• Installing Eclipse Plug-ins from an Update Site with a self-signed certificate


    If you try and connect to a p2 repository on a server with a self-signed cert, you will more than likely hit the following error.

    Looking closely at the log, and you will see:

    javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
     at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
     at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
     at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
     at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:150)
     at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
     at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:575)
     at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
     at org.eclipse.ecf.provider.filetransfer.httpclient4.HttpClientFileSystemBrowser.runRequest(HttpClientFileSystemBrowser.java:263)
     at org.eclipse.ecf.provider.filetransfer.browse.AbstractFileSystemBrowser$DirectoryJob.run(AbstractFileSystemBrowser.java:69)
     at org.eclipse.core.internal.jobs.Worker.run(Worker:53)

    Because this certificate was not issued by a ‘trusted’ source, and thus cannot be verified for authenticity, the transport layer rejects it.

    Solution:

    While Eclipse and p2 doesn’t offer any nice support out-of-the-box, you can easily get around this problem by installing the root certificate (or the certificate itself) into a truststore on your machine, and then use that truststore when starting Eclipse.

    To install a certificate into a custom trust store, simply:

    keytool -import -file D:GoagentlocalCA.crt -storepass changeit -keystore D:Javajrelibsecuritycacerts -alias goagent
    keytool -list -storepass changeit -keystore D:Javajrelibsecuritycacerts

    Now, when you start Eclipse, add the following arguments to your eclipse.ini file.

    -vm
    D:/Java/bin/javaw.exe
    -startup
    plugins/org.eclipse.equinox.launcher_1.3.0.v20120522-1813.jar
    --launcher.library
    plugins/org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20120522-1813
    -showsplash
    org.eclipse.platform
    --launcher.defaultAction
    openFile
    -vmargs
    -Xms512m
    -Xmx512m
    -XX:PermSize=256m
    -XX:MaxPermSize=256m
    -Dsun.lang.ClassLoader.allowArraySyntax=true
    
    -Djavax.net.ssl.trustStore=D:Javajrelibsecuritycacerts
    -Djavax.net.ssl.trustStorePassword=changeit

    When you connect to the update site (p2 repository), the transport layer will be able to validate the self-signed certificate. If the site requires authentication you will even be prompted for a username / password:

     

  • 相关阅读:
    网络攻击技术:SQL Injection(sql注入)
    人生若只如初见,何事秋风悲画扇
    TCPClient、TCPListener的用法
    C#中时间的Ticks属性
    string.Empty、" "、null 三者之间的区别
    telnet的使用解析
    public DataTable ExecuteQuery(string sql) 这段话具体意思
    C#中三层架构UI、BLL、DAL、Model详解(送给自学的初学者)
    数据库三层架构
    获取SQL Server数据库的表结构的做法
  • 原文地址:https://www.cnblogs.com/sos-blue/p/3515835.html
Copyright © 2020-2023  润新知