1.求No trusted certificate found解决方案 | Copy to clipboard |
Posted by: zijingshanke Posted on: 2009-12-03 10:42 调用交通银行支付接口查询 String srcUrl = "https://ebank.95559.com.cn/corporbank/NsTrans?dse_operationName=cb2202_queryOrderOp&reqData=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22gb2312%22%3F%3E%3CBOCOMB2C%3E%3CopName%3Ecb2202_queryOrderOp%3C%2FopName%3E%3CreqParam%3E%3CmerchantID%3E301440360129520%3C%2FmerchantID%3E%3Cnumber%3E1%3C%2Fnumber%3E%3Cdetail%3E1%3C%2Fdetail%3E%3Corders%3EC20091030000001%3C%2Forders%3E%3C%2FreqParam%3E%3C%2FBOCOMB2C%3E&signData=MIIE%2FgYJKoZIhvcNAQcCoIIE7zCCBOsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA%2BUwggPhMIICyaADAgECAgRMXdLhMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEQMA4GA1UEAxMHQk9DT01DQTAeFw0wOTA5MjIwNzMxMzhaFw0xMTA5MjIwNzMxMzhaMIGAMQswCQYDVQQGEwJDTjEUMBIGA1UEChMLQkFOS0NPTU0gQ0ExETAPBgNVBAsTCEJBTktDT01NMRIwEAYDVQQLEwlNZXJjaGFudHMxNDAyBgNVBAMTKzA0MEAwMTQ0MDQwMDAwMDE1MjcxNkBbMzAxNDQwMzYwMTI5NTIwXUAwMDAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALglwOl2sLwGJ8JiaHp4DtjVygLat2b6ZEvk7qD2heCbpB1CVwhFRvXD8v7Ly%2FQgxjG3G4Z6RuT51f2DLuDACIDTreFTxCvRQIxQA3OYGVnqyq3CC3Qc5kYy6olGGpPYAnoODADchG7jiAFDqU%2FPpvEUuMmhUENoxzIllxQMgSwRAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBTSs9GxOUepN3l34yRNY7X4QsuZczBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly8xOTIuMTY4LjMuMTEwL2Nwcy5odG0wVgYDVR0fBE8wTTBLoEmgR6RFMEMxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEMMAoGA1UECxMDY3JsMRAwDgYDVQQDEwdjcmwzODc1MAwGA1UdDwQFAwMH%2BYAwHQYDVR0OBBYEFAf4PbwEuZqX6aIT4iXipwUfSsMEMA0GCSqGSIb3DQEBBQUAA4IBAQB1lgHmpF6591tUOWmOa61DkJd8ZoV0yk5P2Fl6heGXowH0SUEtIU38m4TTYEEtNYnylbo5XlhhBc0k99lMEXh0gzNhUvmKhnbviHDYzVLNNsF1idRNfqc9rQhrPDoFgJXKqI0cdHAY4%2B27fahfwmiRGVB3SmVekvBloAQFdD4FGEpwI3aB2ITbIisFZbSL70loX9PYj57OLxv4SMm5j1Sx58ZWrOcndOm4cx6TMh6wFK4hB0PqR1h05n45geJlhbTifkewBcOLcIvoK4S8cbrfVMAURHDJDLTcDfIcFUPMxlSaI4JPM3sbtM9VMLngupGv%2BvSKWh8SuL1EPPjgtDhEMYHiMIHfAgEBMD0wNTELMAkGA1UEBhMCQ04xFDASBgNVBAoTC0JBTktDT01NIENBMRAwDgYDVQQDEwdCT0NPTUNBAgRMXdLhMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYAUEnRCOKov%2FkGrYni6fUQaMgZX%2BYCXkLMwGwG%2F0vzmr%2B%2FYPYCc78pkRgI8v%2FFskIXmtSjAeyG3VlytV%2Bq15ZWK1c3RcXWO6DDQGo7MJYAqZ37CwHsx%2Fgy%2B9bp6AizZFW9StGSAw0UEsR5kEEyr8urpr56phWM9vWjxFPIqaurY1w%3D%3D"; ===========================简化后的相关代码=========== import java.io.InputStream; import java.net.HttpURLConnection; import java.net.URL; HttpURLConnection connection = null; InputStream in = null; URL url = new URL(srcUrl); connection = (HttpURLConnection) url.openConnection(); connection.setRequestProperty("User-Agent", "Mozilla/MSIE"); in = connection.getInputStream(); in.read(,,,,); =============================================================== 以上程序在开发环境(SUN JDK1.5 + Tomcat5.0)上可以正常运行,获得反馈结果。 