我正在尝试对安全(HTTPS)第三方站点进行HTTP调用,但失败并出现以下错误:
I / O异常:java.security.NoSuchAlgorithmException:构造实现时出错(算法:默认,提供程序:SunJSSE,类:sun.security.ssl.SSLContextImpl $ DefaultSSLContext)
搜索该错误会带来一些答案,指出需要在正在使用的密钥库中安装证书。但是,我尝试访问的站点正在使用来自已受信任的Entrust根权限的证书。此外,当安全性放宽时,它也可以正常工作。见下文。
我正在Java 1.8(Windows Server)上运行Adobe ColdFusion 11。与此不同的是,如果我关闭ColdFusion的“沙箱安全性”设置,则连接可以正常工作。因此,显然,启用该设置后,某些内容被阻止了。我很难找到允许它工作的条件。有人遇到过这个问题吗?在启用沙箱安全性的情况下尝试与任何安全站点连接时,似乎会发生这种情况。
这是一个小的测试用例,可以看到问题。在未启用沙箱安全性的情况下先尝试。然后再次启用沙箱安全性。它也会对你失败吗?
<cftry>
<cfhttp url="https://www.bing.com/" method="get" timeout="30"></cfhttp>
<cfdump var="#cfhttp#">
<cfcatch type="any">
<cfdump var="#cfcatch#">
</cfcatch>
</cftry>
服务器上可能存在其他一些安全限制。不过目前,如果我关闭沙盒安全性,它将起作用。那使我相信,其他任何服务器安全性都不是原因。
添加服务器类路径信息。请注意,我添加了换行符以提高可读性:
E:/ColdFusion11/cfusion/lib/updates/chf11000015.jar;
E:/ColdFusion11/cfusion/lib/activemq-core-5.7.0.jar;
E:/ColdFusion11/cfusion/lib/ant-launcher.jar;
E:/ColdFusion11/cfusion/lib/ant.jar;
E:/ColdFusion11/cfusion/lib/antisamy-1.5.7.jar;
E:/ColdFusion11/cfusion/lib/antlr-2.7.6.jar;
E:/ColdFusion11/cfusion/lib/apache-solr-core.jar;
E:/ColdFusion11/cfusion/lib/apache-solr-solrj.jar;
E:/ColdFusion11/cfusion/lib/asm-all-5.0.4.jar;
E:/ColdFusion11/cfusion/lib/asn1.jar;
E:/ColdFusion11/cfusion/lib/axis.jar;
E:/ColdFusion11/cfusion/lib/batik-css.jar;
E:/ColdFusion11/cfusion/lib/batik-ext.jar;
E:/ColdFusion11/cfusion/lib/batik-util.jar;
E:/ColdFusion11/cfusion/lib/bcel-5.1-jnbridge.jar;
E:/ColdFusion11/cfusion/lib/bcel.jar;
E:/ColdFusion11/cfusion/lib/bcmail-jdk14-139.jar;
E:/ColdFusion11/cfusion/lib/bcprov-jdk14-139.jar;
E:/ColdFusion11/cfusion/lib/cdo.jar;
E:/ColdFusion11/cfusion/lib/cdohost.jar;
E:/ColdFusion11/cfusion/lib/certj.jar;
E:/ColdFusion11/cfusion/lib/certjWithNative.jar;
E:/ColdFusion11/cfusion/lib/cf-acrobat.jar;
E:/ColdFusion11/cfusion/lib/cf-assembler.jar;
E:/ColdFusion11/cfusion/lib/cf-lib1882801355.jar;
E:/ColdFusion11/cfusion/lib/cf-logging.jar;
E:/ColdFusion11/cfusion/lib/cf4was.jar;
E:/ColdFusion11/cfusion/lib/cf4was_ae.jar;
E:/ColdFusion11/cfusion/lib/cfusion-req.jar;
E:/ColdFusion11/cfusion/lib/cfusion.jar;
E:/ColdFusion11/cfusion/lib/chart.jar;
E:/ColdFusion11/cfusion/lib/clibwrapper_jiio.jar;
E:/ColdFusion11/cfusion/lib/closure-compiler.jar;
E:/ColdFusion11/cfusion/lib/commons-beanutils-1.9.3.jar;
E:/ColdFusion11/cfusion/lib/commons-codec-1.6.jar;
E:/ColdFusion11/cfusion/lib/commons-collections-3.2.2.jar;
E:/ColdFusion11/cfusion/lib/commons-compress-1.9.jar;
E:/ColdFusion11/cfusion/lib/commons-digester-2.0.jar;
E:/ColdFusion11/cfusion/lib/commons-discovery-0.4.jar;
