There are many examples of Tomcat + digital certificate classes on the network, using the Keytool tool, the configuration is visible:
http://blog.csdn.net/huzheaccp/article/details/8812826
Last accessed: https://localhost:8443 appears on the Tomcat homepage and the IE browser lock icon appears
WebService Package Deployment Tomcat:
Jar Package Required: Jaxws-2_0.jar can be downloaded from the website
WebService directory Structure:
Package com.huzhe.service;
Import java.util.List;
Import Javax.jws.WebMethod;
Import Javax.jws.WebParam;
Import Javax.jws.WebService;
Import com.huzhe.po.Student;
@WebService Public
interface Istudentservice {
@WebMethod
Student Getstudentbyid (@WebParam (name= "id") String ID);
}
Package com.huzhe.service;
Import java.util.ArrayList;
Import java.util.List;
Import Javax.jws.WebService;
Import com.huzhe.po.Student;
@WebService (endpointinterface= "Com.huzhe.service.IStudentService") Public
class Studentimpl implements Istudentservice {
@Override public
Student Getstudentbyid (String id) {
return new Student (ID, "Zhang San"); c10/>}
}
--------------------------------------------------------------------------------------------------------------- -----------------------before you do this, make sure that WebService is accessible, and the following mainly involves Tomcat deployment and HTTPS calls
--------------------------------------------------------------------------------------------------------------- -----------------------
Configuration: cmd enters the project clesses directory: Execute:
WSGEN-CP. Com.xx.service.StudentImpl
Add to Web. xml:
<login-config> <auth-method>CLIENT-CERT</auth-method> <realm-name>client CERT User S-only area</realm-name> </login-config> <security-constraint> <web-resour Ce-collection > <web-resource-name >SSL</web-resource-name> <url-pattern>/*&l t;/url-pattern> </web-resource-collection> <user-data-constraint> <transport -guarantee>confidential</transport-guarantee> </user-data-constraint> </security-constraint > <listener> <listener-class> Com.sun.xml.ws.transport.http.servlet.WSServletCont Extlistener </listener-class> </listener> <servlet> <servlet-name> Studentimpl</servlet-name> <servlet-class> Com.sun.xml.ws.transport.http.servlet.WSSer Vlet </servlet-class> </servlet> <servlet-mapping> <SERVLET-NAME>STUDENTIMPL</SERVLET-NAME&G
T <url-pattern>/studentImpl</url-pattern> </servlet-mapping>Established under Web-inf: Sun-jaxws.xml
<?xml version= "1.0" encoding= "UTF-8"?> <endpoints xmlns= "http://java.sun.com/xml/ns/jax-ws/ri/ Runtime " version=" 2.0 "> <endpoint name=" STUDENTIMPLWS "implementation=" Com.huzhe.service.StudentImpl " url-pattern="/studentimpl "/> </endpoints>
Then package: War uses maven or direct eclipse to export war
Gets: Ws.war
Put to: Tomcat WebApp under boot server;
Visit: http://localhost:8080/ws/studentImpl?wsdl
Browser address changed to: https://localhost:8443/ws/studentImpl?wsdl
The instructions are encrypted.
Using Eclipse to build WebService client based on WSDL file
(WSDL file can be generated using command, the simplest way: access to the top of the address to get XML information directly copied to save as ws.wsdl file)
Istudentserviceproxy p = newistudentserviceproxy ();
P.getistudentservice (). Getstudentbyid ("001")
. GetName ()Direct access: An error follows:
Axisfault faultcode: {http://schemas.xmlsoap.org/soap/envelope/}server.userexception faultsubcode:faultstring: Javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX Path Building failed:
Sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to requested target FaultActor:faultNode:faultDetail: {http://xml.apache.org/axis/}stacktrace:javax.net.ssl.sslhandshakeexception: Sun.security.validator.ValidatorException:PKIX Path Building failed:
Sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to requested target At Com.sun.net.ssl.internal.ssl.Alerts.getSSLException (alerts.java:174) at Com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal (sslsocketimpl.java:1649) at Com.sun.net.ssl.internal.ssl.Handshaker.fatalSE (handshaker.java:241) at Com.sun.net.ssl.internal.ssl.Handshaker.fatalSE (handshaker.java:235) at Com.sun.net.ssl.internal.ssl.ClientHandshaker.Servercertificate (clienthandshaker.java:1206) at Com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage ( clienthandshaker.java:136) at Com.sun.net.ssl.internal.ssl.Handshaker.processLoop (handshaker.java:593) at Com.sun.net.ssl.internal.ssl.Handshaker.process_record (handshaker.java:529) at Com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord (sslsocketimpl.java:893) at Com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake (sslsocketimpl.java:1138) at Com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake (sslsocketimpl.java:1165) at Com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake (sslsocketimpl.java:1149) at Org.apache.axis.components.net.JSSESocketFactory.create (jssesocketfactory.java:186) at Org.apache.axis.transport.http.HTTPSender.getSocket (httpsender.java:191) at Org.apache.axis.transport.http.HTTPSender.writeToSocket (httpsender.java:404) at Org.apache.axis.transport.http.HTTPSender.invoke (httpsender.java:138) at Org.apache.axis.transport.httP.httpsender.readfromsocket (httpsender.java:727) at Org.apache.axis.transport.http.HTTPSender.invoke ( httpsender.java:144) at Org.apache.axis.strategies.InvocationStrategy.visit (invocationstrategy.java:32) at Org.apache.axis.SimpleChain.doVisiting (simplechain.java:118) at Org.apache.axis.SimpleChain.invoke ( simplechain.java:83) at Org.apache.axis.client.AxisClient.invoke (axisclient.java:165) at Org.apache.axis.client.Call.invokeEngine (call.java:2784) at Org.apache.axis.client.Call.invoke (call.java:2767) at Org.apache.axis.client.Call.invoke (call.java:2443) at Org.apache.axis.client.Call.invoke (call.java:2366) at Org.apache.axis.client.Call.invoke (call.java:1812) at
Com.huzhe.client.StudentImplServiceSoapBindingStub.getStudentById (studentimplservicesoapbindingstub.java:228) At Com.huzhe.client.ClientTest.main (clienttest.java:18) caused By:sun.security.validator.ValidatorException:PKIX Path Building failed:sun.security.provider.certpath.SunCertPathBuilderException:unable to Find valid certification path to requested target at Sun.security.validator.PKIXValidator.doBuild (Pkixvalidator.java : 323) at Sun.security.validator.PKIXValidator.engineValidate (pkixvalidator.java:217) at Sun.security.validator.Validator.validate (validator.java:218) at Com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate (x509trustmanagerimpl.java:126) at Com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted (x509trustmanagerimpl.java:209) at Com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted (x509trustmanagerimpl.java:249) at Com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate (clienthandshaker.java:1185) ... caused By:sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to Requested target at Sun.security.provider.certpath.SunCertPathBuilder.engineBuild (suncertpathbuilder.java:174) at Java.security.cert.CertPathBuilder.build (certpathbuilder.java:238) at Sun.security.validAtor. Pkixvalidator.dobuild (pkixvalidator.java:318) ... + More {http://xml.apache.org/axis/}hostname:iss-03261128 javax.net.ssl.SSLHandshakeException: Sun.security.validator.ValidatorException:PKIX Path Building failed:
Sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to requested target At Org.apache.axis.AxisFault.makeFault (axisfault.java:101) at Org.apache.axis.transport.http.HTTPSender.invoke ( httpsender.java:154) at Org.apache.axis.transport.http.HTTPSender.readFromSocket (httpsender.java:727) at Org.apache.axis.transport.http.HTTPSender.invoke (httpsender.java:144) at Org.apache.axis.strategies.InvocationStrategy.visit (invocationstrategy.java:32) at Org.apache.axis.SimpleChain.doVisiting (simplechain.java:118) at Org.apache.axis.SimpleChain.invoke ( simplechain.java:83) at Org.apache.axis.client.AxisClient.invoke (axisclient.java:165) at Org.apache.axis.client.Call.invokeEngine (call.java:2784) at Org.apache.axis.client.CaLl.invoke (call.java:2767) at Org.apache.axis.client.Call.invoke (call.java:2443) at Org.apache.axis.client.Call.invoke (call.java:2366) at Org.apache.axis.client.Call.invoke (call.java:1812) at
Com.huzhe.client.StudentImplServiceSoapBindingStub.getStudentById (studentimplservicesoapbindingstub.java:228) At Com.huzhe.client.ClientTest.main (clienttest.java:18)
The reason is that the client did not join the digital certificate
To add code before calling the method:
public static void Main (string[] args) {
try {
Istudentserviceproxy p = new Istudentserviceproxy ();
System.setproperty ("Javax.net.ssl.keyStore",
"D:\\mykeystore\\test.keystore");
System.setproperty ("Javax.net.ssl.keyStorePassword", "Mulepassword");
System.setproperty ("Javax.net.ssl.trustStore",
"D:\\mykeystore\\test.keystore");
System.setproperty ("Javax.net.ssl.trustStorePassword",
"Mulepassword");
System.out.println (P.getistudentservice (). Getstudentbyid ("001")
. GetName ());
} catch (RemoteException E {
//TODO auto-generated catch block
e.printstacktrace ();}
}
Same as the 8443 port KeyStore file configured in TomcatD:\\mykeystore\\test.keystore
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
