQhrPDoFgJXKqI0cdHAY4%2B27fahfwmiRGVB3SmVekvBloAQFdD4FGEpwI3aB2ITbIisFZbSL70loX9PYj57OLxv4SMm5j1Sx58ZWrOcndOm4cx6TMh6wFK4hB0PqR1h05n45geJlhbTifkewBcOLcIvoK4S8cbrfVMAURHDJDLTcDfIcFUPMxlSaI4JPM3sbtM9VMLngupGv%2BvSKWh8SuL1EPPjgtDhEMYHiMIHfAgEBMD0wNTELMAkGA1UEBhMCQ04xFDASBgNVBAoTC0JBTktDT01NIENBMRAwDgYDVQQDEwdCT0NPTUNBAgRMXdLhMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYAUEnRCOKov%2FkGrYni6fUQaMgZX%2BYCXkLMwGwG%2F0vzmr%2B%2FYPYCc78pkRgI8v%2FFskIXmtSjAeyG3VlytV%2Bq15ZWK1c3RcXWO6DDQGo7MJYAqZ37CwHsx%2Fgy%2B9bp6AizZFW9StGSAw0UEsR5kEEyr8urpr56phWM9vWjxFPIqaurY1w%3D%3D";

===========================简化后的相关代码==================
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;

HttpURLConnection connection = null;
InputStream in = null;
URL url = new URL(srcUrl);
connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
in = connection.getInputStream();
in.read(,,,,);
===============================================================

以上程序在开发环境(SUN JDK1.5 + Tomcat5.0)上可以正常运行,获得反馈结果。

部署到生产环境(Ibm JDK1.5 + WebSpere),报异常

javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found
at com.ibm.jsse2.n.a(n.java:17)
at com.ibm.jsse2.jc.a(jc.java:541)
at com.ibm.jsse2.db.a(db.java:403)
at com.ibm.jsse2.db.a(db.java:278)
at com.ibm.jsse2.eb.a(eb.java:137)
at com.ibm.jsse2.eb.a(eb.java:157)
at com.ibm.jsse2.db.m(db.java:243)
at com.ibm.jsse2.db.a(db.java:280)
at com.ibm.jsse2.jc.a(jc.java:104)
at com.ibm.jsse2.jc.g(jc.java:470)
at com.ibm.jsse2.jc.a(jc.java:284)
at com.ibm.jsse2.jc.startHandshake(jc.java:172)
at com.ibm.net.ssl.www2.protocol.https.b.afterConnect(b.java:65)
at com.ibm.net.ssl.www2.protocol.https.c.connect(c.java:3)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:942)
at sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:1895)
at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:585)
at java.net.URLConnection.getContentLength(URLConnection.java:480)
at com.ibm.net.ssl.www2.protocol.https.a.getContentLength(a.java:28)

第一修改方案,在执行查询之前,指定Provider、系统属性,结果:失败。异常信息同楼上。

Security.addProvider(new com.ibm.jsse.IBMJSSEProvider());
System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");

第二修改方案,指定密钥库、信任库。结果:失败。异常同顶楼。

public SSLSocketFactory getSSLSocketFactory() {
SSLSocketFactory sslSocketFactory = null;

String keystore = ".....";
String truststore = ".....";
String keypass="....";

try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystore), keypass.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("IbmX509");
kmf.init(ks,keypass.toCharArray());

KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(truststore),trustpass.toCharArray());
TrustManager[] tm;
TrustManagerFactory tmf = TrustManagerFactory.getInstance("IbmPKIX");
tmf.init(ts);
tm = tmf.getTrustManagers();

SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(kmf.getKeyManagers(), tm, null);

sslSocketFactory = sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
}
return sslSocketFactory;
}

public String sendAndReceive(String srcUrl) {
SSLSocketFactory factory = getSSLSocketFactory();
HttpsURLConnection connection = null;
InputStream in = null;

URL url = new URL(srcUrl);

connection = (HttpsURLConnection) url.openConnection();
connection.setSSLSocketFactory(factory);

connection.setRequestProperty("User-Agent", "Mozilla/MSIE");
int contentLen = connection.getContentLength();
in = connection.getInputStream();
in.read(,,,,);

补充说明,已将交行提供的root.cer导入到WebSpere运行依赖的JVM下的cacerts文件中



flat modethreaded modego to previous topicgo to next topicgo to back
  已读帖子
  新的帖子
  被删除的帖子
Jump to the top of page

   Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent
Copyright © 2002-2021 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号-1
客服电话 18559299278    客服信箱 714923@qq.com    客服QQ 714923