You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Zach Calvert <za...@gmail.com> on 2011/01/11 21:18:34 UTC
Accept Self-Signed Certificate
I am writing internal test code chatting to an internal test server
with a self signed certificate. The team is distributed and I am not
an admin on our build servers so I cannot install the certificate into
the certificate chain (can't do this on other developer machines
anyway). The idea is that I need to be able to execute SOAP APIs
built using the mvn plugin for wsdl2code and the abd bindings (not
XMLBeans). The server will not accept clear port SOAP commands for
authentication, but we are entirely willing to accept
man-in-the-middle attacks as a risk since we're executing code on an
internally managed network and this is not public facing code.
I have searched the mailing lists, documentation, and various
blogs/dev wikis and cannot find the answer. I have tried the old
flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
(http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
this does not work with the new flavor of Axis. I have also tried
setting the default trust site manager to accept all certificates
(http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
but AXIS seems to use its own flavor from the Protocol classes. I
then tried overriding the Protocol using the sample code provided at
http://hc.apache.org/httpclient-3.x/sslguide.html. None of this seems
to work and still gets me a
Exception in thread "main" org.apache.axis2.AxisFault:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
at ZachTest.main(ZachTest.java:188)
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
... 18 more
Caused by: sun.security.validator.ValidatorException: PKIX path
building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
... 29 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 35 more
Is there ANY support to override SSL validation for Apache AXIS SOAP
calls using wsdl2java generated code?
Thanks,
Zach
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
RE: Accept Self-Signed Certificate
Posted by "Yashwanth Rajaram -X (yrajaram - Zensar at Cisco)" <yr...@cisco.com>.
This blog should be helpful: http://blogs.sun.com/andreas/entry/no_more_unable_to_find
-----Original Message-----
From: Asen [mailto:asen.m.asenov@gmail.com]
Sent: Friday, January 14, 2011 7:24 AM
To: java-user@axis.apache.org
Cc: axis-user@ws.apache.org
Subject: Re: Accept Self-Signed Certificate
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
You will need to accept the foreign server certificate in your java.security.
On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com> wrote:
> I am writing internal test code chatting to an internal test server
> with a self signed certificate. The team is distributed and I am not
> an admin on our build servers so I cannot install the certificate into
> the certificate chain (can't do this on other developer machines
> anyway). The idea is that I need to be able to execute SOAP APIs
> built using the mvn plugin for wsdl2code and the abd bindings (not
> XMLBeans). The server will not accept clear port SOAP commands for
> authentication, but we are entirely willing to accept
> man-in-the-middle attacks as a risk since we're executing code on an
> internally managed network and this is not public facing code.
>
> I have searched the mailing lists, documentation, and various
> blogs/dev wikis and cannot find the answer. I have tried the old
> flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
> (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
> this does not work with the new flavor of Axis. I have also tried
> setting the default trust site manager to accept all certificates
> (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
> but AXIS seems to use its own flavor from the Protocol classes. I
> then tried overriding the Protocol using the sample code provided at
> http://hc.apache.org/httpclient-3.x/sslguide.html. None of this seems
> to work and still gets me a
> Exception in thread "main" org.apache.axis2.AxisFault:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
> at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
> at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
> at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
> at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
> at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
> at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
> at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
> at vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
> at ZachTest.main(ZachTest.java:188)
> Caused by: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
> at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
> at java.io.BufferedOutputStream.flush(Unknown Source)
> at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
> ... 18 more
> Caused by: sun.security.validator.ValidatorException: PKIX path
> building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
> at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
> at sun.security.validator.Validator.validate(Unknown Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Source)
> ... 29 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
> Source)
> at java.security.cert.CertPathBuilder.build(Unknown Source)
> ... 35 more
>
>
> Is there ANY support to override SSL validation for Apache AXIS SOAP
> calls using wsdl2java generated code?
>
>
>
> Thanks,
> Zach
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
Re: Accept Self-Signed Certificate
Posted by Asen <as...@gmail.com>.
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
You will need to accept the foreign server certificate in your java.security.
On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com> wrote:
> I am writing internal test code chatting to an internal test server
> with a self signed certificate. The team is distributed and I am not
> an admin on our build servers so I cannot install the certificate into
> the certificate chain (can't do this on other developer machines
> anyway). The idea is that I need to be able to execute SOAP APIs
> built using the mvn plugin for wsdl2code and the abd bindings (not
> XMLBeans). The server will not accept clear port SOAP commands for
> authentication, but we are entirely willing to accept
> man-in-the-middle attacks as a risk since we're executing code on an
> internally managed network and this is not public facing code.
>
> I have searched the mailing lists, documentation, and various
> blogs/dev wikis and cannot find the answer. I have tried the old
> flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
> (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
> this does not work with the new flavor of Axis. I have also tried
> setting the default trust site manager to accept all certificates
> (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
> but AXIS seems to use its own flavor from the Protocol classes. I
> then tried overriding the Protocol using the sample code provided at
> http://hc.apache.org/httpclient-3.x/sslguide.html. None of this seems
> to work and still gets me a
> Exception in thread "main" org.apache.axis2.AxisFault:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
> at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
> at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
> at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
> at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
> at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
> at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
> at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
> at vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
> at ZachTest.main(ZachTest.java:188)
> Caused by: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
> at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
> at java.io.BufferedOutputStream.flush(Unknown Source)
> at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
> ... 18 more
> Caused by: sun.security.validator.ValidatorException: PKIX path
> building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
> at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
> at sun.security.validator.Validator.validate(Unknown Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Source)
> ... 29 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
> Source)
> at java.security.cert.CertPathBuilder.build(Unknown Source)
> ... 35 more
>
>
> Is there ANY support to override SSL validation for Apache AXIS SOAP
> calls using wsdl2java generated code?
