[jboss-user] [JBossWS] - Question on accessing keystore/truststore that is not relati

Wed, 25 Oct 2006 10:19:36 -0700 

Hi,
  I have a secured web service which is deployed to a secured port.  The 
service is implemented using EJB and JSR181 annonations on the server-side, the 
client-side is also an EJB.  Both are deployed as EAR files.  My application 
runs in the background of a web application which uses SSL/TLS.  As part of the 
the foreground web application, certificates are exchanged and are imported 
into the appropriate truststore and keystores.  My diliema is that I want to 
use the same keystore and truststore with my client and service.  I have the 
following in  my jboss-wsse-client.xml file: 
  <key-store-file>/var/cert/keystore</key-store-file>
  <key-store-password>(password)</key-store-password>
  <trust-store-file>/var/cert/truststore</trust-store-file>
  <trust-store-password>()</trust-store-password>
   
    
    
      
    
  

and the same in my jboss-wsse-server.xml file.  I am getting the following 
error when I try to access my service:
Caused by: javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target

Everything that I have read on this particular exception says that it indicates 
that the certificate has not been imported into the truststore; however, I have 
used keytool to verify that the appropriate certs are in the appropriate 
places.  I believe that I am getting this error because the location that I am 
giving for the keystore and truststore is located on the filesystem outside of 
the EJB deployment EAR file and it can not find the keystore/truststore.

Can someone validate or invalidate my conclusion?  and if my assumption is 
correct, can someone tell me if it is possible to access a keystore/truststore 
outside of the relative deployment of the EJB?

Thank you.

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980776#3980776

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980776
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to