Re: [gt-user] Problem in accessing globus secure service through Java Client

Fri, 24 Aug 2007 04:24:53 -0700 

Hi,
I think the SSLHandshakeException is related to the client-side not having access to a Cert Authority .der format certificate in the local keystore so that client and server can talk securely. 

e.g. in $JAVA_HOME/jre/lib/security/cacerts

If that is the problem you'll need to use:

$JAVA_HOME/bin/keytool -importcert -file ... -keystore ...

gef

Natarajan, Senthil wrote:

Hi,
I am trying to access one of the grid service deployed on globus 4.0.2 through 
Java client. In my case it is OGSA-DAI service.

If I access it as a secure service i.e
    https://machine.name:8443/wsrf/services/ogsadai/DataService
I am having certificate problem, here is the error I am getting.

Accessing it as a regular service i.e.
        http://machine.name:8080/wsrf/services/ogsadai/DataService
is working fine.

Basically globus is not finding the certificate to access the service securely.

Could you please let me know how to resolve this.

Thanks,
Senthil

Exception in thread "main" 
uk.org.ogsadai.client.toolkit.exception.ServiceCommsException: A problem arose during 
communication with service 
https://cybersphere5.cs.pitt.edu:8443/wsrf/services/ogsadai/DataService?WSDL.
        at 
uk.org.ogsadai.client.toolkit.GenericServiceFetcher.findDataService(GenericServiceFetcher.java:212)
        at 
uk.org.ogsadai.client.toolkit.GenericServiceFetcher.getDataService(GenericServiceFetcher.java:71)
        at SimpleSQLQueryExample.main(SimpleSQLQueryExample.java:36)
Caused by: javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:847)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
        at 
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
        at 
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038)
        at 
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
        at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
        at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913)
        at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
        at java.net.URL.openStream(URL.java:1007)
        at 
uk.org.ogsadai.client.toolkit.GenericServiceFetcher.getWSDL(GenericServiceFetcher.java:303)
        at 
uk.org.ogsadai.client.toolkit.GenericServiceFetcher.findDataService(GenericServiceFetcher.java:208)
        ... 2 more
Caused by: sun.security.validator.ValidatorException: PKIX path building 
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to 
find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
        at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
        at sun.security.validator.Validator.validate(Validator.java:203)
        at 
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
        at 
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:840)
        ... 15 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable 
to find valid certification path to requested target
        at 
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)


























					Reply via email to