Apache CXF Exception in SSL communication: SocketTimeOut

后端 未结 1 1159
北恋
北恋 2021-02-06 06:07

So here\'s the deal. I have a web service WSDL that I need to make SOAP calls to outside my corporate network. The webservice is HTTPS SOAP, and requires a client certificate.

1条回答
  •  说谎
    说谎 (楼主)
    2021-02-06 06:42

    OMG! I figured it out.

    So I went traipsing through the interwebs and found this little gem:

    How to configure SoapUI with client certificate authentication

    And it references a very important note from Oracle/Sun:

    Transport Layer Security (TLS) Renegotiation Issue Readme

    Applications that receive a renegotiation request from the peer will respond according to the type of connection in place:

    TLSv1: A warning Alert message of type "no_renegotiation(100)" will be sent to the peer and the connection will remain open.

    then, further down:

    Renegotiations can be re-enabled for those applications that need it by setting the new system property sun.security.ssl.allowUnsafeRenegotiation to true before the JSSE library is initialized. There are several ways to set this property:

    1. Command Line:

      % java -Dsun.security.ssl.allowUnsafeRenegotiation=true Main

    2. Java Control Panel (Java Plug-in / Java Web Start) - Runtime Environment.

    3. Within the application:

      java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", true);

    Note that TLS/SSL renegotiation will not occur unless both client and server have enabled renegotiations.

    So the long and short of it? System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");

    And things. Just. Work.

    0 讨论(0)
提交回复
热议问题