Re: Axis2 , 2 Way SSL and Fiddler

Martin Gainty Mon, 14 Nov 2016 08:37:12 -0800

verify you have PKCS7  Cryptography libraries installed in your OS *you didnt 
mention your OS
so I am unable to guide you in the PKCS7 Cryptography libraries you may/may not 
have*



verify you have unlimited strength JCE jars installed


http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

Java Cryptography Extension (JCE) Unlimited Strength 
...<http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html>
www.oracle.com
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 
for JDK/JRE 8 Download




export your certificate to pem format


openssl x509 -in <certificate_filename> -inform der -outform pem -out 
<pem-filename>

deskcheck certificate input pem and validate attributes with your Security Admin

openssl x509 -in NameOfPem.pem -text
display cert in pem format inline here or attach pem in reply


Martin
______________________________________________



________________________________
From: Sterpu Victor <vic...@caido.ro>
Sent: Sunday, November 13, 2016 7:36 PM
To: java-user
Subject: Axis2 , 2 Way SSL and Fiddler

Hello

I'm testing Axis2 with 2 way SSL for a few weeks and in my tests I always used 
Fiddler to debug.
Everything went fine but now I must move to production and I stopped fiddler 
and removed these lines:
                System.setProperty("https.proxyHost", "127.0.0.1");
                System.setProperty("https.proxyPort", "8888");

An I almost got a heat attack, I'm in a big time crisis and I can't make Axis2 
work without Fiddler, I receive the error: "org.apache.axis2.AxisFault: 
Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Error 
signing certificate verify".
And somewere at the end: "java.security.InvalidKeyException: Unsupported key 
type: SunPKCS11-SmartCard RSA private key, 2048 bits (id 65541, token object, 
sensitive, unextractable)"
At the end of the mail I pasted all the trace.

Some services are working, but the service that doesn't work sends a PKCS7 
signature to the server. I create the PKCS7 signature using the same PKCS11 
token that I use to comunicate 2 way SSL to the server.
This is reproductible behaviour, always when I activate Fiddler, Axis2 works. 
And only services where I use PKCS7 signature don't work.

Do you have any advice? I have no idea what to do.
I attached the whole stub that I generated with the command "wsdl2java.bat -uri 
tmp\StoreClinicalDocument.wsdl -p stubs.StoreClinicalDocument.client -s -sd 
-ssi -o tmp\build_StoreClinicalDocument\client" and I attached the wsdl file.

Thank you.