部署到生产环境(Ibm JDK1.5 + WebSpere),报异常 javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found at com.ibm.jsse2.n.a(n.java:17) at com.ibm.jsse2.jc.a(jc.java:541) at com.ibm.jsse2.db.a(db.java:403) at com.ibm.jsse2.db.a(db.java:278) at com.ibm.jsse2.eb.a(eb.java:137) at com.ibm.jsse2.eb.a(eb.java:157) at com.ibm.jsse2.db.m(db.java:243) at com.ibm.jsse2.db.a(db.java:280) at com.ibm.jsse2.jc.a(jc.java:104) at com.ibm.jsse2.jc.g(jc.java:470) at com.ibm.jsse2.jc.a(jc.java:284) at com.ibm.jsse2.jc.startHandshake(jc.java:172) at com.ibm.net.ssl.www2.protocol.https.b.afterConnect(b.java:65) at com.ibm.net.ssl.www2.protocol.https.c.connect(c.java:3) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:942) at sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:1895) at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:585) at java.net.URLConnection.getContentLength(URLConnection.java:480) at com.ibm.net.ssl.www2.protocol.https.a.getContentLength(a.java:28) 调用交通银行支付接口查询 String srcUrl = "https://ebank.95559.com.cn/corporbank/NsTrans?dse_operationName=cb2202_queryOrderOp&reqData=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22gb2312%22%3F%3E%3CBOCOMB2C%3E%3CopName%3Ecb2202_queryOrderOp%3C%2FopName%3E%3CreqParam%3E%3CmerchantID%3E301440360129520%3C%2FmerchantID%3E%3Cnumber%3E1%3C%2Fnumber%3E%3Cdetail%3E1%3C%2Fdetail%3E%3Corders%3EC20091030000001%3C%2Forders%3E%3C%2FreqParam%3E%3C%2FBOCOMB2C%3E&signData=MIIE%2FgYJKoZIhvcNAQcCoIIE7zCCBOsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA%2BUwggPhMIICyaADAgECAgRMXdLhMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEQMA4GA1UEAxMHQk9DT01DQTAeFw0wOTA5MjIwNzMxMzhaFw0xMTA5MjIwNzMxMzhaMIGAMQswCQYDVQQGEwJDTjEUMBIGA1UEChMLQkFOS0NPTU0gQ0ExETAPBgNVBAsTCEJBTktDT01NMRIwEAYDVQQLEwlNZXJjaGFudHMxNDAyBgNVBAMTKzA0MEAwMTQ0MDQwMDAwMDE1MjcxNkBbMzAxNDQwMzYwMTI5NTIwXUAwMDAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALglwOl2sLwGJ8JiaHp4DtjVygLat2b6ZEvk7qD2heCbpB1CVwhFRvXD8v7Ly%2FQgxjG3G4Z6RuT51f2DLuDACIDTreFTxCvRQIxQA3OYGVnqyq3CC3Qc5kYy6olGGpPYAnoODADchG7jiAFDqU%2FPpvEUuMmhUENoxzIllxQMgSwRAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBTSs9GxOUepN3l34yRNY7X4QsuZczBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly8xOTIuMTY4LjMuMTEwL2Nwcy5odG0wVgYDVR0fBE8wTTBLoEmgR6RFMEMxCzAJBgNVBAYTAkNOMRQwEgYDVQQKEwtCQU5LQ09NTSBDQTEMMAoGA1UECxMDY3JsMRAwDgYDVQQDEwdjcmwzODc1MAwGA1UdDwQFAwMH%2BYAwHQYDVR0OBBYEFAf4PbwEuZqX6aIT4iXipwUfSsMEMA0GCSqGSIb3DQEBBQUAA4IBAQB1lgHmpF6591tUOWmOa61DkJd8ZoV0yk5P2Fl6heGXowH0SUEtIU38m4TTYEEtNYnylbo5XlhhBc0k99lMEXh0gzNhUvmKhnbviHDYzVLNNsF1idRNfqc9rQhrPDoFgJXKqI0cdHAY4%2B27fahfwmiRGVB3SmVekvBloAQFdD4FGEpwI3aB2ITbIisFZbSL70loX9PYj57OLxv4SMm5j1Sx58ZWrOcndOm4cx6TMh6wFK4hB0PqR1h05n45geJlhbTifkewBcOLcIvoK4S8cbrfVMAURHDJDLTcDfIcFUPMxlSaI4JPM3sbtM9VMLngupGv%2BvSKWh8SuL1EPPjgtDhEMYHiMIHfAgEBMD0wNTELMAkGA1UEBhMCQ04xFDASBgNVBAoTC0JBTktDT01NIENBMRAwDgYDVQQDEwdCT0NPTUNBAgRMXdLhMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYAUEnRCOKov%2FkGrYni6fUQaMgZX%2BYCXkLMwGwG%2F0vzmr%2B%2FYPYCc78pkRgI8v%2FFskIXmtSjAeyG3VlytV%2Bq15ZWK1c3RcXWO6DDQGo7MJYAqZ37CwHsx%2Fgy%2B9bp6AizZFW9StGSAw0UEsR5kEEyr8urpr56phWM9vWjxFPIqaurY1w%3D%3D"; ===========================简化后的相关代码================== import