You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Dhananjay Makwana <ma...@semandex.net> on 2006/07/25 16:28:00 UTC
RE: [Axis2]: accept/handle HTTPS (SSL) self-signed certificate
Resending following the "Mailing Guidelines". I am not sure whether this is
the right forum but figured I will try here first.
Your help is much appreciated,
-Jay
> -----Original Message-----
> From: Dhananjay Makwana [mailto:makwana@semandex.net]
> Sent: Monday, July 24, 2006 5:46 PM
> To: axis-user@ws.apache.org
> Cc: My Self
> Subject: axis2: accept/handle HTTPS (SSL) self-signed certificate
>
> Hi,
>
> I am writing a client to a web service that is running over HTTPS/SSL and
> is
> using self-signed certificate. I am using axis2 version 1.0 and am getting
> "sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find
> valid certification path to requested target". The complete stack trace is
> below.
>
> Now on commons httpclient site they mention that (from
> http://jakarta.apache.org/commons/httpclient/sslguide.html) :
> The default behaviour of HttpClient is suitable for most uses, however
> there
> are some aspects which you may want to configure. The most common
> requirements for customizing SSL are:
>
> * Ability to accept self-signed or untrusted SSL certificates. This is
> highlighted by an SSLException with the message Unrecognized SSL handshake
> (or similar) being thrown when a connection attempt is made.
> * You want to use a third party SSL library instead of Sun's default
> implementation.
>
>
>
> So, I am wondering as to whether there is any support in axis2 for doing
> this. I know there is a way to get the certificate and import it into
> local
> keystore/truststore using "keytool" tool from Sun but that is my last
> option.
>
> Thanks in advance.
>
> -Jay
>
> Exception trace:
> 15:46:06,949 DEBUG [org.apache.commons.httpclient.HttpMethodDirector]
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMeth
> od
> Director.java:378) Attempt number 1 to process request
> 15:47:01,589 DEBUG [org.apache.commons.httpclient.HttpMethodDirector]
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMeth
> od
> Director.java:403) Closing the connection.
> 15:47:22,730 INFO [org.apache.commons.httpclient.HttpMethodDirector]
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMeth
> od
> Director.java:438) I/O exception (org.apache.axis2.AxisFault) caught when
> processing request: sun.security.validator.ValidatorException: PKIX path
> building failed:
> sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target; nested
> exception is:
> com.ctc.wstx.exc.WstxIOException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> 15:47:26,902 DEBUG [org.apache.commons.httpclient.HttpMethodDirector]
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMeth
> od
> Director.java:442) sun.security.validator.ValidatorException: PKIX path
> building failed:
> sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target; nested
> exception is:
> com.ctc.wstx.exc.WstxIOException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> org.apache.axis2.AxisFault: sun.security.validator.ValidatorException:
> PKIX
> path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target; nested exception is:
> com.ctc.wstx.exc.WstxIOException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> at
> org.apache.axis2.transport.http.SOAPOverHTTPSender$AxisSOAPRequestEntity.w
> ri
> teRequest(SOAPOverHTTPSender.java:194)
> at
> org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBo
> dy
> (EntityEnclosingMethod.java:495)
> at
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.j
> av
> a:1973)
> at
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:9
> 93
> )
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMeth
> od
> Director.java:397)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodD
> ir
> ector.java:170)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396
> )
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346
> )
> at
> org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractH
> TT
> PSender.java:530)
> at
> org.apache.axis2.transport.http.SOAPOverHTTPSender.send(SOAPOverHTTPSender
> .j
> ava:92)
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWit
> hC
> ommons(CommonsHTTPTransportSender.java:299)
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsH
> TT
> PTransportSender.java:207)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:589)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperat
> io
> n.java:328)
> at
> org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOpe
> ra
> tion.java:279)
> at
> net.semandex.adaptor.seaweb.webservice.QPS_x0020_Influx_x0020_GatewayStub.
> Ge
> tTargetsInArea(QPS_x0020_Influx_x0020_GatewayStub.java:637)
> at
> net.semandex.adaptor.seaweb.webservice.WebServiceTestCase.testGetTargetsIn
> Ar
> ea(WebServiceTestCase.java:203)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> 39
> )
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorIm
> pl
> .java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at junit.framework.TestCase.runTest(TestCase.java:154)
> at junit.framework.TestCase.runBare(TestCase.java:127)
> at junit.framework.TestResult$1.protect(TestResult.java:106)
> at junit.framework.TestResult.runProtected(TestResult.java:124)
> at junit.framework.TestResult.run(TestResult.java:109)
> at junit.framework.TestCase.run(TestCase.java:118)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTest
> Ru
> nner.java:478)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunne
> r.
> java:344)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunn
> er
> .java:196)
> Caused by: com.ctc.wstx.exc.WstxIOException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> at
> com.ctc.wstx.sw.BaseStreamWriter.safeFlushStream(BaseStreamWriter.java:143
> 9)
> at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313)
> at
> org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.jav
> a:
> 119)
> at
> org.apache.axiom.om.impl.llom.OMNodeImpl.serializeAndConsume(OMNodeImpl.ja
> va
> :382)
> at
> org.apache.axis2.transport.http.SOAPOverHTTPSender$AxisSOAPRequestEntity.h
> an
> dleOMOutput(SOAPOverHTTPSender.java:145)
> at
> org.apache.axis2.transport.http.SOAPOverHTTPSender$AxisSOAPRequestEntity.w
> ri
> teRequest(SOAPOverHTTPSender.java:180)
> ... 29 more
> Caused by: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHand
> sh
> aker.java:847)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandsha
> ke
> r.java:106)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433
> )
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:8
> 15
> )
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSock
> et
> Impl.java:1025)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:
> 61
> 9)
> at
> com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59
> )
> at
> java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
> at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
> at
> org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStrea
> m.
> java:190)
> at
> sun.nio.cs.StreamEncoder$CharsetSE.implFlush(StreamEncoder.java:410)
> at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152)
> at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213)
> at java.io.BufferedWriter.flush(BufferedWriter.java:236)
> at
> com.ctc.wstx.sw.BaseStreamWriter.flushStream(BaseStreamWriter.java:1430)
> at
> com.ctc.wstx.sw.BaseStreamWriter.safeFlushStream(BaseStreamWriter.java:143
> 7)
> ... 34 more
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
> to find valid certification path to requested target
> at
> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
> at
> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145
> )
> at sun.security.validator.Validator.validate(Validator.java:203)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509T
> ru
> stManagerImpl.java:172)
> at
> com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLCo
> nt
> extImpl.java:320)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHand
> sh
> aker.java:840)
> ... 50 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathB
> ui
> lder.java:236)
> at
> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
> at
> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
> ... 55 more
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org