>
>
>
> Thanks,
> Zach
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
Re: host param in axis2.xml set with AxisConfiguration
Posted by Srinath Perera <sr...@wso2.com>.
it is something like
configcontextobj.getAxisConfiguration().addParameter(name, value)
--Srinath
On Thu, Jan 13, 2011 at 10:11 PM, Bartolomeo Nicolotti
<bn...@siapcn.it> wrote:
> Hello,
>
> could you please show us an example?
>
> Many thanks
>
> Best regards
>
> Bartolomeo
>
> Il giorno gio, 13/01/2011 alle 09.37 +0530, Amila Suriarachchi ha
> scritto:
>>
>>
>> On Wed, Jan 12, 2011 at 9:54 PM, Bartolomeo Nicolotti
>> <bn...@siapcn.it> wrote:
>> Hello,
>>
>> I've set the "hostname" parameter in axis2.xml by hand:
>>
>> <parameter name="hostname"
>> locked="true">aaa.bbb.ccc.ddd</parameter>
>>
>> The problme is that we've different servers, so we've to keep
>> a
>> different axis2.xml for each one, and this is not good.
>>
>> We've already the value
>>
>> aaa.bbb.ccc.ddd
>>
>> for each server in another configuration file, is it possible
>> to set the
>> parameter
>>
>> hostname
>>
>> from java with
>>
>> ConfigurationContext
>> AxisConfiguration
>>
>>
>> yes you can. if you have access to configuration context at some of
>> your custom code.
>>
>> thanks,
>> Amila.
>>
>> Many thanks
>>
>> Best regards
>>
>> Bartolomeo
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>> For additional commands, e-mail:
>> java-user-help@axis.apache.org
>>
>>
>>
>>
>> --
>> Amila Suriarachchi
>> WSO2 Inc.
>> blog: http://amilachinthaka.blogspot.com/
> --
> ____________________________________________________________
> Bartolomeo Nicolotti - Reparto Sviluppo - SIAP s.r.l.
> Via Sant'Albano, 13 - 12049 Trinità (CN) Italy
> Tel. (+39) 0172 652511 - Fax (+39) 0172 652519
> E-mail: bnicolotti@siapcn.it - URL: www.siapcn.it
> Codice Fiscale, Partita IVA, Iscr. Reg. Imprese di Cuneo: 01871320048
> Capitale Sociale: € 99.000,00 i.v. - R.E.A. CN 141311
> ____________________________________________________________
>
> Le informazioni contenute nella presente comunicazione e i relativi
> allegati possono essere riservate e sono, comunque, destinate
> esclusivamente alle persone o alla Società sopraindicati. La
> comunicazione, diffusione, distribuzione e/o copiatura del documento
> trasmesso nonché qualsiasi forma di trattamento dei dati ivi contenuti
> da parte di qualsiasi soggetto diverso dal destinatario è proibita, sia
> ai sensi dell'art. 616 c.p., che ai sensi del D. Lgs. n. 196/2003, ed in
> ogni caso espressamente inibita. Se avete ricevuto questo messaggio per
> errore, vi preghiamo di distruggerlo e di informarci immediatamente per
> telefono allo 0172/652511 o inviando un messaggio all'indirizzo:
> info@siapcn.it
> ____________________________________________________________
>
> This electronic mail transmission, including any accompanying documents
> or attachments, may contain information that is confidential,
> privileged, proprietary, or otherwise legally exempt from disclosure and
> it's intended solely for the addressee(s). Access to this Internet
> electronic mail message by anyone else is unauthorized. If you are not
> the intended recipient, any disclosure, copying, distribution or any
> action taken or omitted to be taken in reliance on it is prohibited and
> may be unlawful. If you have received this electronic mail erroneously,
> we ask you to to destroy it and let us know immediately by phone
> at 0172/652511 or by sending an e-mail at info@siapcn.it
> ____________________________________________________________
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
>
>
--
============================
Srinath Perera, Ph.D.
Senior Software Architect, WSO2 Inc.
Visiting Lecturer, University of Moratuwa
Member, Apache Software Foundation
Research Scientist, Lanka Software Foundation
Blog: http://srinathsview.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
Re: host param in axis2.xml set with AxisConfiguration
Posted by Bartolomeo Nicolotti <bn...@siapcn.it>.
Hello,
could you please show us an example?
Many thanks
Best regards
Bartolomeo
Il giorno gio, 13/01/2011 alle 09.37 +0530, Amila Suriarachchi ha
scritto:
>
>
> On Wed, Jan 12, 2011 at 9:54 PM, Bartolomeo Nicolotti
> <bn...@siapcn.it> wrote:
> Hello,
>
> I've set the "hostname" parameter in axis2.xml by hand:
>
> <parameter name="hostname"
> locked="true">aaa.bbb.ccc.ddd</parameter>
>
> The problme is that we've different servers, so we've to keep
> a
> different axis2.xml for each one, and this is not good.
>
> We've already the value
>
> aaa.bbb.ccc.ddd
>
> for each server in another configuration file, is it possible
> to set the
> parameter
>
> hostname
>
> from java with
>
> ConfigurationContext
> AxisConfiguration
>
>
> yes you can. if you have access to configuration context at some of
> your custom code.
>
> thanks,
> Amila.
>
> Many thanks
>
> Best regards
>
> Bartolomeo
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail:
> java-user-help@axis.apache.org
>
>
>
>
> --
> Amila Suriarachchi
> WSO2 Inc.
> blog: http://amilachinthaka.blogspot.com/
--
____________________________________________________________
Bartolomeo Nicolotti - Reparto Sviluppo - SIAP s.r.l.
