Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

java连接。getInputStream()为WebSphere portal 7中的HTTPS url引发SSLHandshakeException

1 周,5 日 Questions & Answers

我有直接指向特定文件的HTTPS URL

在我的servlet中,当我尝试接收这个文件时,我在连接行中得到SSLHandshakeException。getInputStream()

我能够在正常的Eclipse环境中运行这个程序,并且没有任何错误

当我在IBM WebSphere Portal 7环境中使用它时,收到异常

我已经附上下面的代码

String filename = ""+request.getParameter("newName");
String filepath = ""+request.getParameter("filePath");

URL url = new URL(filepath);
URLConnection connection = url.openConnection();

InputStream in =  connection.getInputStream();


response.setContentType("APPLICATION/OCTET-STREAM");    
response.setHeader("Content-Disposition", "attachment ; filename="+filename+" ");

int i;
while((i=in.read()) != -1)
{
    response.getWriter().write(i);
}
in.close();

以下是我收到的例外情况

Error 500: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA is not trusted; internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error

下面是我从日志中收到的错误

[1/2/15 5:46:24:930 EST] 000000b9 ServletWrappe E com.ibm.ws.webcontainer.servlet.ServletWrapper service SRVE0068E: Uncaught exception created in one of the service methods of the servlet downloadServlet in application PA_FileCabinet. Exception created : javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: 
    java.security.cert.CertPathValidatorException: The certificate issued by EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA is not trusted; internal cause is: 
    java.security.cert.CertPathValidatorException: Certificate chaining error
    at com.ibm.jsse2.o.a(o.java:30)
    at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:216)
    at com.ibm.jsse2.kb.a(kb.java:411)
    at com.ibm.jsse2.kb.a(kb.java:150)
    at com.ibm.jsse2.lb.a(lb.java:106)
    at com.ibm.jsse2.lb.a(lb.java:716)
    at com.ibm.jsse2.kb.s(kb.java:659)
    at com.ibm.jsse2.kb.a(kb.java:393)
    at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:850)
    at com.ibm.jsse2.SSLSocketImpl.h(SSLSocketImpl.java:63)
    at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:316)
    at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:220)
    at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:184)
    at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:40)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1207)
    at com.ibm.net.ssl.www2.protocol.https.b.getInputStream(b.java:66)
    at com.infores.portal.filecabinet.downloadServlet.doGet(downloadServlet.java:52)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:718)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1661)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1602)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:113)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:80)
    at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:939)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:507)
    at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:181)
    at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3994)
    at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276)
    at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:945)
    at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1592)
    at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:191)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:453)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:515)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:306)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:277)
    at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
    at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
    at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175)
    at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
    at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
    at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
    at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
    at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
    at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
    at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1660)
Caused by: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: 
    java.security.cert.CertPathValidatorException: The certificate issued by EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA is not trusted; internal cause is: 
    java.security.cert.CertPathValidatorException: Certificate chaining error
    at com.ibm.jsse2.util.h.b(h.java:96)
    at com.ibm.jsse2.util.h.b(h.java:69)
    at com.ibm.jsse2.util.g.a(g.java:11)
    at com.ibm.jsse2.pc.a(pc.java:8)
    at com.ibm.jsse2.pc.checkServerTrusted(pc.java:7)
    at com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted(WSX509TrustManager.java:359)
    at com.ibm.jsse2.lb.a(lb.java:171)
    ... 41 more

共 (2) 个答案

  1. # 1 楼答案

    您需要将证书添加到WAS中的受信任存储

  2. # 2 楼答案

    当您收到错误响应代码时,请记住,您不能使用getInputStream()读取返回的正文内容

    在这种情况下,必须用getErrorStream()读取返回的正文