Verbindung zum Web-Service-Server fehlgeschlagen

Question

Ich habe eine Anwendung auf JBoss 4.2.3 und Java 6, gehostet auf myApp.com.br. Ich entwickle einen neuen Web Service Client in dieser App, der über eine sichere Verbindung (HTTPS) mit JAX auf den Server zugreifen muss, um eine SOAP Nachricht zu erstellen.

Ich bin sicher, dass die Nachricht (XML) erfolgreich erstellt und adressiert wird, aber wenn es versucht, eine Verbindung herzustellen, nach 3 Versuchen, wirft es eine SSLHandshakeException. Unter dem Auszug aus dem Protokoll der Verbindungsversuche:

13:55:41,014 INFO [STDOUT] %% No cached client session 
13:55:41,014 INFO [STDOUT] *** ClientHello, TLSv1 
13:55:41,015 INFO [STDOUT] RandomCookie: 
13:55:41,015 INFO [STDOUT] GMT: 1465512205 
13:55:41,015 INFO [STDOUT] bytes = { 
13:55:41,015 INFO [STDOUT] 89 AND LOTS OF OTHER NUMBERS WHICH I REMOVED FOR THE SAKE OF BREVITY 
13:55:41,027 INFO [STDOUT] } 
13:55:41,027 INFO [STDOUT] Session ID: 
13:55:41,027 INFO [STDOUT] {} 
13:55:41,028 INFO [STDOUT] Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA] 
13:55:41,028 INFO [STDOUT] Compression Methods: { 
13:55:41,028 INFO [STDOUT] 0 
13:55:41,028 INFO [STDOUT] } 
13:55:41,029 INFO [STDOUT] *** 
13:55:41,029 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, WRITE: TLSv1 Handshake, length = 73 
13:55:41,029 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, WRITE: SSLv2 client hello message, length = 98 
13:55:41,056 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, received EOFException: error 
13:55:41,057 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
13:55:41,058 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1 
13:55:41,058 INFO [STDOUT] , SEND TLSv1 ALERT: 
13:55:41,058 INFO [STDOUT] fatal, 
13:55:41,059 INFO [STDOUT] description = handshake_failure 
13:55:41,059 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, WRITE: TLSv1 Alert, length = 2 
13:55:41,060 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, called closeSocket() 
13:55:41,060 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, called close() 
13:55:41,060 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, called closeInternal(true) 
13:55:41,088 INFO [STDOUT] http-myApp.com.br%2F10.54.252.21-28080-1, setSoTimeout(0) called 

Und hier sind die throwed Ausnahmen:

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:808) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) 
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:904) 
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1026) 
    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:373) 
    at java.net.HttpURLConnection.getResponseMessage(HttpURLConnection.java:439) 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseMessage(HttpsURLConnectionImpl.java:362) 
    at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:340) 
    at org.jboss.remoting.transport.http.HTTPClientInvoker.transport(HTTPClientInvoker.java:137) 
    at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122) 
    at org.jboss.remoting.Client.invoke(Client.java:1634) 
    at org.jboss.remoting.Client.invoke(Client.java:548) 
    at org.jboss.ws.core.client.HTTPRemotingConnection.invoke(HTTPRemotingConnection.java:233) 
    at org.jboss.ws.core.client.SOAPProtocolConnectionHTTP.invoke(SOAPProtocolConnectionHTTP.java:73) 
    at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:339) 
    at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:302) 
    at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:172) 
    at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:152) 
    at $Proxy691.solicitarProtocoloOperation(Unknown Source) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
    at java.lang.reflect.Method.invoke(Method.java:597) 
    at com.myApp.foundation.protocolmanager.service.ProtocolManagerBean.processMessageFromERP(ProtocolManagerBean.java:61) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
    at java.lang.reflect.Method.invoke(Method.java:597) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:112) 
    at org.jboss.ejb3.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:166) 
    at org.jboss.ejb3.interceptor.EJB3InterceptorsInterceptor.invoke(EJB3InterceptorsInterceptor.java:63) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:54) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.aspects.tx.TxPolicy.invokeInCallerTx(TxPolicy.java:126) 
    at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:195) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:95) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:62) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:77) 
    at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:240) 
    at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:210) 
    at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:84) 
    at $Proxy613.processMessageFromERP(Unknown Source) 
    at com.myApp.foundation.protocolmanager.ws.v1_00_00.WsdProtocolManagerWS.requestProtocol(WsdProtocolManagerWS.java:68) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
    at java.lang.reflect.Method.invoke(Method.java:597) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:112) 
    at org.jboss.ejb3.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:166) 
    at org.jboss.ejb3.interceptor.EJB3InterceptorsInterceptor.invoke(EJB3InterceptorsInterceptor.java:63) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:54) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) 
    at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:191) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:95) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:62) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:77) 
    at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) 
    at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) 
    at org.jboss.wsf.container.jboss42.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:103) 
    at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:221) 
    at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466) 
    at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284) 
    at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201) 
    at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134) 
    at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) 
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) 
    at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182) 
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432) 
    at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) 
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) 
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 
    at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) 
    at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:393) 
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262) 
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) 
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) 
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446) 
    at java.lang.Thread.run(Thread.java:619) 
Caused by: java.io.EOFException: SSL peer shut down incorrectly 
    at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:333) 
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789) 
    ... 112 more 

Offenbar wird die SOAP-Nachricht, die von JBoss mit einer internen IP "senden wird http- myApp.com.br% 2F10.54.252.21-28080-1 ", und ich denke, dass dies das Problem ist, denn ich glaube, dass der Zertifikatsanbieter das Zertifikat mit der URL" myApp.com.br "und dem externen Zertifikat gebunden hat IP, die es darstellt. Ich habe auf SoapUI den gleichen Webservice getestet und benutze das gleiche Zertifikat und es funktioniert.

Ist meine Annahme richtig? Wenn ja, wie kann ich JBoss so einrichten, dass die SOAP-Nachricht korrekt gesendet wird? Wenn nicht, irgendeine Vorstellung davon, was falsch ist?

Answer 1

Ich habe das Problem gefunden. Der Server akzeptiert kein SSL-Protokoll.

Mit Wireshark konnte ich die Pakete vergleichen, die von SoapUI gesendet werden, die mit JBoss funktionieren, die nicht funktionieren, und das Problem verfolgen. Ich stellte fest, dass die von den Anwendungen verwendeten Protokolle unterschiedlich waren. SoapUI verwendet TLSv1, während JBoss verwendet SSLv2. Also habe ich JBoss so konfiguriert, dass nur TLSv1 verwendet wird und dann funktioniert es. Für Aufzeichnung nur auf JBoss 4.2.3 dies auf run.bat Datei konfiguriert wurde, wo ich die folgende Zeile hinzugefügt:

set JAVA_OPTS=%JAVA_OPTS% -Dhttps.protocols=TLSv1 

Das Merkwürdige ist, dass die Java-Dokumentation sagt, dass das Standardprotokoll ist TLSv1, auf Java 6, und ich habe SSL nirgendwo konfiguriert, oder zumindest habe ich nichts mit einer solchen Konfiguration gefunden. Ich weiß immer noch nicht, warum SSL verwendet wurde, obwohl es funktioniert.