Conexão com SSL e certificado PKCS11 - Javafree: O fórum de Java que mais cresce

cleverson
Posts:67

Publicado em: 04/11/2011 14:49:57

Ola estou tentando criar uma conexão SSL com certificado PKCS11,
e não estou encontrando a solução de um erro:

Segue o código:

package test; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.net.MalformedURLException; import java.net.URL; import java.security.cert.Certificate; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.Provider; import java.security.PublicKey; import java.security.SecureRandom; import java.security.Security; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.util.Enumeration; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; /** * * @author Cleverson */ public class StatusServicoCTe { public StatusServicoCTe() { try { String config = "name=SmartCard\n"; config += "library=C:\Windows\System32\aetpkss1.dll\n"; Provider provider = new sun.security.pkcs11.SunPKCS11(new ByteArrayInputStream(config.getBytes())); Security.addProvider(provider); char[] password = "Senha do Certificado".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS11"); keyStore.load(null, password); Enumeration aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { String alias = (String) aliases.nextElement(); Certificate certificate = keyStore.getCertificate(alias); PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password); PublicKey publicKey = certificate.getPublicKey(); System.out.println(alias); System.out.println(privateKey); System.out.println(publicKey); //System.out.println(certificate); } String xml = statusServicoXml(); String address = "https://homologacao.cte.sefaz.rs.gov.br/ws/ctestatusservico/ctestatusservico.asmx"; HttpsURLConnection connection = (HttpsURLConnection) new URL(address).openConnection(); String algorithm = KeyManagerFactory.getDefaultAlgorithm(); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(algorithm); keyManagerFactory.init(keyStore, password); KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); SSLContext context = SSLContext.getInstance("SSL"); context.init(keyManagers, null, new SecureRandom()); connection.setSSLSocketFactory(context.getSocketFactory()); connection.connect(); System.out.println(connection.getResponseCode() + " - " + connection.getResponseMessage()); OutputStream output = connection.getOutputStream(); InputStream input = connection.getInputStream(); output.write(xml.getBytes()); output.flush(); StringBuilder builder = new StringBuilder(); int value = 0; while ((value = input.read()) != -1) { builder.append((char) value); } System.out.println(new String(builder)); connection.disconnect(); } catch (CertificateException e) { e.printStackTrace(); } catch (MalformedURLException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (UnrecoverableKeyException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } } private String statusServicoXml() { StringBuilder builder = new StringBuilder(); builder.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"); builder.append("<soap12:Envelope xmlns<img src="http://javafree.uol.com.br/forum/images/smiles/icon_mad.gif">si=\"<a target="_blank" href="http://www.w3.org/2001/XMLSchema-instance\"">http://www.w3.org/2001/XMLSchema-instance\"</a> xmlns<img src="http://javafree.uol.com.br/forum/images/smiles/icon_mad.gif">sd=\"<a target="_blank" href="http://www.w3.org/2001/XMLSchema\"">http://www.w3.org/2001/XMLSchema\"</a> xmlns:soap12=\"<a target="_blank" href="http://www.w3.org/2003/05/soap-envelope\">");">http://www.w3.org/2003/05/soap-envelope\">");</a> builder.append("<soap12:Header>"); builder.append("<cteCabecMsg xmlns=\"<a target="_blank" href="http://www.portalfiscal.inf.br/cte/wsdl/CteStatusServico\">");">http://www.portalfiscal.inf.br/cte/wsdl/CteStatusServico\">");</a> builder.append("<cUF>41</cUF>"); builder.append("<versaoDados>1.03</versaoDados>"); builder.append("</cteCabecMsg>"); builder.append("</soap12:Header>"); builder.append("<soap12:Body>"); builder.append("<cteDadosMsg xmlns=\"<a target="_blank" href="http://www.portalfiscal.inf.br/cte/wsdl/CteStatusServico\">");">http://www.portalfiscal.inf.br/cte/wsdl/CteStatusServico\">");</a> builder.append("<consStatServCte xmlns=\"<a target="_blank" href="http://www.portalfiscal.inf.br/cte\"">http://www.portalfiscal.inf.br/cte\"</a> versao=\"1.03\">"); builder.append("<tpAmb>2</tpAmb>"); builder.append("<xServ>STATUS</xServ>"); builder.append("</consStatServCte>"); builder.append("</cteDadosMsg>"); builder.append("</soap12:Body>"); builder.append("</soap12:Envelope>"); return new String(builder); } }

A exessão que ocorre é a seguinte:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133) at test.StatusServicoCTe.<init>(StatusServicoCTe.java:84) at main.Main.main(Main.java:17) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) at sun.security.validator.Validator.validate(Validator.java:21<img src="http://javafree.uol.com.br/forum/images/smiles/icon_cool.gif"> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954) ... 12 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:23<img src="http://javafree.uol.com.br/forum/images/smiles/icon_cool.gif"> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280) ... 18 more

Relacionados

Escrita de diferentes classes formatadas
http://javafree.uol.com.br/topic-890535-Escrita-de-diferentes-classes-formatadas.html

Classes POJO, Hibernate e Banco de Dados
http://javafree.uol.com.br/topic-890594-Classes-POJO-Hibernate-e-Banco-de-Dados.html

[RESOLVIDO]<p:fileUpload - Erro
http://javafree.uol.com.br/topic-890604-RESOLVIDOltp-fileUpload-Erro.html

JTable editável [RESOLVIDO]
http://javafree.uol.com.br/topic-859561-JTable-editavel-RESOLVIDO.html

cannot find symbol symbol: method name() Bean
http://javafree.uol.com.br/topic-890618-cannot-find-symbol--symbol--method-name-Bean.html