Via Sant'Albano, 13 - 12049 Trinità (CN) Italy
Tel. (+39) 0172 652511 - Fax (+39) 0172 652519
E-mail: bnicolotti@siapcn.it - URL: www.siapcn.it
Codice Fiscale, Partita IVA, Iscr. Reg. Imprese di Cuneo: 01871320048
Capitale Sociale: € 99.000,00 i.v. - R.E.A. CN 141311
____________________________________________________________
Le informazioni contenute nella presente comunicazione e i relativi
allegati possono essere riservate e sono, comunque, destinate
esclusivamente alle persone o alla Società sopraindicati. La
comunicazione, diffusione, distribuzione e/o copiatura del documento
trasmesso nonché qualsiasi forma di trattamento dei dati ivi contenuti
da parte di qualsiasi soggetto diverso dal destinatario è proibita, sia
ai sensi dell'art. 616 c.p., che ai sensi del D. Lgs. n. 196/2003, ed in
ogni caso espressamente inibita. Se avete ricevuto questo messaggio per
errore, vi preghiamo di distruggerlo e di informarci immediatamente per
telefono allo 0172/652511 o inviando un messaggio all'indirizzo:
info@siapcn.it
____________________________________________________________
This electronic mail transmission, including any accompanying documents
or attachments, may contain information that is confidential,
privileged, proprietary, or otherwise legally exempt from disclosure and
it's intended solely for the addressee(s). Access to this Internet
electronic mail message by anyone else is unauthorized. If you are not
the intended recipient, any disclosure, copying, distribution or any
action taken or omitted to be taken in reliance on it is prohibited and
may be unlawful. If you have received this electronic mail erroneously,
we ask you to to destroy it and let us know immediately by phone
at 0172/652511 or by sending an e-mail at info@siapcn.it
____________________________________________________________
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
Re: host param in axis2.xml set with AxisConfiguration
Posted by Amila Suriarachchi <am...@gmail.com>.
On Wed, Jan 12, 2011 at 9:54 PM, Bartolomeo Nicolotti
<bn...@siapcn.it>wrote:
> Hello,
>
> I've set the "hostname" parameter in axis2.xml by hand:
>
> <parameter name="hostname" locked="true">aaa.bbb.ccc.ddd</parameter>
>
> The problme is that we've different servers, so we've to keep a
> different axis2.xml for each one, and this is not good.
>
> We've already the value
>
> aaa.bbb.ccc.ddd
>
> for each server in another configuration file, is it possible to set the
> parameter
>
> hostname
>
> from java with
>
> ConfigurationContext
> AxisConfiguration
>
>
yes you can. if you have access to configuration context at some of your
custom code.
thanks,
Amila.
> Many thanks
>
> Best regards
>
> Bartolomeo
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
>
>
--
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/
host param in axis2.xml set with AxisConfiguration
Posted by Bartolomeo Nicolotti <bn...@siapcn.it>.
Hello,
I've set the "hostname" parameter in axis2.xml by hand:
<parameter name="hostname" locked="true">aaa.bbb.ccc.ddd</parameter>
The problme is that we've different servers, so we've to keep a
different axis2.xml for each one, and this is not good.
We've already the value
aaa.bbb.ccc.ddd
for each server in another configuration file, is it possible to set the
parameter
hostname
from java with
ConfigurationContext
AxisConfiguration
Many thanks
Best regards
Bartolomeo
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
RE: Accept Self-Signed Certificate
Posted by George Stanchev <Gs...@serena.com>.
Asen,
Sometimes application developers do not have a full control over the deployment JVM and its settings (including the trusted certificates store). In addition, his client might be deployed in an application server where you could have number of other applications running on the same JVM which he might not want to trust the remote server. Or even on application level, a certain domains can be configured to be trusted and others not. Importing self-signed (or not well known) certificate in cacerts is a limited fix that doesn't work in all use cases.
George
-----Original Message-----
From: Asen [mailto:asen.m.asenov@gmail.com]
Sent: Friday, January 14, 2011 11:31 AM
To: java-user@axis.apache.org
Subject: Re: Accept Self-Signed Certificate
Not really.
This error has nothing to do with Axis itself, but please anyone can correct me.
It is your java certs.
Write little program to ping the remote server and download its cert.
Then import it into your java cert file.
That worked for me, and it is the way I took to overcome it.
On Fri, Jan 14, 2011 at 10:03 AM, Afkham Azeez <af...@gmail.com> wrote:
> Doesn't
>
> stub._getServiceClient().getOptions().setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER,
> new Protocol("https",(ProtocolSocketFactory)new
> SSLProtocolSocketFactory(sslCtx),443));
>
> do that?
>
> On Fri, Jan 14, 2011 at 7:39 PM, Zach Calvert <za...@gmail.com> wrote:
>>
>> This works fine for allowing java.net SSL access, but Apache Axis
>> doesn't expose APIs to send this into its SSL checking mechanism.
>>
>>
>>
>> Zach
>>
>>
>> On Tue, Jan 11, 2011 at 10:07 PM, Afkham Azeez <af...@gmail.com> wrote:
>> > Check the class level doc comment
>> >
>> > in https://svn.apache.org/repos/asf/axis/axis2/java/core/trunk/modules/kernel/src/org/apache/axis2/java/security/TrustAllTrustManager.java
>> > Is that what you are looking for?
>> >
>> > On Wed, Jan 12, 2011 at 2:37 AM, Zach Calvert <za...@gmail.com>
>> > wrote:
>> >>
>> >> Also, I was looking at
>> >> http://www.mail-archive.com/axis-user@ws.apache.org/msg21872.html and
>> >> this method doesn't seem to work either, mostly because the dots are
>> >> not connected for the part
>> >> "
>> >> In your SSLSocketFactory, override the "private static TrustManager[]
>> >> createTrustManagers(final KeyStore keystore)" method.
>> >> And create your own X509TrustManager to trust all certs.
>> >> "
>> >> since this function doesn't seem to exist in
>> >>
>> >>
>> >> http://download.oracle.com/javase/1.4.2/docs/api/javax/net/ssl/SSLSocketFactory.html
>> >>
>> >> Any ideas?