SEVERE: null
java.lang.reflect.InvocationTargetException
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)
 at 
SoapUtils.Axis2ReflectionBuilder.executeMethod(Axis2ReflectionBuilder.java:295)
 at SoapUtils.Soap.executeMethod(Soap.java:225)
 at Util.DES.ExportDES.FOCG_TransmiteDES(ExportDES.java:193)
 at GenericDBCarier.CustomFunctions$44$15.call(CustomFunctions.java:5346)
 at java.util.concurrent.FutureTask.run(FutureTask.java:266)
 at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
 at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
 at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.axis2.AxisFault: Connection has been shutdown: 
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
 at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
 at 
org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:78)
 at 
org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:85)
 at 
org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
 at 
org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
 at 
org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
 at 
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
 at 
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
 at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
 at 
org.apache.axis2.transport.http.impl.httpclient3.HTTPSenderImpl.executeMethod(HTTPSenderImpl.java:872)
 at 
org.apache.axis2.transport.http.impl.httpclient3.HTTPSenderImpl.sendViaPost(HTTPSenderImpl.java:212)
 at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:121)
 at 
org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:403)
 at 
org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:234)
 at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:431)
 at 
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:399)
 at 
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
 at org.apache.axis2.client.OperationClient.execute(OperationClient.java:150)
 at 
stubs.StoreClinicalDocument.client.StoreClinicalDocumentStub.storeClinicalDocumentS(StoreClinicalDocumentStub.java:377)
 ... 12 more
Caused by: com.ctc.wstx.exc.WstxIOException: Connection has been shutdown: 
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
 at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:261)
 at 
org.apache.axiom.util.stax.wrapper.XMLStreamWriterWrapper.flush(XMLStreamWriterWrapper.java:50)
 at 
org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.java:231)
 at 
org.apache.axiom.om.impl.MTOMXMLStreamWriter.close(MTOMXMLStreamWriter.java:223)
 at 
org.apache.axiom.om.impl.common.AxiomContainerSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomContainerSupport$org_apache_axiom_om_impl_intf_AxiomContainer$serializeAndConsume(AxiomContainerSupport.aj:324)
 at 
org.apache.axiom.om.impl.llom.OMElementImpl.serializeAndConsume(OMElementImpl.java:1)
 at 
org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:74)
 ... 29 more
Caused by: javax.net.ssl.SSLException: Connection has been shutdown: 
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
 at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1541)
 at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1553)
 at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
 at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
 at java.io.BufferedOutputStream.write(BufferedOutputStream.java:121)
 at 
org.apache.commons.httpclient.WireLogOutputStream.write(WireLogOutputStream.java:68)
 at 
org.apache.commons.httpclient.ChunkedOutputStream.flushCacheWithAppend(ChunkedOutputStream.java:121)
 at 
org.apache.commons.httpclient.ChunkedOutputStream.write(ChunkedOutputStream.java:179)
 at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:100)
 at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:225)
 at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:259)
 ... 35 more
Caused by: javax.net.ssl.SSLHandshakeException: Error signing certificate verify
 at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
 at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
 at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
 at 
sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1119)
 at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:348)
 at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
 at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
 at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
 at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
 at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
 at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
 at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
 at java.io.BufferedOutputStream.write(BufferedOutputStream.java:121)
 at 
org.apache.commons.httpclient.WireLogOutputStream.write(WireLogOutputStream.java:68)
 at 
org.apache.commons.httpclient.ChunkedOutputStream.flushCacheWithAppend(ChunkedOutputStream.java:121)
 at 
org.apache.commons.httpclient.ChunkedOutputStream.write(ChunkedOutputStream.java:179)
 at com.ctc.wstx.io.UTF8Writer.write(UTF8Writer.java:143)
 at com.ctc.wstx.sw.BufferingXmlWriter.writeRaw(BufferingXmlWriter.java:269)
 at 
com.ctc.wstx.sw.BufferingXmlWriter.writeCharacters(BufferingXmlWriter.java:568)
 at com.ctc.wstx.sw.BaseStreamWriter.writeCharacters(BaseStreamWriter.java:385)
 at 
org.apache.axiom.util.stax.wrapper.XMLStreamWriterWrapper.writeCharacters(XMLStreamWriterWrapper.java:96)
 at 
org.apache.axiom.om.impl.MTOMXMLStreamWriter.writeCharacters(MTOMXMLStreamWriter.java:330)
 at 
org.apache.axiom.util.stax.XMLStreamWriterWriter.write(XMLStreamWriterWriter.java:54)
 at 
org.apache.axiom.util.base64.Base64EncodingWriterOutputStream.flushBuffer(Base64EncodingWriterOutputStream.java:82)
 at 
org.apache.axiom.util.base64.Base64EncodingWriterOutputStream.doWrite(Base64EncodingWriterOutputStream.java:74)
 at 
org.apache.axiom.util.base64.AbstractBase64EncodingOutputStream.encode(AbstractBase64EncodingOutputStream.java:132)
 at 
