Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

java smack setKeystorePath不工作?

5 日,1 小时 Questions & Answers

我正在使用smack 4.1.8库连接到Openfire 3.10.2服务器。服务器具有自签名证书。如果我将服务器的证书添加到JVM使用的密钥库中,我可以毫无问题地连接。但我宁愿有一个密钥库,只用于在我的应用程序中使用smack

下面是我正在使用的代码。我看到一些例子,它们让我认为setkeystrepath是一个类路径,而不是一个文件系统路径。我试过两种方法。我已经使用keytool命令验证了keystore类型

有人有这样的工作实例吗

    XMPPTCPConnectionConfiguration.Builder configBuilder = XMPPTCPConnectionConfiguration.builder();
    configBuilder.setUsernameAndPassword("bugs", "xxxxxx");
    final String l_jabber_hostname = "xxxxxxx";
    configBuilder.setServiceName(l_jabber_hostname);
    configBuilder.setHost(l_jabber_hostname);
    configBuilder.setPort(5222);
    configBuilder.setSecurityMode(ConnectionConfiguration.SecurityMode.required);
    configBuilder.setKeystorePath("/tmp/cacerts");
    configBuilder.setKeystoreType("JKS");
    configBuilder.setHostnameVerifier(new HostnameVerifier() {
      @Override
      public boolean verify(String a_hostname, SSLSession session) {
        boolean l_approved = l_jabber_hostname.equalsIgnoreCase(a_hostname);
        return l_approved;
      }
    });

    Roster.setRosterLoadedAtLoginDefault(false);

    XMPPTCPConnectionConfiguration l_config = configBuilder.build();
    AbstractXMPPConnection connection = new XMPPTCPConnection(l_config);

    connection.connect();

以下是错误:

    <org.jivesoftware.smack.SmackException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target>org.jivesoftware.smack.SmackException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1029)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:956)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:971)
        at java.lang.Thread.run(Thread.java:745)
    Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:769)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1000(XMPPTCPConnection.java:140)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1022)
        ... 3 more
    Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
        at sun.security.validator.Validator.validate(Validator.java:260)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
        ... 13 more
    Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
        ... 19 more

共 (1) 个答案

  1. # 1 楼答案

    我也有同样的问题。解决方案是创建SSLContext:

    public void connect() throws SmackException, IOException, XMPPException, UnrecoverableKeyException, KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException 
    {

        XMPPTCPConnectionConfiguration config = XMPPTCPConnectionConfiguration.builder()
          .setUsernameAndPassword(username, password)
          .setServiceName(xmppdomain)
          .setHost(host)
          .setPort(port)
          .setCustomSSLContext(getSSLContext())
          .build();

        xmppConnection = new XMPPTCPConnection(config);
        xmppConnection.connect();

    }

    private SSLContext getSSLContext() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, KeyManagementException {

        char[] JKS_PASSWORD = "password".toCharArray();
        char[] KEY_PASSWORD = "password".toCharArray();

        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream is = new FileInputStream("<PATH_TO_JKS>");
        keyStore.load(is, JKS_PASSWORD);
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(keyStore, KEY_PASSWORD);
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(keyStore);

        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new java.security.SecureRandom());

        return sc;


    }