E:/ColdFusion11/cfusion/lib/commons-httpclient-3.1.jar;
E:/ColdFusion11/cfusion/lib/commons-lang-2.4.jar;
E:/ColdFusion11/cfusion/lib/commons-logging-1.1.3.jar;
E:/ColdFusion11/cfusion/lib/commons-logging-1.2.jar;
E:/ColdFusion11/cfusion/lib/commons-logging-api-1.1.1.jar;
E:/ColdFusion11/cfusion/lib/commons-net-3.4.jar;
E:/ColdFusion11/cfusion/lib/commons-vfs2-2.0.jar;
E:/ColdFusion11/cfusion/lib/crystal.jar;
E:/ColdFusion11/cfusion/lib/derby.jar;
E:/ColdFusion11/cfusion/lib/derbyclient.jar;
E:/ColdFusion11/cfusion/lib/derbynet.jar;
E:/ColdFusion11/cfusion/lib/derbyrun.jar;
E:/ColdFusion11/cfusion/lib/derbytools.jar;
E:/ColdFusion11/cfusion/lib/dom4j-1.6.1.jar;
E:/ColdFusion11/cfusion/lib/dpHibernate.jar;
E:/ColdFusion11/cfusion/lib/ehcache-core-2.6.6.jar;
E:/ColdFusion11/cfusion/lib/ehcache-web-2.0.4.jar;
E:/ColdFusion11/cfusion/lib/esapi-2.0.1.jar;
E:/ColdFusion11/cfusion/lib/EWSAPI-1.1.5.jar;
E:/ColdFusion11/cfusion/lib/FCSj.jar;
E:/ColdFusion11/cfusion/lib/flashgateway.jar;
E:/ColdFusion11/cfusion/lib/flex-messaging-common.jar;
E:/ColdFusion11/cfusion/lib/flex-messaging-core.jar;
E:/ColdFusion11/cfusion/lib/flex-messaging-opt.jar;
E:/ColdFusion11/cfusion/lib/flex-messaging-proxy.jar;
E:/ColdFusion11/cfusion/lib/flex-messaging-remoting.jar;
E:/ColdFusion11/cfusion/lib/flex-rds-server.jar;
E:/ColdFusion11/cfusion/lib/fluent-hc-4.3.5.jar;
E:/ColdFusion11/cfusion/lib/fluent-hc-4.5.2.jar;
E:/ColdFusion11/cfusion/lib/geronimo-stax-api_1.0_spec-1.0.1.jar;
E:/ColdFusion11/cfusion/lib/hibernate-commons-annotations-4.0.1.Final.jar;
E:/ColdFusion11/cfusion/lib/hibernate-core-4.1.10.Final.jar;
E:/ColdFusion11/cfusion/lib/hibernate-ehcache-4.1.10.Final.jar;
E:/ColdFusion11/cfusion/lib/hibernate-jpa-2.0-api-1.0.1.Final.jar;
E:/ColdFusion11/cfusion/lib/httpclient-4.5.2.jar;
E:/ColdFusion11/cfusion/lib/httpclient-cache-4.5.2.jar;
E:/ColdFusion11/cfusion/lib/httpcore-4.4.4.jar;
E:/ColdFusion11/cfusion/lib/httpmime-4.5.2.jar;
E:/ColdFusion11/cfusion/lib/ib6addonpatch.jar;
E:/ColdFusion11/cfusion/lib/ib6core.jar;
E:/ColdFusion11/cfusion/lib/ib6http.jar;
E:/ColdFusion11/cfusion/lib/ib6https.jar;
E:/ColdFusion11/cfusion/lib/ib6swing.jar;
E:/ColdFusion11/cfusion/lib/ib6util.jar;
E:/ColdFusion11/cfusion/lib/icu4j-52_1.jar;
E:/ColdFusion11/cfusion/lib/im.jar;
E:/ColdFusion11/cfusion/lib/iText.jar;
E:/ColdFusion11/cfusion/lib/iTextAsian.jar;
E:/ColdFusion11/cfusion/lib/izmado.jar;
E:/ColdFusion11/cfusion/lib/jai_codec.jar;
E:/ColdFusion11/cfusion/lib/jai_core.jar;
E:/ColdFusion11/cfusion/lib/jai_imageio.jar;
E:/ColdFusion11/cfusion/lib/jakarta-oro-2.0.6.jar;