>> >>
>> >>
>> >> On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com>
>> >> wrote:
>> >> > I am writing internal test code chatting to an internal test server
>> >> > with a self signed certificate. The team is distributed and I am not
>> >> > an admin on our build servers so I cannot install the certificate
>> >> > into
>> >> > the certificate chain (can't do this on other developer machines
>> >> > anyway). The idea is that I need to be able to execute SOAP APIs
>> >> > built using the mvn plugin for wsdl2code and the abd bindings (not
>> >> > XMLBeans). The server will not accept clear port SOAP commands for
>> >> > authentication, but we are entirely willing to accept
>> >> > man-in-the-middle attacks as a risk since we're executing code on an
>> >> > internally managed network and this is not public facing code.
>> >> >
>> >> > I have searched the mailing lists, documentation, and various
>> >> > blogs/dev wikis and cannot find the answer. I have tried the old
>> >> > flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
>> >> > (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
>> >> > this does not work with the new flavor of Axis. I have also tried
>> >> > setting the default trust site manager to accept all certificates
>> >> >
>> >> >
>> >> > (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
>> >> > but AXIS seems to use its own flavor from the Protocol classes. I
>> >> > then tried overriding the Protocol using the sample code provided at
>> >> > http://hc.apache.org/httpclient-3.x/sslguide.html. None of this
>> >> > seems
>> >> > to work and still gets me a
>> >> > Exception in thread "main" org.apache.axis2.AxisFault:
>> >> > sun.security.validator.ValidatorException: PKIX path building failed:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> >> > find valid certification path to requested target
>> >> > at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
>> >> > at
>> >> > org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
>> >> > at
>> >> > org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
>> >> > at
>> >> >
>> >> > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
>> >> > at
>> >> >
>> >> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>> >> > at
>> >> >
>> >> > org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>> >> > at
>> >> >
>> >> > vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
>> >> > at ZachTest.main(ZachTest.java:188)
>> >> > Caused by: javax.net.ssl.SSLHandshakeException:
>> >> > sun.security.validator.ValidatorException: PKIX path building failed:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> >> > find valid certification path to requested target
>> >> > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown
>> >> > Source)
>> >> > at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
>> >> > at java.io.BufferedOutputStream.flush(Unknown Source)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
>> >> > ... 18 more
>> >> > Caused by: sun.security.validator.ValidatorException: PKIX path
>> >> > building failed:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> >> > find valid certification path to requested target
>> >> > at sun.security.validator.PKIXValidator.doBuild(Unknown
>> >> > Source)
>> >> > at sun.security.validator.PKIXValidator.engineValidate(Unknown
>> >> > Source)
>> >> > at sun.security.validator.Validator.validate(Unknown Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
>> >> > Source)
>> >> > ... 29 more
>> >> > Caused by:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException:
>> >> > unable to find valid certification path to requested target
>> >> > at
>> >> > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
>> >> > Source)
>> >> > at java.security.cert.CertPathBuilder.build(Unknown Source)
>> >> > ... 35 more
>> >> >
>> >> >
>> >> > Is there ANY support to override SSL validation for Apache AXIS SOAP
>> >> > calls using wsdl2java generated code?
>> >> >
>> >> >
>> >> >
>> >> > Thanks,
>> >> > Zach
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>> >> For additional commands, e-mail: java-user-help@axis.apache.org
>> >>
>> >
>> >
>> >
>> > --
>> > Afkham Azeez
>> > Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
>> >
>> > Member; Apache Software Foundation; http://www.apache.org/
>> > email: azeez@wso2.com cell: +94 77 3320919
>> > blog: http://blog.afkham.org
>> > twitter: http://twitter.com/afkham_azeez
>> > linked-in: http://lk.linkedin.com/in/afkhamazeez
>> >
>> > Lean . Enterprise . Middleware
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>> For additional commands, e-mail: java-user-help@axis.apache.org
>>
>
>
>
> --
> Afkham Azeez
> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
>
> Member; Apache Software Foundation; http://www.apache.org/
> email: azeez@wso2.com cell: +94 77 3320919
> blog: http://blog.afkham.org
> twitter: http://twitter.com/afkham_azeez
> linked-in: http://lk.linkedin.com/in/afkhamazeez
>
> Lean . Enterprise . Middleware
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
Re: Accept Self-Signed Certificate
Posted by Asen <as...@gmail.com>.
Not really.
This error has nothing to do with Axis itself, but please anyone can correct me.
It is your java certs.
Write little program to ping the remote server and download its cert.
Then import it into your java cert file.
That worked for me, and it is the way I took to overcome it.
On Fri, Jan 14, 2011 at 10:03 AM, Afkham Azeez <af...@gmail.com> wrote:
> Doesn't
>
> stub._getServiceClient().getOptions().setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER,
> new Protocol("https",(ProtocolSocketFactory)new
> SSLProtocolSocketFactory(sslCtx),443));
>
> do that?
>
> On Fri, Jan 14, 2011 at 7:39 PM, Zach Calvert <za...@gmail.com> wrote:
>>
>> This works fine for allowing java.net SSL access, but Apache Axis
>> doesn't expose APIs to send this into its SSL checking mechanism.
>>
>>
>>
>> Zach
>>
>>
>> On Tue, Jan 11, 2011 at 10:07 PM, Afkham Azeez <af...@gmail.com> wrote:
>> > Check the class level doc comment
>> >
>> > in https://svn.apache.org/repos/asf/axis/axis2/java/core/trunk/modules/kernel/src/org/apache/axis2/java/security/TrustAllTrustManager.java
>> > Is that what you are looking for?
>> >
>> > On Wed, Jan 12, 2011 at 2:37 AM, Zach Calvert <za...@gmail.com>
>> > wrote:
>> >>
>> >> Also, I was looking at
>> >> http://www.mail-archive.com/axis-user@ws.apache.org/msg21872.html and
>> >> this method doesn't seem to work either, mostly because the dots are
>> >> not connected for the part
>> >> "
>> >> In your SSLSocketFactory, override the "private static TrustManager[]
>> >> createTrustManagers(final KeyStore keystore)" method.