java.io.InputStream; import java.net.HttpURLConnection; import java.net.URL; HttpURLConnection connection = null; InputStream in = null; URL url = new URL(srcUrl); connection = (HttpURLConnection) url.openConnection(); connection.setRequestProperty("User-Agent", "Mozilla/MSIE"); in = connection.getInputStream(); in.read(,,,,); =============================================================== 以上程序在开发环境(SUN JDK1.5 + Tomcat5.0)上可以正常运行,获得反馈结果。 部署到生产环境(Ibm JDK1.5 + WebSpere),报异常 javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found at com.ibm.jsse2.n.a(n.java:17) at com.ibm.jsse2.jc.a(jc.java:541) at com.ibm.jsse2.db.a(db.java:403) at com.ibm.jsse2.db.a(db.java:278) at com.ibm.jsse2.eb.a(eb.java:137) at com.ibm.jsse2.eb.a(eb.java:157) at com.ibm.jsse2.db.m(db.java:243) at com.ibm.jsse2.db.a(db.java:280) at com.ibm.jsse2.jc.a(jc.java:104) at com.ibm.jsse2.jc.g(jc.java:470) at com.ibm.jsse2.jc.a(jc.java:284) at com.ibm.jsse2.jc.startHandshake(jc.java:172) at com.ibm.net.ssl.www2.protocol.https.b.afterConnect(b.java:65) at com.ibm.net.ssl.www2.protocol.https.c.connect(c.java:3) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:942) at sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:1895) at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:585) at java.net.URLConnection.getContentLength(URLConnection.java:480) at com.ibm.net.ssl.www2.protocol.https.a.getContentLength(a.java:28) 第一修改方案,在执行查询之前,指定Provider、系统属性,结果:失败。异常信息同楼上。 Security.addProvider(new com.ibm.jsse.IBMJSSEProvider()); System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol"); 第二修改方案,指定密钥库、信任库。结果:失败。异常同顶楼。 public SSLSocketFactory getSSLSocketFactory() { SSLSocketFactory sslSocketFactory = null; String keystore = "....."; String truststore = "....."; String keypass="...."; try { KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(keystore), keypass.toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance("IbmX509"); kmf.init(ks,keypass.toCharArray()); KeyStore ts = KeyStore.getInstance("JKS"); ts.load(new FileInputStream(truststore),trustpass.toCharArray()); TrustManager[] tm; TrustManagerFactory tmf = TrustManagerFactory.getInstance("IbmPKIX"); tmf.init(ts); tm = tmf.getTrustManagers(); SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(kmf.getKeyManagers(), tm, null); sslSocketFactory = sslContext.getSocketFactory(); } catch (Exception e) { e.printStackTrace(); } return sslSocketFactory; } public String sendAndReceive(String srcUrl) { SSLSocketFactory factory = getSSLSocketFactory(); HttpsURLConnection connection = null; InputStream in = null; URL url = new URL(srcUrl); connection = (HttpsURLConnection) url.openConnection(); connection.setSSLSocketFactory(factory); connection.setRequestProperty("User-Agent", "Mozilla/MSIE"); int contentLen = connection.getContentLength(); in = connection.getInputStream(); in.read(,,,,); 补充说明,已将交行提供的root.cer导入到WebSpere运行依赖的JVM下的cacerts文件中 |