[jira] [Created] (AXIS2-5432) add command-line option to wsdl2java.sh to connect to arbitrary https sites (dummy trust stores)

Tue, 02 Oct 2012 08:25:08 -0700 

Ralf Hauser created AXIS2-5432:
----------------------------------

             Summary: add command-line option to wsdl2java.sh to connect to 
arbitrary https sites (dummy trust stores)
                 Key: AXIS2-5432
                 URL: https://issues.apache.org/jira/browse/AXIS2-5432
             Project: Axis2
          Issue Type: Improvement
          Components: wsdl
    Affects Versions: 1.6.2
         Environment: debian stable, java 6
            Reporter: Ralf Hauser


axis2-1.6.2/bin/wsdl2java.sh -uri 
https://services.sealsignportal.com:18443/sealsign/ws/BrokerClient?wsdl -p 
org.apache.axis2.axis2userguide -d adb -s

not surprisingly results in 

Caused by: javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
        at 
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
        at 
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
        at 
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
        at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
        at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172)
        at 
java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
        at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
        at 
org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerationEngine.java:99)
        ... 2 more


along the ideas in 
http://mail-archives.apache.org/mod_mbox/axis-java-user/200811.mbox/%[email protected]%3E
 , I amended
axis2-1.6.2/bin/axis2.sh with 
"$JAVA_HOME"/bin/java -classpath "$AXIS2_CLASSPATH" \
-Daxis2.xml="$AXIS2_HOME/conf/axis2.xml" -Daxis2.repo="$AXIS2_HOME/repository" 
-Djavax.net.ssl.trustStore="~/sealSigPortal.jks"  $USER_COMMANDS

Unfortunately, this resulted in 
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected 
error: java.security.InvalidAlgorithmParameterException: the trustAnchors 
parameter must be non-empty
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1612)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1595)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1172)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
        at 
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
        at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
        at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172)
        at 
java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
        at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
        at 
org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerationEngine.java:99)
        ... 2 more

so, in most cases, insteead of assembling your own ~/sealSigPortal.jks , a 
dummy trust store would even be more effective



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to