>> >> And create your own X509TrustManager to trust all certs.
>> >> "
>> >> since this function doesn't seem to exist in
>> >>
>> >>
>> >> http://download.oracle.com/javase/1.4.2/docs/api/javax/net/ssl/SSLSocketFactory.html
>> >>
>> >> Any ideas?
>> >>
>> >>
>> >> On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com>
>> >> wrote:
>> >> > I am writing internal test code chatting to an internal test server
>> >> > with a self signed certificate. The team is distributed and I am not
>> >> > an admin on our build servers so I cannot install the certificate
>> >> > into
>> >> > the certificate chain (can't do this on other developer machines
>> >> > anyway). The idea is that I need to be able to execute SOAP APIs
>> >> > built using the mvn plugin for wsdl2code and the abd bindings (not
>> >> > XMLBeans). The server will not accept clear port SOAP commands for
>> >> > authentication, but we are entirely willing to accept
>> >> > man-in-the-middle attacks as a risk since we're executing code on an
>> >> > internally managed network and this is not public facing code.
>> >> >
>> >> > I have searched the mailing lists, documentation, and various
>> >> > blogs/dev wikis and cannot find the answer. I have tried the old
>> >> > flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
>> >> > (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
>> >> > this does not work with the new flavor of Axis. I have also tried
>> >> > setting the default trust site manager to accept all certificates
>> >> >
>> >> >
>> >> > (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
>> >> > but AXIS seems to use its own flavor from the Protocol classes. I
>> >> > then tried overriding the Protocol using the sample code provided at
>> >> > http://hc.apache.org/httpclient-3.x/sslguide.html. None of this
>> >> > seems
>> >> > to work and still gets me a
>> >> > Exception in thread "main" org.apache.axis2.AxisFault:
>> >> > sun.security.validator.ValidatorException: PKIX path building failed:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> >> > find valid certification path to requested target
>> >> > at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
>> >> > at
>> >> >
>> >> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
>> >> > at
>> >> > org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
>> >> > at
>> >> > org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
>> >> > at
>> >> >
>> >> > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
>> >> > at
>> >> >
>> >> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>> >> > at
>> >> >
>> >> > org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>> >> > at
>> >> >
>> >> > vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
>> >> > at ZachTest.main(ZachTest.java:188)
>> >> > Caused by: javax.net.ssl.SSLHandshakeException:
>> >> > sun.security.validator.ValidatorException: PKIX path building failed:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> >> > find valid certification path to requested target
>> >> > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
>> >> > Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown
>> >> > Source)
>> >> > at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown
>> >> > Source)
>> >> > at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
>> >> > at java.io.BufferedOutputStream.flush(Unknown Source)
>> >> > at
>> >> >
>> >> > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
>> >> > ... 18 more
>> >> > Caused by: sun.security.validator.ValidatorException: PKIX path
>> >> > building failed:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> >> > find valid certification path to requested target
>> >> > at sun.security.validator.PKIXValidator.doBuild(Unknown
>> >> > Source)
>> >> > at sun.security.validator.PKIXValidator.engineValidate(Unknown
>> >> > Source)
>> >> > at sun.security.validator.Validator.validate(Unknown Source)
>> >> > at
>> >> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
>> >> > Source)
>> >> > at
>> >> >
>> >> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
>> >> > Source)
>> >> > ... 29 more
>> >> > Caused by:
>> >> > sun.security.provider.certpath.SunCertPathBuilderException:
>> >> > unable to find valid certification path to requested target
>> >> > at
>> >> > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
>> >> > Source)
>> >> > at java.security.cert.CertPathBuilder.build(Unknown Source)
>> >> > ... 35 more
>> >> >
>> >> >
>> >> > Is there ANY support to override SSL validation for Apache AXIS SOAP
>> >> > calls using wsdl2java generated code?
>> >> >
>> >> >
>> >> >
>> >> > Thanks,
>> >> > Zach
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>> >> For additional commands, e-mail: java-user-help@axis.apache.org
>> >>
>> >
>> >
>> >
>> > --
>> > Afkham Azeez
>> > Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
>> >
>> > Member; Apache Software Foundation; http://www.apache.org/
>> > email: azeez@wso2.com cell: +94 77 3320919
>> > blog: http://blog.afkham.org
>> > twitter: http://twitter.com/afkham_azeez
>> > linked-in: http://lk.linkedin.com/in/afkhamazeez
>> >
>> > Lean . Enterprise . Middleware
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>> For additional commands, e-mail: java-user-help@axis.apache.org
>>
>
>
>
> --
> Afkham Azeez
> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
>
> Member; Apache Software Foundation; http://www.apache.org/
> email: azeez@wso2.com cell: +94 77 3320919
> blog: http://blog.afkham.org
> twitter: http://twitter.com/afkham_azeez
> linked-in: http://lk.linkedin.com/in/afkhamazeez
>
> Lean . Enterprise . Middleware
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
Re: Accept Self-Signed Certificate
Posted by Afkham Azeez <af...@gmail.com>.
Doesn't
stub._getServiceClient().getOptions().setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER,
new Protocol("https",(ProtocolSocketFactory)new
SSLProtocolSocketFactory(sslCtx),443));
do that?
On Fri, Jan 14, 2011 at 7:39 PM, Zach Calvert <za...@gmail.com> wrote:
> This works fine for allowing java.net SSL access, but Apache Axis
> doesn't expose APIs to send this into its SSL checking mechanism.
>
>
>
> Zach
>
>
> On Tue, Jan 11, 2011 at 10:07 PM, Afkham Azeez <af...@gmail.com> wrote:
> > Check the class level doc comment
> > in
> https://svn.apache.org/repos/asf/axis/axis2/java/core/trunk/modules/kernel/src/org/apache/axis2/java/security/TrustAllTrustManager.java
> > Is that what you are looking for?
