Which servicemix version do you use? You should enable the java property for ssl so that you can see which truststore and keystore is used.
jlbarrera wrote: > Well i put the keystore and the truststore in the conf directory, and in the > xbean.xml: > > <http:ssl> > <http:sslParameters keyStore="file:conf/jlbarrera" > keyStorePassword="leidas" > trustStore="file:conf/arrobafirma" > trustStorePassword="leidas"/> > </http:ssl> > > But i received the next error: What happened? > > INFO - ServiceUnitLifeCycle - Starting service unit: SU > WARN - HttpComponent - Could not load description from > resource > WSDLException: faultCode=OTHER_ERROR: Unable to resolve imported document at > 'https://172.19.1.75/axis/services/VerificarFirmas?wsdl'.: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target: > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:847) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) > at > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170) > > at > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913) > at java.net.URLConnection.getContent(URLConnection.java:682) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getContent(HttpsURLConnectionImpl.java:406) > at java.net.URL.getContent(URL.java:1021) > at com.ibm.wsdl.util.StringUtils.getContentAsInputStream(Unknown > Source) > at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) > at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) > at > org.apache.servicemix.soap.SoapEndpoint.loadWsdl(SoapEndpoint.java:229) > at > org.apache.servicemix.soap.SoapEndpoint.activate(SoapEndpoint.java:339) > at > org.apache.servicemix.common.ServiceUnit.start(ServiceUnit.java:55) > at > org.apache.servicemix.common.BaseServiceUnitManager.start(BaseServiceUnitManager.java:151) > at > org.apache.servicemix.jbi.framework.ServiceUnitLifeCycle.start(ServiceUnitLifeCycle.java:103) > at > org.apache.servicemix.jbi.framework.ServiceAssemblyLifeCycle.start(ServiceAssemblyLifeCycle.java:130) > at > org.apache.servicemix.jbi.framework.DeploymentService.start(DeploymentService.java:374) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:296) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:588) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService.access$200(AutoDeploymentService.java:60) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:555) > at java.util.TimerThread.mainLoop(Timer.java:512) > at java.util.TimerThread.run(Timer.java:462) > Caused by: sun.security.validator.ValidatorException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221) > at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145) > at sun.security.validator.Validator.validate(Validator.java:203) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172) > at > com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:840) > ... 28 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236) > at > java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194) > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216) > ... 33 more > > at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) > at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) > at > org.apache.servicemix.soap.SoapEndpoint.loadWsdl(SoapEndpoint.java:229) > at > org.apache.servicemix.soap.SoapEndpoint.activate(SoapEndpoint.java:339) > at > org.apache.servicemix.common.ServiceUnit.start(ServiceUnit.java:55) > at > org.apache.servicemix.common.BaseServiceUnitManager.start(BaseServiceUnitManager.java:151) > at > org.apache.servicemix.jbi.framework.ServiceUnitLifeCycle.start(ServiceUnitLifeCycle.java:103) > at > org.apache.servicemix.jbi.framework.ServiceAssemblyLifeCycle.start(ServiceAssemblyLifeCycle.java:130) > at > org.apache.servicemix.jbi.framework.DeploymentService.start(DeploymentService.java:374) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:296) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:588) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService.access$200(AutoDeploymentService.java:60) > at > org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:555) > at java.util.TimerThread.mainLoop(Timer.java:512) > at java.util.TimerThread.run(Timer.java:462) > INFO - jetty - jetty-6.0.1 > INFO - jetty - Started SelectChannelConnector @ > 0.0.0.0:8989 > INFO - AutoDeploymentService - Directory: deploy: Finished > installation of archive: SA.zip > > > > > > tterm wrote: >> jlbarrera wrote: >>> I try to create a BC with the role "provider" that connect with a Web >>> Services by SSL and auth basic. But in the documentation said that the >>> basic >>> auth only has enabled for role "consumer" .. it's right? >> I never tested basic auth. I used just ssl for authentication with >> certificates. >> >>> But the keystore and truststore not found, i think that the path can be >>> mistaken. >> The truststore and keystore will be found. You might try to put both >> into the conf directory of servicemix and specify in the config file >> file:con/your.truststore.jks or something. That works. >> >> This is also a big help sometimes: >> -Djavax.net.debug=ssl >> >> Cheers, >> Thomas >> >>> regards >>> >>> >>> >>> tterm wrote: >>>> set it with "file:" (keystore , truststore) >>>> >>>> You should provide more information on what you are want to do. >>>> >>>> jlbarrera wrote: >>>>> Hello >>>>> >>>>> I'm using servicemix-http with SSL. >>>>> >>>>> I have generated the keyStore: >>>>> keytool -genkey -keypass password -keystore keystoredemo -storepass >>>>> password >>>>> And i generated the trustStore: >>>>> keytool -import -trustcacerts -keystore keystoretrust -file >>>>> somename.cer >>>>> -v >>>>> >>>>> In the xbean.xml configuration file: >>>>> >>>>> <http:ssl> >>>>> <http:sslParameters >>>>> keyStore="/home/jlbarrera/keystoredemo" >>>>> keyStorePassword="password" >>>>> >>>>> trustStore="/home/jlbarrera/keystoretrust" >>>>> trustStorePassword="password"/> >>>>> </http:ssl> >>>>> >>>>> But i get the next error: >>>>> >>>>> "No trusted certificate found" >>>>> >>>>> Somebody know the problem? The route of files it's mistaken? I try with >>>>> file:///route... too. I'm using Linux filesystem.. >>>>> >>>>> Thanks! >>>> >>>> >> >> -- >> Thomas Termin >> _______________________________ >> blue elephant systems GmbH >> Wollgrasweg 49 >> D-70599 Stuttgart >> >> Tel : (+49) 0711 - 45 10 17 676 >> Fax : (+49) 0711 - 45 10 17 573 >> WWW : http://www.blue-elephant-systems.com >> Email : [EMAIL PROTECTED] >> >> blue elephant systems GmbH >> Firmensitz : Wollgrasweg 49, D-70599 Stuttgart >> Registergericht : Amtsgericht Stuttgart, HRB 24106 >> Geschäftsführer : Holger Dietrich, Thomas Gentsch, Joachim Hoernle >> >> Thanks! >> > -- Thomas Termin _______________________________ blue elephant systems GmbH Wollgrasweg 49 D-70599 Stuttgart Tel : (+49) 0711 - 45 10 17 676 Fax : (+49) 0711 - 45 10 17 573 WWW : http://www.blue-elephant-systems.com Email : [EMAIL PROTECTED] blue elephant systems GmbH Firmensitz : Wollgrasweg 49, D-70599 Stuttgart Registergericht : Amtsgericht Stuttgart, HRB 24106 Geschäftsführer : Holger Dietrich, Thomas Gentsch, Joachim Hoernle