org.apache.axiom.util.base64.AbstractBase64EncodingOutputStream.write(AbstractBase64EncodingOutputStream.java:77)
 at javax.activation.DataHandler.writeTo(DataHandler.java:309)
 at 
org.apache.axiom.util.stax.XMLStreamWriterUtils.writeBase64(XMLStreamWriterUtils.java:62)
 at 
org.apache.axiom.util.stax.XMLStreamWriterUtils.writeDataHandler(XMLStreamWriterUtils.java:138)
 at 
stubs.StoreClinicalDocument.client.StoreClinicalDocumentStub$StoreClinicalDocumentRequest.serialize(StoreClinicalDocumentStub.java:4586)
 at 
stubs.StoreClinicalDocument.client.StoreClinicalDocumentStub$StoreClinicalDocumentRequest.serialize(StoreClinicalDocumentStub.java:4535)
 at 
stubs.StoreClinicalDocument.client.StoreClinicalDocumentStub$StoreClinicalDocumentS.serialize(StoreClinicalDocumentStub.java:2924)
 at 
stubs.StoreClinicalDocument.client.StoreClinicalDocumentStub$StoreClinicalDocumentS.serialize(StoreClinicalDocumentStub.java:2887)
 at 
stubs.StoreClinicalDocument.client.StoreClinicalDocumentStub$StoreClinicalDocumentSE.serialize(StoreClinicalDocumentStub.java:7727)
 at 
stubs.StoreClinicalDocument.client.StoreClinicalDocumentStub$StoreClinicalDocumentSE.serialize(StoreClinicalDocumentStub.java:7714)
 at org.apache.axis2.databinding.ADBDataSource.serialize(ADBDataSource.java:49)
 at 
org.apache.axiom.om.impl.common.serializer.push.stax.StAXSerializer.serializePushOMDataSource(StAXSerializer.java:53)
 at 
org.apache.axiom.om.impl.common.serializer.push.Serializer.serialize(Serializer.java:293)
 at 
org.apache.axiom.om.impl.common.AxiomSourcedElementSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomSourcedElementSupport$org_apache_axiom_om_impl_intf_AxiomSourcedElement$internalSerialize(AxiomSourcedElementSupport.aj:434)
 at 
org.apache.axiom.om.impl.llom.OMSourcedElementImpl.internalSerialize(OMSourcedElementImpl.java:1)
 at 
org.apache.axiom.om.impl.common.AxiomContainerSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomContainerSupport$org_apache_axiom_om_impl_intf_AxiomContainer$serializeChildren(AxiomContainerSupport.aj:362)
 at 
org.apache.axiom.om.impl.llom.OMElementImpl.ajc$interMethodDispatch2$org_apache_axiom_om_impl_common$serializeChildren(OMElementImpl.java:1)
 at 
org.apache.axiom.om.impl.common.AxiomContainerSupport.ajc$interMethodDispatch1$org_apache_axiom_om_impl_common_AxiomContainerSupport$org_apache_axiom_om_impl_intf_AxiomContainer$serializeChildren(AxiomContainerSupport.aj)
 at 
org.apache.axiom.om.impl.common.AxiomElementSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomElementSupport$org_apache_axiom_om_impl_intf_AxiomElement$defaultInternalSerialize(AxiomElementSupport.aj:519)
 at 
org.apache.axiom.om.impl.llom.OMElementImpl.defaultInternalSerialize(OMElementImpl.java:1)
 at 
org.apache.axiom.om.impl.common.AxiomElementSupport.ajc$interMethodDispatch1$org_apache_axiom_om_impl_common_AxiomElementSupport$org_apache_axiom_om_impl_intf_AxiomElement$defaultInternalSerialize(AxiomElementSupport.aj)
 at 
org.apache.axiom.om.impl.common.AxiomElementSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomElementSupport$org_apache_axiom_om_impl_intf_AxiomElement$internalSerialize(AxiomElementSupport.aj:513)
 at 
org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:1)
 at 
org.apache.axiom.om.impl.common.AxiomContainerSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomContainerSupport$org_apache_axiom_om_impl_intf_AxiomContainer$serializeChildren(AxiomContainerSupport.aj:362)
 at 
org.apache.axiom.om.impl.llom.OMElementImpl.ajc$interMethodDispatch2$org_apache_axiom_om_impl_common$serializeChildren(OMElementImpl.java:1)
 at 
org.apache.axiom.om.impl.common.AxiomContainerSupport.ajc$interMethodDispatch1$org_apache_axiom_om_impl_common_AxiomContainerSupport$org_apache_axiom_om_impl_intf_AxiomContainer$serializeChildren(AxiomContainerSupport.aj)
 at 
org.apache.axiom.om.impl.common.AxiomElementSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomElementSupport$org_apache_axiom_om_impl_intf_AxiomElement$defaultInternalSerialize(AxiomElementSupport.aj:519)
 at 
org.apache.axiom.om.impl.llom.OMElementImpl.defaultInternalSerialize(OMElementImpl.java:1)
 at 
org.apache.axiom.om.impl.common.AxiomElementSupport.ajc$interMethodDispatch1$org_apache_axiom_om_impl_common_AxiomElementSupport$org_apache_axiom_om_impl_intf_AxiomElement$defaultInternalSerialize(AxiomElementSupport.aj)
 at 
org.apache.axiom.om.impl.common.AxiomElementSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomElementSupport$org_apache_axiom_om_impl_intf_AxiomElement$internalSerialize(AxiomElementSupport.aj:513)
 at 
org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:159)
 at 
org.apache.axiom.om.impl.common.AxiomContainerSupport.ajc$interMethod$org_apache_axiom_om_impl_common_AxiomContainerSupport$org_apache_axiom_om_impl_intf_AxiomContainer$serializeAndConsume(AxiomContainerSupport.aj:319)
 ... 31 more
Caused by: java.security.InvalidKeyException: Unsupported key type: 
SunPKCS11-SmartCard RSA private key, 2048 bits (id 65541, token object, 
sensitive, unextractable)
 at sun.security.mscapi.RSACipher.init(RSACipher.java:243)
 at sun.security.mscapi.RSACipher.engineInit(RSACipher.java:158)
 at javax.crypto.Cipher.init(Cipher.java:1246)
 at java.security.Signature$CipherAdapter.engineInitSign(Signature.java:1282)
 at java.security.Signature$Delegate.init(Signature.java:1155)
 at java.security.Signature$Delegate.chooseProvider(Signature.java:1112)
 at java.security.Signature$Delegate.engineInitSign(Signature.java:1185)
 at java.security.Signature.initSign(Signature.java:550)
 at sun.security.ssl.RSASignature.engineInitSign(RSASignature.java:126)
 at java.security.Signature$Delegate.engineInitSign(Signature.java:1183)
 at java.security.Signature.initSign(Signature.java:550)
 at 
sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(HandshakeMessage.java:1585)
 at 
sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1116)
 ... 85 more

Re: Axis2 , 2 Way SSL and Fiddler

Reply via email to