Hi Mark,
the error occures because you didnt install the certificate requiered in your keystore.
You have to set the trustet Certificat in your Keystore and load this keystore by
using this method in your client:
(maybe here in your code is missing sth)
private static void setHttps()
{
// specify the location of where to find key material for the default
TrustManager (this overrides jssecacerts and cacerts)
System.setProperty( "javax.net.ssl.trustStore", "c:/client.keystore" );
// use Sun's reference implementation of a URL handler for the "https" URL
protocol type.
System.setProperty( "java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol" );
// dynamically register sun's ssl provider
Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider() );
}
You can install the Certificate like the following:
1. Save your cer in a file by using the InternetExplorer. Call your webservice with
the IE
and save the cer in a file.
2. Import this cer in a keystore-file by using the keytool.
3. place this file somewhere reachable from the application.
here you will find some help using the keytool:
http://www.informit.com/articles/article.asp?p=24604&redir=1
Greets Benjamin
-----Urspr�ngliche Nachricht-----
Von: Mark Melia [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 6. Mai 2004 00:00
An: Axis User Group
Betreff: SSL - java.security.cert.CertificateException: Couldn't find
trusted certificate
Hi all
**I need help**
I am a bit of a newbie to web services, so go easy on me. I am creating a
web services that uses SOAP messaging. I will be transferring confidential
info, and the employment of SSL technology is a requirement. I am having
awful trouble getting SSL to work. Every time I try to run the code I get
the following exception in the client...
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: Couldn't find trusted c
ertificate
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExce
ption: Couldn't find trusted certificate
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at
org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.ja
va:224)
at
org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at
org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:
71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:1753)
at test.SubmitPOService.execute(SubmitPOService.java:64)
at test.SubmitPOService.main(SubmitPOService.java:79)
Caused by: java.security.cert.CertificateException: Couldn't find trusted
certificate
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6
275)
at
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6
275)
... 18 more
I think that my client does not have a list of trusted certificates but I do
set this in the client using
System.setProperty("javax.net.ssl.trustStore", "clientCacerts");
System.setProperty("javax.net.ssl.trustStorePassword",
"******");
It should find clientCacerts because it is in the same directory as where I
call the client from and this clientCacerts definely has the server
certificate, I know this because the server cert that is printed out by the
server on startup is the same cert as in clientCvacerts. One point is that
if I change the password to be wrong I get the same error, even if I change
to the wrong file name for the cert store, which would lead me to believe it
is looking at some other cert store, does anyone have any idea what is going
on??? Could someone send me a client with SSL working(partiualry if using
the org.apache.axis.client.Call class). Does anyone have any good tutorials.
I really need help, anything you say will be of benefit!
Thanks in advance!
Mark
Thanks,
Mark
Thanks,
Mark
[EMAIL PROTECTED]
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.620 / Virus Database: 399 - Release Date: 11/03/2004