E:/ColdFusion11/cfusion/lib/jakarta-slide-webdavlib-2.1.jar;
E:/ColdFusion11/cfusion/lib/java-xmlbuilder-0.4.jar;
E:/ColdFusion11/cfusion/lib/javasysmon-0.3.3.jar;
E:/ColdFusion11/cfusion/lib/jax-qname.jar;
E:/ColdFusion11/cfusion/lib/jaxb-api.jar;
E:/ColdFusion11/cfusion/lib/jaxb-impl.jar;
E:/ColdFusion11/cfusion/lib/jaxb-libs.jar;
E:/ColdFusion11/cfusion/lib/jaxb-xjc.jar;
E:/ColdFusion11/cfusion/lib/jaxrpc.jar;
E:/ColdFusion11/cfusion/lib/jboss-logging-3.1.0.GA.jar;
E:/ColdFusion11/cfusion/lib/jcifs-1.3.15.jar;
E:/ColdFusion11/cfusion/lib/jdom.jar;
E:/ColdFusion11/cfusion/lib/jeb.jar;
E:/ColdFusion11/cfusion/lib/jempbox-1.8.3.jar;
E:/ColdFusion11/cfusion/lib/jersey-core.jar;
E:/ColdFusion11/cfusion/lib/jersey-server.jar;
E:/ColdFusion11/cfusion/lib/jersey-servlet.jar;
E:/ColdFusion11/cfusion/lib/jets3t-0.8.1.jar;
E:/ColdFusion11/cfusion/lib/jetty-continuation-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-http-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-io-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-security-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-server-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-servlet-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-servlets-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-util-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jetty-xml-9.0.7.v20131107.jar;
E:/ColdFusion11/cfusion/lib/jgroups-2.9.0.GA.jar;
E:/ColdFusion11/cfusion/lib/jintegra.jar;
E:/ColdFusion11/cfusion/lib/jms.jar;
E:/ColdFusion11/cfusion/lib/jnbcore.jar;
E:/ColdFusion11/cfusion/lib/jpedal.jar;
E:/ColdFusion11/cfusion/lib/js.jar;
E:/ColdFusion11/cfusion/lib/jsch-0.1.54.jar;
E:/ColdFusion11/cfusion/lib/jsr107cache.jar;
E:/ColdFusion11/cfusion/lib/jsr311-api-1.1.1.jar;
E:/ColdFusion11/cfusion/lib/jta.jar;
E:/ColdFusion11/cfusion/lib/jutf7-0.9.0.jar;
E:/ColdFusion11/cfusion/lib/ldap.jar;
E:/ColdFusion11/cfusion/lib/ldapbp.jar;
E:/ColdFusion11/cfusion/lib/log4j-1.2.15.jar;
E:/ColdFusion11/cfusion/lib/lucene-analyzers-3.4.0.jar;
E:/ColdFusion11/cfusion/lib/lucene-core-3.4.0.jar;
E:/ColdFusion11/cfusion/lib/lucene-highlighter-3.4.0.jar;
E:/ColdFusion11/cfusion/lib/lucene-memory-3.4.0.jar;
E:/ColdFusion11/cfusion/lib/lucenedemo.jar;
E:/ColdFusion11/cfusion/lib/macromedia_drivers.jar;
E:/ColdFusion11/cfusion/lib/mail.jar;
E:/ColdFusion11/cfusion/lib/metadata-extractor-2.8.1.jar;
E:/ColdFusion11/cfusion/lib/mlibwrapper_jai.jar;
E:/ColdFusion11/cfusion/lib/msapps.jar;
E:/ColdFusion11/cfusion/lib/namespace.jar;
E:/ColdFusion11/cfusion/lib/nekohtml-1.9.22.jar;
