我有一个使用Java运行时的Azure函数,它使用NTLM安全性调用了REST API。我创建一个SSLContext对象,并使用它创建一个套接字。这在我的MacBook上本地完美运行。但是,当我部署到Azure Function App时,出现错误:javax.net.ssl.SSLException:连接已关闭:javax.net.ssl.SSLException:java.security.ProviderException:java.security.KeyException:密钥确实存在不存在。
该异常的堆栈跟踪为:
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: java.security.ProviderException: java.security.KeyException: Key does not exist.
at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1551)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:95)
at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
at java.io.InputStreamReader.read(InputStreamReader.java:184)
at java.io.BufferedReader.fill(BufferedReader.java:161)
at java.io.BufferedReader.readLine(BufferedReader.java:324)
at java.io.BufferedReader.readLine(BufferedReader.java:389)
... 22 more
Caused by: java.security.ProviderException: java.security.KeyException: Key does not exist.
at sun.security.mscapi.RSACipher.doFinal(RSACipher.java:310)
at sun.security.mscapi.RSACipher.engineDoFinal(RSACipher.java:334)
at javax.crypto.Cipher.doFinal(Cipher.java:2164)
at java.security.Signature$CipherAdapter.engineVerify(Signature.java:1319)
at java.security.SignatureSpi.engineVerify(SignatureSpi.java:278)
at java.security.Signature$Delegate.engineVerify(Signature.java:1228)
at java.security.Signature.verify(Signature.java:704)
at sun.security.ssl.RSASignature.engineVerify(RSASignature.java:182)
at sun.security.ssl.RSASignature.engineVerify(RSASignature.java:175)
at java.security.Signature$Delegate.engineVerify(Signature.java:1222)
at java.security.Signature.verify(Signature.java:655)
at sun.security.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(HandshakeMessage.java:1118)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:284)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:757)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
public static String makeGetRequestLinux(String route, String hostIp, int hostPort, String username, String password, String domain, String workstation)
throws InterruptedException, IOException, NoSuchAlgorithmException, KeyManagementException {
String url = route;
String NEG_HEADER = "WWW-Authenticate: Negotiate";
StringBuilder body = new StringBuilder();
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
HostnameVerifier hv = (String hostname, SSLSession session) -> true;
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
SSLSocket s = (SSLSocket) sc.getSocketFactory().createSocket(hostIp, hostPort);
PrintWriter pw = new PrintWriter(s.getOutputStream());
pw.print("GET " + url + " HTTP/1.1\r\n");
pw.print("Host: " + hostIp + "\r\n");
pw.print("Authorization: Negotiate " + NtlmEngine.INSTANCE.generateType1Msg() + "\r\n\r\n");
pw.flush();
String challenge = null;
try (BufferedReader br = new BufferedReader(new InputStreamReader(s.getInputStream()))) {
String t;
while ((t = br.readLine()) != null) {
if (t.startsWith(NEG_HEADER)) {
String parts[] = t.split("\\s+");
challenge = parts[2];
}
if (t.trim().length() < 4) {
break;
}
}
String msg3 = NtlmEngine.INSTANCE.generateType3Msg(username, password, domain,
workstation, challenge);
pw.print("GET " + url + " HTTP/1.1\r\n");
pw.print("Host: " + hostIp + "\r\n");
pw.print("Authorization: Negotiate " + msg3 + "\r\n\r\n");
pw.flush();
int blank = 0;
while ((t = br.readLine()) != null) {
if (t.trim().length() < 1) {
blank++;
}
if (blank > 1) {
break;
}
if (blank == 1) {
body.append(t);
body.append("\n");
}
}
br.close();
pw.close();
s.close();
return body.toString();
} catch (Exception ex) {
throw ex;
}
}