> >
> > On Wed, Jan 12, 2011 at 2:37 AM, Zach Calvert <za...@gmail.com>
> wrote:
> >>
> >> Also, I was looking at
> >> http://www.mail-archive.com/axis-user@ws.apache.org/msg21872.html and
> >> this method doesn't seem to work either, mostly because the dots are
> >> not connected for the part
> >> "
> >> In your SSLSocketFactory, override the "private static TrustManager[]
> >> createTrustManagers(final KeyStore keystore)" method.
> >> And create your own X509TrustManager to trust all certs.
> >> "
> >> since this function doesn't seem to exist in
> >>
> >>
> http://download.oracle.com/javase/1.4.2/docs/api/javax/net/ssl/SSLSocketFactory.html
> >>
> >> Any ideas?
> >>
> >>
> >> On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com>
> >> wrote:
> >> > I am writing internal test code chatting to an internal test server
> >> > with a self signed certificate. The team is distributed and I am not
> >> > an admin on our build servers so I cannot install the certificate into
> >> > the certificate chain (can't do this on other developer machines
> >> > anyway). The idea is that I need to be able to execute SOAP APIs
> >> > built using the mvn plugin for wsdl2code and the abd bindings (not
> >> > XMLBeans). The server will not accept clear port SOAP commands for
> >> > authentication, but we are entirely willing to accept
> >> > man-in-the-middle attacks as a risk since we're executing code on an
> >> > internally managed network and this is not public facing code.
> >> >
> >> > I have searched the mailing lists, documentation, and various
> >> > blogs/dev wikis and cannot find the answer. I have tried the old
> >> > flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
> >> > (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
> >> > this does not work with the new flavor of Axis. I have also tried
> >> > setting the default trust site manager to accept all certificates
> >> >
> >> > (
> http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
> >> > but AXIS seems to use its own flavor from the Protocol classes. I
> >> > then tried overriding the Protocol using the sample code provided at
> >> > http://hc.apache.org/httpclient-3.x/sslguide.html. None of this
> seems
> >> > to work and still gets me a
> >> > Exception in thread "main" org.apache.axis2.AxisFault:
> >> > sun.security.validator.ValidatorException: PKIX path building failed:
> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> >> > find valid certification path to requested target
> >> > at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
> >> > at
> >> >
> org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
> >> > at
> >> >
> org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
> >> > at
> >> >
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
> >> > at
> >> >
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> >> > at
> >> >
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> >> > at
> >> >
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> >> > at
> >> >
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> >> > at
> >> >
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
> >> > at
> >> >
> org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
> >> > at
> >> >
> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
> >> > at
> >> > org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
> >> > at
> >> >
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
> >> > at
> >> >
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
> >> > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
> >> > at
> >> >
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
> >> > at
> >> >
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
> >> > at
> >> >
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
> >> > at
> >> >
> vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
> >> > at ZachTest.main(ZachTest.java:188)
> >> > Caused by: javax.net.ssl.SSLHandshakeException:
> >> > sun.security.validator.ValidatorException: PKIX path building failed:
> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> >> > find valid certification path to requested target
> >> > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
> >> > Source)
> >> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown
> >> > Source)
> >> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
> >> > Source)
> >> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
> >> > Source)
> >> > at
> >> >
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
> >> > Source)
> >> > at
> >> > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
> Source)
> >> > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
> >> > Source)
> >> > at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
> >> > Source)
> >> > at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
> >> > Source)
> >> > at
> >> >
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> >> > Source)
> >> > at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown
> >> > Source)
> >> > at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown
> >> > Source)
> >> > at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
> >> > at java.io.BufferedOutputStream.flush(Unknown Source)
> >> > at
> >> >
> org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
> >> > ... 18 more
> >> > Caused by: sun.security.validator.ValidatorException: PKIX path
> >> > building failed:
> >> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> >> > find valid certification path to requested target
> >> > at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
> >> > at sun.security.validator.PKIXValidator.engineValidate(Unknown
> >> > Source)
> >> > at sun.security.validator.Validator.validate(Unknown Source)
> >> > at
> >> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown
> Source)
> >> > at
> >> >
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> >> > Source)
> >> > at
> >> >
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> >> > Source)
> >> > ... 29 more
> >> > Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> >> > unable to find valid certification path to requested target
> >> > at
> >> > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
> >> > Source)
> >> > at java.security.cert.CertPathBuilder.build(Unknown Source)
> >> > ... 35 more
> >> >
> >> >
> >> > Is there ANY support to override SSL validation for Apache AXIS SOAP
> >> > calls using wsdl2java generated code?
> >> >
> >> >
> >> >
> >> > Thanks,
> >> > Zach
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> >> For additional commands, e-mail: java-user-help@axis.apache.org
> >>
> >
> >
> >
> > --
> > Afkham Azeez
> > Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
> >
> > Member; Apache Software Foundation; http://www.apache.org/
> > email: azeez@wso2.com cell: +94 77 3320919
> > blog: http://blog.afkham.org
> > twitter: http://twitter.com/afkham_azeez
> > linked-in: http://lk.linkedin.com/in/afkhamazeez
> >
> > Lean . Enterprise . Middleware
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
>
>
--
*Afkham Azeez*
Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
*
*
*Member; Apache Software Foundation;
**http://www.apache.org/*<http://www.apache.org/>
*
email: **azeez@wso2.com* <az...@wso2.com>* cell: +94 77 3320919
blog: **http://blog.afkham.org* <http://blog.afkham.org>*
twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
*
linked-in: **http://lk.linkedin.com/in/afkhamazeez*
*
*
*Lean . Enterprise . Middleware*
*
*
Re: Accept Self-Signed Certificate
Posted by Zach Calvert <za...@gmail.com>.
This works fine for allowing java.net SSL access, but Apache Axis
doesn't expose APIs to send this into its SSL checking mechanism.