E:/ColdFusion11/cfusion/lib/netty-3.5.8.Final.jar;
E:/ColdFusion11/cfusion/lib/ooxml-schemas.jar;
E:/ColdFusion11/cfusion/lib/pdfencryption.jar;
E:/ColdFusion11/cfusion/lib/poi-contrib.jar;
E:/ColdFusion11/cfusion/lib/poi-ooxml-schemas.jar;
E:/ColdFusion11/cfusion/lib/poi-ooxml.jar;
E:/ColdFusion11/cfusion/lib/poi-scratchpad.jar;
E:/ColdFusion11/cfusion/lib/poi.jar;
E:/ColdFusion11/cfusion/lib/portlet_20.jar;
E:/ColdFusion11/cfusion/lib/postgresql-9.3-1101.jdbc41.jar;
E:/ColdFusion11/cfusion/lib/quartz.jar;
E:/ColdFusion11/cfusion/lib/relaxngDatatype.jar;
E:/ColdFusion11/cfusion/lib/ri_generic.jar;
E:/ColdFusion11/cfusion/lib/rome-cf.jar;
E:/ColdFusion11/cfusion/lib/saaj.jar;
E:/ColdFusion11/cfusion/lib/saxon9he.jar;
E:/ColdFusion11/cfusion/lib/serializer.jar;
E:/ColdFusion11/cfusion/lib/slf4j-api-1.5.6.jar;
E:/ColdFusion11/cfusion/lib/slf4j-log4j12-1.5.6.jar;
E:/ColdFusion11/cfusion/lib/smack.jar;
E:/ColdFusion11/cfusion/lib/smpp.jar;
E:/ColdFusion11/cfusion/lib/STComm.jar;
E:/ColdFusion11/cfusion/lib/tagsoup-1.2.jar;
E:/ColdFusion11/cfusion/lib/threaddump.jar;
E:/ColdFusion11/cfusion/lib/tika-core.jar;
E:/ColdFusion11/cfusion/lib/tika-parsers.jar;
E:/ColdFusion11/cfusion/lib/tools.jar;
E:/ColdFusion11/cfusion/lib/tt-bytecode.jar;
E:/ColdFusion11/cfusion/lib/wsdl4j-1.6.2.jar;
E:/ColdFusion11/cfusion/lib/wsproxyconfig.jar;
E:/ColdFusion11/cfusion/lib/wsrp4j-commons-0.5-SNAPSHOT.jar;
E:/ColdFusion11/cfusion/lib/wsrp4j-producer.jar;
E:/ColdFusion11/cfusion/lib/xalan.jar;
E:/ColdFusion11/cfusion/lib/xercesImpl.jar;
E:/ColdFusion11/cfusion/lib/xml-apis-ext.jar;
E:/ColdFusion11/cfusion/lib/xml-apis.jar;
E:/ColdFusion11/cfusion/lib/xmlbeans-2.3.0.jar;
E:/ColdFusion11/cfusion/lib/xmpcore-6.0.6.jar;
E:/ColdFusion11/cfusion/lib/xmpcore.jar;
E:/ColdFusion11/cfusion/lib/xsdlib.jar;
E:/ColdFusion11/cfusion/lib/zip4j_1.3.1_cf.jar;
E:/ColdFusion11/cfusion/lib/;
E:/ColdFusion11/cfusion/lib/axis2/axiom-api-1.2.13.jar;
E:/ColdFusion11/cfusion/lib/axis2/axiom-dom-1.2.13.jar;
E:/ColdFusion11/cfusion/lib/axis2/axiom-impl-1.2.13.jar;
E:/ColdFusion11/cfusion/lib/axis2/axis2-adb-1.7.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/axis2-adb-codegen-1.7.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/axis2-codegen-1.7.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/axis2-jaxws-1.7.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/axis2-kernel-1.7.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/axis2-transport-http-1.7.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/axis2-transport-local-1.7.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/commons-fileupload-1.2.jar;
