Also, I was looking at http://www.mail-archive.com/[email protected]/msg21872.html and this method doesn't seem to work either, mostly because the dots are not connected for the part " In your SSLSocketFactory, override the "private static TrustManager[] createTrustManagers(final KeyStore keystore)" method. And create your own X509TrustManager to trust all certs. " since this function doesn't seem to exist in http://download.oracle.com/javase/1.4.2/docs/api/javax/net/ssl/SSLSocketFactory.html
Any ideas? On Tue, Jan 11, 2011 at 2:18 PM, Zach Calvert <[email protected]> wrote: > I am writing internal test code chatting to an internal test server > with a self signed certificate. The team is distributed and I am not > an admin on our build servers so I cannot install the certificate into > the certificate chain (can't do this on other developer machines > anyway). The idea is that I need to be able to execute SOAP APIs > built using the mvn plugin for wsdl2code and the abd bindings (not > XMLBeans). The server will not accept clear port SOAP commands for > authentication, but we are entirely willing to accept > man-in-the-middle attacks as a risk since we're executing code on an > internally managed network and this is not public facing code. > > I have searched the mailing lists, documentation, and various > blogs/dev wikis and cannot find the answer. I have tried the old > flavor of AxisProperties.setProperty("axis.socketSecureFactory"... > (http://marc.info/?l=axis-user&m=120965970202812&w=2) but of course > this does not work with the new flavor of Axis. I have also tried > setting the default trust site manager to accept all certificates > (http://www.coderanch.com/t/207318/sockets/java/do-hold-Java-default-SSL) > but AXIS seems to use its own flavor from the Protocol classes. I > then tried overriding the Protocol using the sample code provided at > http://hc.apache.org/httpclient-3.x/sslguide.html. None of this seems > to work and still gets me a > Exception in thread "main" org.apache.axis2.AxisFault: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) > at > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98) > at > org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499) > at > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) > at > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) > at > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) > at > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346) > at > org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:550) > at > org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:189) > at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75) > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:389) > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:222) > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435) > at > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402) > at > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229) > at > org.apache.axis2.client.OperationClient.execute(OperationClient.java:165) > at > vmware.labmanager.soap.LabManager_x0020_SOAP_x0020_interfaceStub.getConfigurationByName(LabManager_x0020_SOAP_x0020_interfaceStub.java:724) > at ZachTest.main(ZachTest.java:188) > Caused by: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown > Source) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown > Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown > Source) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown > Source) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown > Source) > at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source) > at java.io.BufferedOutputStream.flushBuffer(Unknown Source) > at java.io.BufferedOutputStream.flush(Unknown Source) > at > org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94) > ... 18 more > Caused by: sun.security.validator.ValidatorException: PKIX path > building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at sun.security.validator.PKIXValidator.doBuild(Unknown Source) > at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) > at sun.security.validator.Validator.validate(Unknown Source) > at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown > Source) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown > Source) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown > Source) > ... 29 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown > Source) > at java.security.cert.CertPathBuilder.build(Unknown Source) > ... 35 more > > > Is there ANY support to override SSL validation for Apache AXIS SOAP > calls using wsdl2java generated code? > > > > Thanks, > Zach > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
