Hi All, I have a similar issue.I am trying to set trustStore and keyStore as JVM options on my glassfish server.But when I try to set trustStorePassword and keyStorePassword Glassfish server does not start and throws the following error. java.lang.IllegalStateException: Keystore was tampered with, or password was incorrect.I have the certs imported in jre/lib/security /folder also.
But when I try to access the same wsdl from my local machine which is a windos box it works fine.But on linux which is our development server I get the error.Let me know if you have any suggestions for this. Thanks in advance Uma Sagi Mann wrote: > > Hi all, > I am unable to get Axis2 clients to work with via HTTPS. I've read the > numerous threads here about it, and I think I have set up everything > correcly, but still - no luck. The client code works great over HTTP. I'm > using Axis2 1.4.1, NetBeans 5.5.1, SJSAS 9.1 for hosting the web service. > > The setup: > My web service is inside a .war and has its web.xml set to constraint all > clients requests to CONFIDENTIAL (it is not an Axis2-based web service). > It does NOT enforce client authentication, i.e. no CLIENT-AUTH. In fact, > the login section is omitted entirely. I don't want to test login at this > point. > > I then access the remote wsdl using IE: > https://hostname:8181/myapp/HelloService?wsdl to verify it is accessible > (IE prompts me for a security confirmation). > I then generate the client-side proxy using wsdl2java (ADB), using the WDL > URI above. I also set the following system properties prior to running > wsdl2java, or else wsdl2java fails due to an untrusted certificate: > javax.net.ssl.trustStore=v:/tmp/clienttrust.jks > javax.net.ssl.trustStorePassword=changeit > > Finally, in my standalone client code, I do the following: > System.setProperty("javax.net.ssl.trustStore", > "v:/tmp/clienttrust.jks"); > System.setProperty("javax.net.ssl.trustStorePassword", > "changeit"); > HelloServiceStub stub = > new HelloServiceStub( > "https://hostname:8181/myapp/HelloService?wsdl";); > doTest(); // this involes a simple web service method > > However, I get an exception (see below) which usually appears only if a > trustStore and its pwd are not specified. In fact, if I omit the > System.setProperty calls above, I get the same exact exception (verified > with diff tool). > > Does anyone have an idea how to resolve this? > thanks. > > > org.apache.axis2.AxisFault: sun.security.validator.ValidatorException: > PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) > at > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98) > at > org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499) > at > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) > at > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) > at > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) > at > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346) > at > org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:542) > at > org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189) > at > org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75) > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:371) > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:209) > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:448) > at > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:401) > at > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228) > at > org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) > at > samples.quickstart.service.adb.HelloServiceStub.test(HelloServiceStub.java:183) > at samples.quickstart.clients.ADBClient.test(ADBClient.java:83) > at samples.quickstart.clients.ADBClient.main(ADBClient.java:68) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at > org.apache.tools.ant.taskdefs.ExecuteJava.run(ExecuteJava.java:202) > at > org.apache.tools.ant.taskdefs.ExecuteJava.execute(ExecuteJava.java:134) > at org.apache.tools.ant.taskdefs.Java.run(Java.java:710) > at org.apache.tools.ant.taskdefs.Java.executeJava(Java.java:178) > at org.apache.tools.ant.taskdefs.Java.execute(Java.java:84) > at > org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275) > at org.apache.tools.ant.Task.perform(Task.java:364) > at org.apache.tools.ant.Target.execute(Target.java:341) > at org.apache.tools.ant.Target.performTasks(Target.java:369) > at > org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216) > at org.apache.tools.ant.Project.executeTarget(Project.java:1185) > at > org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:40) > at org.apache.tools.ant.Project.executeTargets(Project.java:1068) > at > org.apache.tools.ant.module.bridge.impl.BridgeImpl.run(BridgeImpl.java:240) > at > org.apache.tools.ant.module.run.TargetExecutor.run(TargetExecutor.java:293) > at > org.netbeans.core.execution.RunClassThread.run(RunClassThread.java:131) > Caused by: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123) > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) > at > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623) > at > com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) > at > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65) > at > java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) > at > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94) > ... 39 more > Caused by: sun.security.validator.ValidatorException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285) > at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) > at sun.security.validator.Validator.validate(Validator.java:218) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954) > ... 49 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) > at > java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280) > ... 55 more > > -- View this message in context: http://old.nabble.com/SSL%3A-ValidatorException%3A-PKIX-path-building-failed-tp19569509p30366682.html Sent from the Axis - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org For additional commands, e-mail: java-user-h...@axis.apache.org
