You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-dev@xml.apache.org by Ed Keen <ed...@interactiveportal.com> on 2001/05/17 16:50:13 UTC
ssl: untrusted server cert chain
I am having problems getting a soap client to use ssl. My server is running
weblogic, and I can successfully connect to it using https on a browser. In
my client code, I have added these lines:
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
I also added jsse.jar to the classpath in both the client and the server.
But when I change the protocol to https on my client, I get the below error.
What am I missing?
Thanks,
Ed
-----------------------------------
java.lang.reflect.InvocationTargetException: javax.net.ssl.SSLException:
untrusted server cert chain
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-
120198])
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198
])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
at java.io.OutputStream.write(OutputStream.java:61)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120
198])
at
org.apache.soap.util.net.SSLUtils.buildSSLSocket(SSLUtils.java:98)
at java.lang.reflect.Method.invoke(Native Method)
at
org.apache.soap.util.net.HTTPUtils.buildSocket(HTTPUtils.java:117)
at org.apache.soap.util.net.HTTPUtils.post(HTTPUtils.java:165)
at
org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.ja
va:208)
at org.apache.soap.rpc.Call.invoke(Call.java:203)
at com.iportal.iws.client.SoapClient.main(SoapClient.java:69)
Caught SOAPException (SOAP-ENV:Client): Error opening socket: null
Re: ssl: untrusted server cert chain
Posted by Ram Sadasiv <rs...@quantumstream.com>.
Ed,
JSSE does not automagically perform the certificate request/import which the
browser is doing. You need to request a server certificate from the SSL server,
and then import it into your JSSE key chain:
keytool -alias servername -import -keystore $JAVA_HOME/lib/security/cacerts
-file servercertificate.crt
where servername is the server you want to connect to, and servercertificate.crt
is the x509 certificate from that server. Once you have done that, your
https:// urls should open like a (slow) charm.
HTH,
Ram Sadasiv
Ed Keen wrote:
>
> I am having problems getting a soap client to use ssl. My server is running
> weblogic, and I can successfully connect to it using https on a browser. In
> my client code, I have added these lines:
>
> System.setProperty("java.protocol.handler.pkgs",
> "com.sun.net.ssl.internal.www.protocol");
> java.security.Security.addProvider(new
> com.sun.net.ssl.internal.ssl.Provider());
>
> I also added jsse.jar to the classpath in both the client and the server.
> But when I change the protocol to https on my client, I get the below error.
> What am I missing?
>
> Thanks,
> Ed
>
> -----------------------------------
> java.lang.reflect.InvocationTargetException: javax.net.ssl.SSLException:
> untrusted server cert chain
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-
> 120198])
> at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198
> ])
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
> at java.io.OutputStream.write(OutputStream.java:61)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120
> 198])
> at
> org.apache.soap.util.net.SSLUtils.buildSSLSocket(SSLUtils.java:98)
> at java.lang.reflect.Method.invoke(Native Method)
> at
> org.apache.soap.util.net.HTTPUtils.buildSocket(HTTPUtils.java:117)
> at org.apache.soap.util.net.HTTPUtils.post(HTTPUtils.java:165)
> at
> org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.ja
> va:208)
> at org.apache.soap.rpc.Call.invoke(Call.java:203)
> at com.iportal.iws.client.SoapClient.main(SoapClient.java:69)
> Caught SOAPException (SOAP-ENV:Client): Error opening socket: null