Написать

Ru

DeutschEspañolPortuguês

Тёмная тема

Написать

Тёмная тема

Ru

DeutschEspañolPortuguês
lotus-dominojava

Создать кросс-сертификат для агента Domino Java?

Я пытаюсь подключиться к веб-службе с поддержкой https с помощью Java-агента Domino. Он работает нормально, используя http, но не работает на https. Я отключил TLS 1.2 (очевидно, в Fix Pack 4 и 5 есть ошибка с TLS 1.2 и Java).

Теперь я получаю следующие ошибки ...

    [1034:0007-1164] 12/08/2015 05:44:57.75 PM SSLAdvanceHandshake Exit> State HandshakeCertificate (8)
    [1034:0007-1164] 12/08/2015 05:44:57.75 PM SSLProcessHandshakeMessage Enter> Message: Certificate (11) State: HandshakeCertificate (8) Key Exchange: 15 Cipher: ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014)
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM SSLCheckCertChain> Invalid certificate chain received
    [1034:0007-1164] Cert Chain Evaluation Status: err: 3659, Cannot establish trust in a certificate or CRL.
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM SSLSendAlert> Sending an alert of 0x0 (close_notify) level 0x2 (fatal)
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM SSLProcessHandshakeMessage Exit> Message: Certificate (11) State: SSLErrorClose (2) Key Exchange: 15 Cipher: ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014)
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM SSL_Handshake> Changing SSL status from -6986 to -5000 to flush write queue
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM SSL_Handshake> After handshake state = SSLErrorClose (2); Status = -5000
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM int_MapSSLError> Mapping SSL error -5000 to 4176 [SSLHandshakeNoDone]
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM S_Write> Enter len = 7
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM SSL_Xmt> 00000000: 15 03 01 00 02 02 00                              '.......'
    [1034:0007-1164] 12/08/2015 05:44:57.80 PM S_Write> Switching Endpoint to sync
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM S_Write> Posting a nti_snd for 7 bytes
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM SSL_EncryptData> SSL not init exit
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM S_Write> Switching Endpoint to async
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM SSL_EncryptDataCleanup> SSL not init exit
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM S_Write> nti_done return 7 bytes rc = 0
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM S_Write> Exit, wrote 7 bytes
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM SSL_Handshake> After handshake2 state SSLErrorClose (2)
    [1034:0007-1164] 12/08/2015 05:44:57.81 PM int_MapSSLError> Mapping SSL error -6986 to 4163 [X509CertChainInvalidErr]
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error: WebServiceEngineFault
      faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
      faultSubcode: 
      faultString: Error connecting to 'api.qa.silverlining.synovia.com' on port '443', SSL invalid certificate, may need to cross-certify.
      faultActor: 
      faultNode: 
      faultDetail: 
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error: Error connecting to 'api.qa.silverlining.synovia.com' on port '443', SSL invalid certificate, may need to cross-certify.
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.InternalFault.makeFault(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.transport.http.HTTPSender.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.strategies.InvocationStrategy.visit(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.SimpleChain.doVisiting(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.SimpleChain.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.client.AxisClient.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.client.Call.invokeEngine(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.client.Call.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.client.Call.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.client.Call.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.axis.client.Call.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.websvc.client.Call.invoke(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at org.tempuri.BasicHttpBinding_ISynoviaApi1Stub.s0001(BasicHttpBinding_ISynoviaApi1Stub.java:11)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at JavaAgent.NotesMain(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.AgentBase.runNotes(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error:   at lotus.domino.NotesThread.run(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:57 PM  Agent Manager: Agent  error: Caused by: 
    [1034:0007-1164] 12/08/2015 05:44:58 PM  Agent Manager: Agent  error: Error connecting to 'api.qa.silverlining.synovia.com' on port '443', SSL invalid certificate, may need to cross-certify.
    [1034:0007-1164] 12/08/2015 05:44:58 PM  Agent Manager: Agent  error:   at lotus.domino.axis.transport.http.NotesSocket.openConnection(Native Method)
    [1034:0007-1164] 12/08/2015 05:44:58 PM  Agent Manager: Agent  error:   at lotus.domino.axis.transport.http.NotesSocket.<init>(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:58 PM  Agent Manager: Agent  error:   at lotus.domino.axis.transport.http.HTTPSender.getSocket(Unknown Source)
    [1034:0007-1164] 12/08/2015 05:44:58 PM  Agent Manager: Agent  error:   ... 15 more
    [1034:0005-11A0] 12/08/2015 05:44:58 PM  AMgr: Agent 's0001' in 'testweb.nsf' completed execution

Служба, к которой я подключаюсь, является сертификатом DigiCert SSL. Я попытался использовать Explorer и экспортировать файл .cer и импортировать его в каталог Domino, но безуспешно. Я также пытался импортировать его в cacerts, но это тоже ничего не делало.

Какие-либо предложения? Говард

Ответы на вопрос(2)

Ваш ответ на вопрос

Популярные вопросы

0 ответов

Задержка Handeling в транзакциях MySQL

0 ответов

как «закрепить» / прикрепить формы winforms

0 ответов

Как включить внешние jar в процесс сборки maven jar?

0 ответов

RetainCount ОК, чтобы использовать в этом случае?

0 ответов

Как на самом деле происходит системный вызов в Linux?