Статус: Активный участник
Группы: Участники
Дата регистрации:: 01.08.2019(UTC)
Сообщений: 43
Сказал(а) «Спасибо»: 2 раз
|
Здравствуйте, не понял, что случилось но теперь при подключении получаю ошибку:
Код:
run:
авг 14, 2019 10:37:13 PM ru.CryptoPro.JCP.tools.Starter check
INFO: Loading JCP 2.0.40035
авг 14, 2019 10:37:13 PM ru.CryptoPro.JCP.tools.Starter check
INFO: JCP loaded.
авг 14, 2019 10:37:13 PM ru.CryptoPro.ssl.SSLContextImpl engineInit
INFO: SSLContextImpl init.
авг 14, 2019 10:37:13 PM ru.CryptoPro.ssl.SSLContextImpl engineInit
INFO: trigger seeding of SecureRandom
авг 14, 2019 10:37:13 PM ru.CryptoPro.ssl.SSLContextImpl engineInit
INFO: done seeding SecureRandom
авг 14, 2019 10:37:13 PM ru.CryptoPro.ssl.SSLContextImpl engineInit
INFO: SSLContextImpl initialized.
авг 14, 2019 10:37:14 PM ru.CryptoPro.ssl.cl_97 a
WARNING: main, handling exception: javax.net.ssl.SSLHandshakeException: ru.CryptoPro.ssl.pc_4.cl_5: PKIX path building failed: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target
авг 14, 2019 10:37:14 PM ru.samges.TestGIS_SOAP start
SEVERE: null
javax.net.ssl.SSLHandshakeException: ru.CryptoPro.ssl.pc_4.cl_5: PKIX path building failed: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target
at ru.CryptoPro.ssl.cl_2.a(Unknown Source)
at ru.CryptoPro.ssl.cl_97.a(Unknown Source)
at ru.CryptoPro.ssl.cl_58.a(Unknown Source)
at ru.CryptoPro.ssl.cl_58.a(Unknown Source)
at ru.CryptoPro.ssl.cl_15.a(Unknown Source)
at ru.CryptoPro.ssl.cl_15.a(Unknown Source)
at ru.CryptoPro.ssl.cl_58.u(Unknown Source)
at ru.CryptoPro.ssl.cl_58.a(Unknown Source)
at ru.CryptoPro.ssl.cl_97.a(Unknown Source)
at ru.CryptoPro.ssl.cl_97.n(Unknown Source)
at ru.CryptoPro.ssl.cl_97.b(Unknown Source)
at ru.CryptoPro.ssl.cl_97.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1334)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1309)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:259)
at ru.samges.TestGIS_SOAP.start(TestGIS_SOAP.java:58)
at ru.samges.TestGIS_SOAP.main(TestGIS_SOAP.java:40)
Caused by: ru.CryptoPro.ssl.pc_4.cl_5: PKIX path building failed: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target
at ru.CryptoPro.ssl.pc_4.cl_2.a(Unknown Source)
at ru.CryptoPro.ssl.pc_4.cl_2.a(Unknown Source)
at ru.CryptoPro.ssl.pc_4.cl_4.b(Unknown Source)
at ru.CryptoPro.ssl.cl_125.a(Unknown Source)
at ru.CryptoPro.ssl.cl_125.a(Unknown Source)
at ru.CryptoPro.ssl.cl_125.checkServerTrusted(Unknown Source)
... 15 more
Caused by: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target
at ru.CryptoPro.reprov.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at ru.CryptoPro.reprov.CPCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
... 21 more
Приложение изменилось немного:
Код:
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.datatype.DatatypeConfigurationException;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.ssl.Provider;
import ru.gosuslugi.dom.schema.integration.house_management_service_async.HouseManagementPortsTypeAsync;
import ru.gosuslugi.dom.schema.integration.house_management_service_async.HouseManagementServiceAsync;
/**
*
* @author home
*/
public class TestGIS_SOAP {
/**
* @param args the command line arguments
*/
public static void main(String[] args) {
new TestGIS_SOAP().start();
}
private SSLContext sc;
private byte[] buf;
private HouseManagementPortsTypeAsync getHouseManagementPortAsync() throws DatatypeConfigurationException {
HouseManagementPortsTypeAsync houseManagementPort = new HouseManagementServiceAsync().getHouseManagementPortAsync();
return houseManagementPort;
}
private void start() {
initJCP();
try {
URL url = new URL("https://api.dom.gosuslugi.ru/ext-bus-home-management-service/services/HomeManagementAsync");
HttpsURLConnection cpm = (HttpsURLConnection) url.openConnection();
HttpsURLConnection.getDefaultSSLSocketFactory();
cpm.setDoOutput(true);
OutputStream os = cpm.getOutputStream();
os.write(new byte[]{4,2,54,33,55});
InputStream is = cpm.getInputStream();
if(is.available() > 0){
buf = new byte[is.available()];
is.read(buf);
}
os.close();
is.close();
cpm.disconnect();
} catch (MalformedURLException ex) {
Logger.getLogger(TestGIS_SOAP.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) {
Logger.getLogger(TestGIS_SOAP.class.getName()).log(Level.SEVERE, null, ex);
}
}
private void initJCP() {
try {
Security.addProvider(new JCP());
// Security.addProvider(new RevCheck());
// Security.addProvider(new CryptoProvider());
Security.addProvider(new Provider());
System.setProperty("com.sun.security.enableCRLDP", "true");
System.setProperty("com.ibm.security.enableCRLDP", "true");
String keyStoreType = KeyStore.getDefaultType();
KeyStore trustStore = KeyStore.getInstance("CertStore");
trustStore.load(null,null);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate trstCert = cf.generateCertificate(new FileInputStream("d:\\Work\\CA-PPAK.der"));
trustStore.setCertificateEntry("ca", trstCert);
trstCert = cf.generateCertificate(new FileInputStream("d:\\Work\\CA-PPAK1.cer"));
trustStore.setCertificateEntry("ca1", trstCert);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(trustStore);
KeyStore keyStore = KeyStore.getInstance(JCP.HD_STORE_NAME);
keyStore.load(new FileInputStream("D:\\Work\\HDImageStore\\new_2012_256.keystore"),
"password".toCharArray());
// keyStore.aliases();
KeyManagerFactory kmf = KeyManagerFactory.getInstance("PKIX");
kmf.init(keyStore, "1234567890".toCharArray());
//SSL Контекст
sc = SSLContext.getInstance("GostTLS");
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception ex) {
Logger.getLogger(TestGIS_SOAP.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
Проверенные сертификаты взяты из пакета ГИС ЖКХ_Интеграция_v.12.2.3.12, ключ директора с сертифиактом в KeyStore до следующего года, сертификат до 33 года выдан Минкомсвязь России ООО "ИМЦ". Почему появилась ошибка, что случилось не пойму. Спасибо.
|