E:/ColdFusion11/cfusion/lib/axis2/commons-io-1.4.jar;
E:/ColdFusion11/cfusion/lib/axis2/geronimo-ws-metadata_2.0_spec-1.1.2.jar;
E:/ColdFusion11/cfusion/lib/axis2/httpcore-4.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/neethi-3.0.2.jar;
E:/ColdFusion11/cfusion/lib/axis2/woden-api-1.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/woden-impl-commons-1.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/woden-impl-dom-1.0.jar;
E:/ColdFusion11/cfusion/lib/axis2/wsdl4j-1.6.2.jar;
E:/ColdFusion11/cfusion/lib/axis2/wstx-asl-3.2.9.jar;
E:/ColdFusion11/cfusion/lib/axis2/XmlSchema-1.4.8.jar;
E:/ColdFusion11/cfusion/lib/axis2/;
E:/ColdFusion11/cfusion/gateway/lib/examples.jar;
E:/ColdFusion11/cfusion/gateway/lib/;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/flex/jars/cfgatewayadapter.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/flex/jars/concurrent.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/flex/jars/;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/batik-awt-util.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/batik-css.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/batik-ext.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/batik-transcoder.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/batik-util.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/commons-discovery.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/commons-logging.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/concurrent.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/flex.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/jakarta-oro-2.0.7.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/jcert.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/jnet.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/jsse.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/oscache.jar;
E:/ColdFusion11/cfusion/wwwroot/WEB-INF/cfform/jars/;
答案 0 :(得分:0)
在CF管理服务器类路径中的系统信息下,尝试添加此文件(看起来可能很荒谬):
E:/ ColdFusion11 / cfusion / lib;
答案 1 :(得分:0)
我通过为我的ColdFusion应用程序授予对沙箱中以下目录路径的“读取”访问权限来启用ColdFusion沙箱安全性的HTTPS请求:
C:\Program Files\Java\ [read]
C:\Program Files\Java\- [read]
E:\ColdFusion11\cfusion\wwwroot\WEB-INF\lib\ [read]
E:\ColdFusion11\cfusion\wwwroot\WEB-INF\lib\- [read]
WEB-INF\lib目录包含几个“ crypto” jar文件,因此很有意义。我运行的Java版本比ColdFusion随附的Java版本新,因此JVM的位置已更改。因此,将路径添加到JVM也很有意义。我将权限添加到父文件夹C:\Program Files\Java中,以避免每次Java软件更新时都需要更改此权限(每个版本都有其自己的带有版本号的文件夹)。只是读访问权限,所以我认为可以。
我不必将任何证书导入密钥库或添加/更新任何jar。我只需要将这些其他路径添加到沙箱安全设置即可,现在可以使用了。