Bonjour,
Je me suis arraché une quantité très importante de cheveux ces derniers jours sur un problème d'accès à un webservice en SSL à l'aide de CxF.
Voici le code incriminé nettoyé :
et l'exception tant redoutée :
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62 public class TestClient { private static final QName SERVICE_NAME = new QName("https://endpointsecure/axis/servicescure", "ServiceSecure"); private static void configureSSLOnTheClient(Object c) { Client client = ClientProxy.getClient(c); HTTPConduit httpConduit = (HTTPConduit) client.getConduit(); try { TLSClientParameters tlsParams = new TLSClientParameters(); tlsParams.setDisableCNCheck(true); KeyStore keyStore = KeyStore.getInstance("PKCS12"); String trustpass = "lemotdepassequivabien"; File truststore = new File("C:\\un\\certificat\\fonctionnel.p12"); keyStore.load(new FileInputStream(truststore), trustpass.toCharArray()); KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFactory.init(keyStore, trustpass.toCharArray()); KeyManager[] km = (KeyManager[]) keyFactory.getKeyManagers(); tlsParams.setKeyManagers(km); FiltersType filter = new FiltersType(); filter.getInclude().add(".*_EXPORT_.*"); filter.getInclude().add(".*_EXPORT1024_.*"); filter.getInclude().add(".*_WITH_DES_.*"); filter.getInclude().add(".*_WITH_NULL_.*"); filter.getExclude().add(".*_DH_anon_.*"); tlsParams.setCipherSuitesFilter(filter); httpConduit.setTlsClientParameters(tlsParams); } catch (KeyStoreException kse) { System.out.println("Security configuration failed with the following: " + kse.getCause()); } catch (NoSuchAlgorithmException nsa) { System.out.println("Security configuration failed with the following: " + nsa.getCause()); } catch (FileNotFoundException fnfe) { System.out.println("Security configuration failed with the following: " + fnfe.getCause()); } catch (CertificateException ce) { System.out.println("Security configuration failed with the following: " + ce.getCause()); } catch (GeneralSecurityException gse) { System.out.println("Security configuration failed with the following: " + gse.getCause()); } catch (IOException ioe) { System.out.println("Security configuration failed with the following: " + ioe.getCause()); } } public static void main(String[] args){ System.out.println("Initializing test"); LeWebService ws = new LeWebService(); ILeWebService port = ws.getDestSivServicePort(); configureSSLOnTheClient(port); // [...] Paramétrage de l'objet Response resp = port.methode(parametre, attachmentNullPourLeMoment); System.out.println("Server responded with: " + ticket.toString()); } }
Le keystore au format p12 est bien sûr valide et marche tout à fait dans mes navigateurs, dans SoapUI, et avec Axis2.
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79 ATTENTION: Interceptor for {http://Namespace}NomDuService#{http://Namespace}Methode has thrown exception, unwinding now org.apache.cxf.interceptor.Fault: Could not send Message. at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:487) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) at $Proxy38.methode(Unknown Source) at com.sopragroup.siv.TestClient.main(TestClient.java:128) Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://endpointsecure/axis/servicescure: Received fatal alert: handshake_failure at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:2058) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2043) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:639) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) ... 8 more Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1955) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1907) at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42) at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1974) ... 11 more Exception in thread "main" javax.xml.ws.WebServiceException: Could not send Message. at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135) at $Proxy38.methode(Unknown Source) at com.sopragroup.siv.TestClient.main(TestClient.java:128) Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://endpointsecure/axis/servicescure: Received fatal alert: handshake_failure at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:2058) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2043) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:639) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:487) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) ... 2 more Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1955) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1907) at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42) at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1974) ... 11 more
Je suis à la recherche de toute aide potentielle. Accessoirement, je recherche un emploi de n'importe quoi sauf développeur.
Merci d'avance!
Partager