Re: WebServices and SSL

jlbarrera Wed, 07 Mar 2007 03:17:30 -0800

Well i put the keystore and the truststore in the conf directory, and in the
xbean.xml:


<http:ssl>
                    <http:sslParameters keyStore="file:conf/jlbarrera"
                                        keyStorePassword="leidas"
                                        trustStore="file:conf/arrobafirma"
                                        trustStorePassword="leidas"/>
                    </http:ssl>

But i received the next error: What happened? 

INFO  - ServiceUnitLifeCycle           - Starting service unit: SU
WARN  - HttpComponent                  - Could not load description from
resource
WSDLException: faultCode=OTHER_ERROR: Unable to resolve imported document at
'https://172.19.1.75/axis/services/VerificarFirmas?wsdl'.:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target
        at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
        at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
        at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:847)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
        at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
        at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038)
        at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
       
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913)
        at java.net.URLConnection.getContent(URLConnection.java:682)
        at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getContent(HttpsURLConnectionImpl.java:406)
        at java.net.URL.getContent(URL.java:1021)
        at com.ibm.wsdl.util.StringUtils.getContentAsInputStream(Unknown
Source)
        at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
        at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
        at
org.apache.servicemix.soap.SoapEndpoint.loadWsdl(SoapEndpoint.java:229)
        at
org.apache.servicemix.soap.SoapEndpoint.activate(SoapEndpoint.java:339)
        at
org.apache.servicemix.common.ServiceUnit.start(ServiceUnit.java:55)
        at
org.apache.servicemix.common.BaseServiceUnitManager.start(BaseServiceUnitManager.java:151)
        at
org.apache.servicemix.jbi.framework.ServiceUnitLifeCycle.start(ServiceUnitLifeCycle.java:103)
        at
org.apache.servicemix.jbi.framework.ServiceAssemblyLifeCycle.start(ServiceAssemblyLifeCycle.java:130)
        at
org.apache.servicemix.jbi.framework.DeploymentService.start(DeploymentService.java:374)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:296)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:588)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService.access$200(AutoDeploymentService.java:60)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:555)
        at java.util.TimerThread.mainLoop(Timer.java:512)
        at java.util.TimerThread.run(Timer.java:462)
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
        at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
        at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
        at sun.security.validator.Validator.validate(Validator.java:203)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
        at
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:840)
        ... 28 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
        at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
        at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
        at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
        ... 33 more

        at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
        at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
        at
org.apache.servicemix.soap.SoapEndpoint.loadWsdl(SoapEndpoint.java:229)
        at
org.apache.servicemix.soap.SoapEndpoint.activate(SoapEndpoint.java:339)
        at
org.apache.servicemix.common.ServiceUnit.start(ServiceUnit.java:55)
        at
org.apache.servicemix.common.BaseServiceUnitManager.start(BaseServiceUnitManager.java:151)
        at
org.apache.servicemix.jbi.framework.ServiceUnitLifeCycle.start(ServiceUnitLifeCycle.java:103)
        at
org.apache.servicemix.jbi.framework.ServiceAssemblyLifeCycle.start(ServiceAssemblyLifeCycle.java:130)
        at
org.apache.servicemix.jbi.framework.DeploymentService.start(DeploymentService.java:374)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:296)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:588)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService.access$200(AutoDeploymentService.java:60)
        at
org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:555)
        at java.util.TimerThread.mainLoop(Timer.java:512)
        at java.util.TimerThread.run(Timer.java:462)
INFO  - jetty                          - jetty-6.0.1
INFO  - jetty                          - Started SelectChannelConnector @
0.0.0.0:8989
INFO  - AutoDeploymentService          - Directory: deploy: Finished
installation of archive:  SA.zip





tterm wrote:
> 
> jlbarrera wrote:
>> I try to create a BC with the role "provider" that connect with a Web
>> Services by SSL and auth basic. But in the documentation said that the
>> basic
>> auth only has enabled for role "consumer" .. it's right?
> I never tested basic auth. I used just ssl for authentication with
> certificates.
> 
>> 
>> But the keystore and truststore not found, i think that the path can be
>> mistaken.
> The truststore and keystore will be found. You might try to put both
> into the conf directory of servicemix and specify in the config file
> file:con/your.truststore.jks or something. That works.
> 
> This is also a big help sometimes:
> -Djavax.net.debug=ssl
> 
> Cheers,
> Thomas
> 
>> 
>> regards
>> 
>> 
>> 
>> tterm wrote:
>>> set it with "file:" (keystore , truststore)
>>>
>>> You should provide more information on what you are want to do.
>>>
>>> jlbarrera wrote:
>>>> Hello
>>>>
>>>> I'm using servicemix-http with SSL. 
>>>>
>>>> I have generated the keyStore:
>>>>     keytool -genkey -keypass password -keystore keystoredemo -storepass
>>>> password
>>>> And i generated the trustStore:
>>>>     keytool -import -trustcacerts -keystore keystoretrust -file
>>>> somename.cer
>>>> -v
>>>>
>>>> In the xbean.xml configuration file:
>>>>
>>>> <http:ssl>
>>>>                     <http:sslParameters
>>>> keyStore="/home/jlbarrera/keystoredemo"
>>>>                                         keyStorePassword="password"
>>>>                                        
>>>> trustStore="/home/jlbarrera/keystoretrust"
>>>>                                         trustStorePassword="password"/>
>>>>                     </http:ssl>
>>>>  
>>>> But i get the next error:
>>>>
>>>>    "No trusted certificate found"
>>>>
>>>> Somebody know the problem? The route of files it's mistaken? I try with
>>>> file:///route... too. I'm using Linux filesystem..
>>>>
>>>> Thanks!
>>>
>>>
>>>
>> 
> 
> 
> -- 
> Thomas Termin
> _______________________________
> blue elephant systems GmbH
> Wollgrasweg 49
> D-70599 Stuttgart
> 
> Tel    :  (+49) 0711 - 45 10 17 676
> Fax    :  (+49) 0711 - 45 10 17 573
> WWW    :  http://www.blue-elephant-systems.com
> Email  :  [EMAIL PROTECTED]
> 
> blue elephant systems GmbH
> Firmensitz      : Wollgrasweg 49, D-70599 Stuttgart
> Registergericht : Amtsgericht Stuttgart, HRB 24106
> Geschäftsführer : Holger Dietrich, Thomas Gentsch, Joachim Hoernle
> 
> Thanks! 
> 

-- 
View this message in context: 
http://www.nabble.com/WebServices-and-SSL-tf3333637s12049.html#a9350974
Sent from the ServiceMix - User mailing list archive at Nabble.com.

Re: WebServices and SSL

Reply via email to