camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From contactreji <contactr...@gmail.com>
Subject Re: Using SSL Certificates and connecting to https:// port -Truststore files provided
Date Sat, 24 Aug 2013 07:16:20 GMT
Hi William

I am getting a HANDSHAKE exception in the case now. I gave the proper path
to the jks file still its showing the following exception.
"unable to find valid certification path to requested target"

Please find my error log 


Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException
invoking
https://ascsq14:8105/XISOAPAdapter/MessageServlet?senderParty=&senderService=BS_Q_MES_Miheevsky&receiverParty=&receiverService=&interface=SI_ID56_CopperRecovery_async_out&interfaceNamespace=urn:outotec:pi:mes:id56:CopperRecovery:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)[:1.6.0_45]
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown
Source)[:1.6.0_45]
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown
Source)[:1.6.0_45]
	at java.lang.reflect.Constructor.newInstance(Unknown Source)[:1.6.0_45]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1467)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1452)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
	at
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)[169:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
	at
org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:660)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
	at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)[169:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
	... 65 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
Source)[:1.6]
	at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)[:1.6]
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)[:1.6]
	at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown
Source)[:1.6]
	at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
Source)[:1.6]
	at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown
Source)[:1.6.0_45]
	at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown
Source)[:1.6]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1410)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1351)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
	at
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)[169:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
	at
org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)[169:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1424)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
	... 68 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(Unknown Source)[:1.6.0_45]
	at sun.security.validator.PKIXValidator.engineValidate(Unknown
Source)[:1.6.0_45]
	at sun.security.validator.Validator.validate(Unknown Source)[:1.6.0_45]
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown
Source)[:1.6]
	at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)[:1.6]
	at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)[:1.6]
	... 85 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
Source)[:1.6.0_45]
	at java.security.cert.CertPathBuilder.build(Unknown Source)[:1.6.0_45]



Can I do the same using JETTY?
I have configured the jetty as follows


	<bean id="jetty"
class="org.apache.camel.component.jetty.JettyHttpComponent">
		<property name="sslSocketConnectorProperties">
			<map>
				<entry key="password" value="keystorepassword" />
				<entry key="keyPassword" value="keystorepassword" />
				<entry key="keystore" value="src/main/resources/certs/keystore.jks" />
				<entry key="truststore" value="src/main/resources/certs/truststore.jks"
/>
				<entry key="trustPassword" value="truststorepassword" />
				<entry key="needClientAuth" value="true" />
			</map>
		</property>
	</bean>

and configured jax:ws client as 

<jaxws:client id="PIServiceProxy"

	
address="jetty:https://server1:8105/XISOAPAdapter/MessageServlet?senderParty=&amp;senderService=BS_Q_MES_Miheevsky&amp;receiverParty=&amp;receiverService=&amp;interface=SI_ID56_CopperRecovery_async_out&amp;interfaceNamespace=urn:server:pi:mes:id56:CopperRecovery"

serviceClass="outotec.pi.mes.id56.copperrecovery.SIID56CopperRecoveryAsyncOut"

username="userid" password="pwd" />


Please let me know in case anything is wrong in the above configuration
settings.

Reji



--
View this message in context: http://camel.465427.n5.nabble.com/Using-SSL-Certificates-and-connecting-to-https-port-Truststore-files-provided-tp5737735p5737849.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Mime
View raw message