Zach
On Tue, Jan 11, 2011 at 10:07 PM, Afkham Azeez <af...@gmail.com> wrote:
> Check the class level doc comment
> in https://svn.apache.org/repos/asf/axis/axis2/java/core/trunk/modules/kernel/src/org/apache/axis2/java/security/TrustAllTrustManager.java
> Is that what you are looking for?
>
> On Wed, Jan 12, 2011 at 2:37 AM, Zach Calvert <za...@gmail.com> wrote:
>>
>> Also, I was looking at
>> http://www.mail-archive.com/axis-user@ws.apache.org/msg21872.html and
>> this method doesn't seem to work either, mostly because the dots are
>> not connected for the part
>> "
>> In your SSLSocketFactory, override the "private static TrustManager[]
>> createTrustManagers(final KeyStore keystore)" method.
>> And create your own X509TrustManager to trust all certs.
>> "
>> since this function doesn't seem to exist in
>>
>> http://download.oracle.com/javase/1.4.2/docs/api/javax/net/ssl/SSLSocketFactory.html
>>
>> Any ideas?
>>
>>
>> On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com>
>> wrote:
>> > I am writing internal test code chatting to an internal test server
>> > with a self signed certificate. The team is distributed and I am not
>> > an admin on our build servers so I cannot install the certificate into
>> > the certificate chain (can't do this on other developer machines
>> > anyway). The idea is that I need to be able to execute SOAP APIs
>> > built using the mvn plugin for wsdl2code and the abd bindings (not
>> > XMLBeans). The server will not accept clear port SOAP commands for
>> > authentication, but we are entirely willing to accept
>> > man-in-the-middle attacks as a risk since we're executing code on an
>> > internally managed network and this is not public facing code.
>> >
>> > I have searched the mailing lists, documentation, and various
>> > blogs/dev wikis and cannot find the answer. I have tried the old
>> > flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
>> > (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
>> > this does not work with the new flavor of Axis. I have also tried
>> > setting the default trust site manager to accept all certificates
>> >
>> > (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
>> > but AXIS seems to use its own flavor from the Protocol classes. I
>> > then tried overriding the Protocol using the sample code provided at
>> > http://hc.apache.org/httpclient-3.x/sslguide.html. None of this seems
>> > to work and still gets me a
>> > Exception in thread "main" org.apache.axis2.AxisFault:
>> > sun.security.validator.ValidatorException: PKIX path building failed:
>> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> > find valid certification path to requested target
>> > at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
>> > at
>> > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
>> > at
>> > org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
>> > at
>> > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
>> > at
>> > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
>> > at
>> > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
>> > at
>> > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
>> > at
>> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
>> > at
>> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
>> > at
>> > org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
>> > at
>> > org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
>> > at
>> > org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>> > at
>> > org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
>> > at
>> > org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
>> > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
>> > at
>> > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
>> > at
>> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>> > at
>> > org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>> > at
>> > vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
>> > at ZachTest.main(ZachTest.java:188)
>> > Caused by: javax.net.ssl.SSLHandshakeException:
>> > sun.security.validator.ValidatorException: PKIX path building failed:
>> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> > find valid certification path to requested target
>> > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
>> > Source)
>> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown
>> > Source)
>> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
>> > Source)
>> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown
>> > Source)
>> > at
>> > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
>> > Source)
>> > at
>> > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
>> > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
>> > Source)
>> > at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
>> > Source)
>> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
>> > Source)
>> > at
>> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
>> > Source)
>> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown
>> > Source)
>> > at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown
>> > Source)
>> > at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
>> > at java.io.BufferedOutputStream.flush(Unknown Source)
>> > at
>> > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
>> > ... 18 more
>> > Caused by: sun.security.validator.ValidatorException: PKIX path
>> > building failed:
>> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> > find valid certification path to requested target
>> > at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
>> > at sun.security.validator.PKIXValidator.engineValidate(Unknown
>> > Source)
>> > at sun.security.validator.Validator.validate(Unknown Source)
>> > at
>> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
>> > at
>> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
>> > Source)
>> > at
>> > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
>> > Source)
>> > ... 29 more
>> > Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
>> > unable to find valid certification path to requested target
>> > at
>> > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
>> > Source)
>> > at java.security.cert.CertPathBuilder.build(Unknown Source)
>> > ... 35 more
>> >
>> >
>> > Is there ANY support to override SSL validation for Apache AXIS SOAP
>> > calls using wsdl2java generated code?
>> >
>> >
>> >
>> > Thanks,
>> > Zach
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>> For additional commands, e-mail: java-user-help@axis.apache.org
>>
>
>
>
> --
> Afkham Azeez
> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
>
> Member; Apache Software Foundation; http://www.apache.org/
> email: azeez@wso2.com cell: +94 77 3320919
> blog: http://blog.afkham.org
> twitter: http://twitter.com/afkham_azeez
> linked-in: http://lk.linkedin.com/in/afkhamazeez
>
> Lean . Enterprise . Middleware
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org
Re: Accept Self-Signed Certificate
Posted by Afkham Azeez <af...@gmail.com>.
Check the class level doc comment in
https://svn.apache.org/repos/asf/axis/axis2/java/core/trunk/modules/kernel/src/org/apache/axis2/java/security/TrustAllTrustManager.java
Is that what you are looking for?
On Wed, Jan 12, 2011 at 2:37 AM, Zach Calvert <za...@gmail.com> wrote:
> Also, I was looking at
> http://www.mail-archive.com/axis-user@ws.apache.org/msg21872.html and
> this method doesn't seem to work either, mostly because the dots are
> not connected for the part
> "
> In your SSLSocketFactory, override the "private static TrustManager[]
> createTrustManagers(final KeyStore keystore)" method.
> And create your own X509TrustManager to trust all certs.
> "
> since this function doesn't seem to exist in
>
> http://download.oracle.com/javase/1.4.2/docs/api/javax/net/ssl/SSLSocketFactory.html
>
> Any ideas?
>
>
> On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com>
> wrote:
> > I am writing internal test code chatting to an internal test server
> > with a self signed certificate. The team is distributed and I am not
> > an admin on our build servers so I cannot install the certificate into
> > the certificate chain (can't do this on other developer machines
> > anyway). The idea is that I need to be able to execute SOAP APIs
> > built using the mvn plugin for wsdl2code and the abd bindings (not
> > XMLBeans). The server will not accept clear port SOAP commands for
> > authentication, but we are entirely willing to accept
> > man-in-the-middle attacks as a risk since we're executing code on an
> > internally managed network and this is not public facing code.
> >
> > I have searched the mailing lists, documentation, and various
> > blogs/dev wikis and cannot find the answer. I have tried the old
> > flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
> > (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
> > this does not work with the new flavor of Axis. I have also tried
> > setting the default trust site manager to accept all certificates
> > (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL
> )
> > but AXIS seems to use its own flavor from the Protocol classes. I
> > then tried overriding the Protocol using the sample code provided at
> > http://hc.apache.org/httpclient-3.x/sslguide.html. None of this seems
> > to work and still gets me a
> > Exception in thread "main" org.apache.axis2.AxisFault:
> > sun.security.validator.ValidatorException: PKIX path building failed:
> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> > find valid certification path to requested target
> > at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
> > at
> org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
> > at
> org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
> > at
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
> > at
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> > at
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> > at
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> > at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> > at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
> > at
> org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
> > at
> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
> > at
> org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
> > at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
> > at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
> > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
> > at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
> > at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
> > at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
> > at
> vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
> > at ZachTest.main(ZachTest.java:188)
> > Caused by: javax.net.ssl.SSLHandshakeException:
> > sun.security.validator.ValidatorException: PKIX path building failed:
> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> > find valid certification path to requested target
> > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
> Source)
> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown
> Source)
> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> > at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
> > Source)
> > at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
> > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
> Source)
> > at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
> Source)
> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
> Source)
> > at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> > Source)
> > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown
> Source)
> > at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown
> Source)
> > at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
> > at java.io.BufferedOutputStream.flush(Unknown Source)
> > at
> org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
> > ... 18 more
> > Caused by: sun.security.validator.ValidatorException: PKIX path
> > building failed:
> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> > find valid certification path to requested target
> > at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
> > at sun.security.validator.PKIXValidator.engineValidate(Unknown
> Source)
> > at sun.security.validator.Validator.validate(Unknown Source)
> > at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
> > at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> > Source)
> > at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> > Source)
> > ... 29 more
> > Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> > unable to find valid certification path to requested target
> > at
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
> > Source)
> > at java.security.cert.CertPathBuilder.build(Unknown Source)
> > ... 35 more
> >
> >
> > Is there ANY support to override SSL validation for Apache AXIS SOAP
> > calls using wsdl2java generated code?
> >
> >
> >
> > Thanks,
> > Zach
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
>
>
--
*Afkham Azeez*
Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com,
*
*
*Member; Apache Software Foundation;
**http://www.apache.org/*<http://www.apache.org/>
*
email: **azeez@wso2.com* <az...@wso2.com>* cell: +94 77 3320919
blog: **http://blog.afkham.org* <http://blog.afkham.org>*
twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
*
linked-in: **http://lk.linkedin.com/in/afkhamazeez*
*
*
*Lean . Enterprise . Middleware*
*
*
Re: Accept Self-Signed Certificate
Posted by Zach Calvert <za...@gmail.com>.
Also, I was looking at
http://www.mail-archive.com/axis-user@ws.apache.org/msg21872.html and
this method doesn't seem to work either, mostly because the dots are
not connected for the part
"
In your SSLSocketFactory, override the "private static TrustManager[]
createTrustManagers(final KeyStore keystore)" method.
And create your own X509TrustManager to trust all certs.
"
since this function doesn't seem to exist in
http://download.oracle.com/javase/1.4.2/docs/api/javax/net/ssl/SSLSocketFactory.html
Any ideas?
On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <za...@gmail.com> wrote:
> I am writing internal test code chatting to an internal test server
> with a self signed certificate. The team is distributed and I am not
> an admin on our build servers so I cannot install the certificate into
> the certificate chain (can't do this on other developer machines
> anyway). The idea is that I need to be able to execute SOAP APIs
> built using the mvn plugin for wsdl2code and the abd bindings (not
> XMLBeans). The server will not accept clear port SOAP commands for
> authentication, but we are entirely willing to accept
> man-in-the-middle attacks as a risk since we're executing code on an
> internally managed network and this is not public facing code.
>
> I have searched the mailing lists, documentation, and various
> blogs/dev wikis and cannot find the answer. I have tried the old
> flavor of AxisProperties.setProperty("axis.socketSecureFactory"...
> (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course
> this does not work with the new flavor of Axis. I have also tried
> setting the default trust site manager to accept all certificates
> (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL)
> but AXIS seems to use its own flavor from the Protocol classes. I
> then tried overriding the Protocol using the sample code provided at
> http://hc.apache.org/httpclient-3.x/sslguide.html. None of this seems
> to work and still gets me a
> Exception in thread "main" org.apache.axis2.AxisFault:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
> at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
> at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
> at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
> at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
> at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550)
> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189)
> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
> at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
> at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
> at vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724)
> at ZachTest.main(ZachTest.java:188)
> Caused by: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
> at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
> at java.io.BufferedOutputStream.flush(Unknown Source)
> at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
> ... 18 more
> Caused by: sun.security.validator.ValidatorException: PKIX path
> building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
> at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
> at sun.security.validator.Validator.validate(Unknown Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Source)
> ... 29 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
> Source)
> at java.security.cert.CertPathBuilder.build(Unknown Source)
> ... 35 more
>
>
> Is there ANY support to override SSL validation for Apache AXIS SOAP
> calls using wsdl2java generated code?
>
>
>
> Thanks,
> Zach
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org