I'M still don't know what exactly you are doing. Is the webservice on a remote host and servicemix local or whatever. I don't know.
You should generate your key as you already did, export the certificate and import it in the truststore. This is the way for a self signed certificate. In your client application you also have to import your certificate so that the client trusts your server (web service whatever else). If your client is a commandline java application you have to set the keystore and truststore otherwise the truststore from the jdk will be used. Is the webservice deployed in servicemix? jlbarrera wrote: > I'm using ServiceMix 3.1, > What could be the problem? The keystore and truststore generated? > I have make this: > > keytool -genkey -keypass password -keystore keystoredemo -storepass password > keytool -import -trustcacerts -keystore keystoretrust -file somename.cer -v > > And i following the next guide for solved this problem: > http://blogs.sun.com/andreas/entry/no_more_unable_to_find, but i get the > same error. > > Thanks! > > > tterm wrote: >> Which servicemix version do you use? >> >> You should enable the java property for ssl so that you can see which >> truststore and keystore is used. >> >> jlbarrera wrote: >>> Well i put the keystore and the truststore in the conf directory, and in >>> the >>> xbean.xml: >>> >>> <http:ssl> >>> <http:sslParameters keyStore="file:conf/jlbarrera" >>> keyStorePassword="leidas" >>> >>> trustStore="file:conf/arrobafirma" >>> trustStorePassword="leidas"/> >>> </http:ssl> >>> >>> But i received the next error: What happened? >>> >>> INFO - ServiceUnitLifeCycle - Starting service unit: SU >>> WARN - HttpComponent - Could not load description from >>> resource >>> WSDLException: faultCode=OTHER_ERROR: Unable to resolve imported document >>> at >>> 'https://172.19.1.75/axis/services/VerificarFirmas?wsdl'.: >>> sun.security.validator.ValidatorException: PKIX path building failed: >>> sun.security.provider.certpath.SunCertPathBuilderException: unable to >>> find >>> valid certification path to requested target: >>> javax.net.ssl.SSLHandshakeException: >>> sun.security.validator.ValidatorException: PKIX path building failed: >>> sun.security.provider.certpath.SunCertPathBuilderException: unable to >>> find >>> valid certification path to requested target >>> at >>> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) >>> at >>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476) >>> at >>> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) >>> at >>> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) >>> at >>> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:847) >>> at >>> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) >>> at >>> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) >>> at >>> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) >>> at >>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815) >>> at >>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) >>> at >>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038) >>> at >>> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) >>> at >>> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170) >>> >>> at >>> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913) >>> at java.net.URLConnection.getContent(URLConnection.java:682) >>> at >>> sun.net.www.protocol.https.HttpsURLConnectionImpl.getContent(HttpsURLConnectionImpl.java:406) >>> at java.net.URL.getContent(URL.java:1021) >>> at com.ibm.wsdl.util.StringUtils.getContentAsInputStream(Unknown >>> Source) >>> at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) >>> at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) >>> at >>> org.apache.servicemix.soap.SoapEndpoint.loadWsdl(SoapEndpoint.java:229) >>> at >>> org.apache.servicemix.soap.SoapEndpoint.activate(SoapEndpoint.java:339) >>> at >>> org.apache.servicemix.common.ServiceUnit.start(ServiceUnit.java:55) >>> at >>> org.apache.servicemix.common.BaseServiceUnitManager.start(BaseServiceUnitManager.java:151) >>> at >>> org.apache.servicemix.jbi.framework.ServiceUnitLifeCycle.start(ServiceUnitLifeCycle.java:103) >>> at >>> org.apache.servicemix.jbi.framework.ServiceAssemblyLifeCycle.start(ServiceAssemblyLifeCycle.java:130) >>> at >>> org.apache.servicemix.jbi.framework.DeploymentService.start(DeploymentService.java:374) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:296) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:588) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService.access$200(AutoDeploymentService.java:60) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:555) >>> at java.util.TimerThread.mainLoop(Timer.java:512) >>> at java.util.TimerThread.run(Timer.java:462) >>> Caused by: sun.security.validator.ValidatorException: PKIX path building >>> failed: sun.security.provider.certpath.SunCertPathBuilderException: >>> unable >>> to find valid certification path to requested target >>> at >>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221) >>> at >>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145) >>> at sun.security.validator.Validator.validate(Validator.java:203) >>> at >>> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172) >>> at >>> com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320) >>> at >>> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:840) >>> ... 28 more >>> Caused by: sun.security.provider.certpath.SunCertPathBuilderException: >>> unable to find valid certification path to requested target >>> at >>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236) >>> at >>> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194) >>> at >>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216) >>> ... 33 more >>> >>> at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) >>> at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) >>> at >>> org.apache.servicemix.soap.SoapEndpoint.loadWsdl(SoapEndpoint.java:229) >>> at >>> org.apache.servicemix.soap.SoapEndpoint.activate(SoapEndpoint.java:339) >>> at >>> org.apache.servicemix.common.ServiceUnit.start(ServiceUnit.java:55) >>> at >>> org.apache.servicemix.common.BaseServiceUnitManager.start(BaseServiceUnitManager.java:151) >>> at >>> org.apache.servicemix.jbi.framework.ServiceUnitLifeCycle.start(ServiceUnitLifeCycle.java:103) >>> at >>> org.apache.servicemix.jbi.framework.ServiceAssemblyLifeCycle.start(ServiceAssemblyLifeCycle.java:130) >>> at >>> org.apache.servicemix.jbi.framework.DeploymentService.start(DeploymentService.java:374) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService.updateArchive(AutoDeploymentService.java:296) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService.monitorDirectory(AutoDeploymentService.java:588) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService.access$200(AutoDeploymentService.java:60) >>> at >>> org.apache.servicemix.jbi.framework.AutoDeploymentService$1.run(AutoDeploymentService.java:555) >>> at java.util.TimerThread.mainLoop(Timer.java:512) >>> at java.util.TimerThread.run(Timer.java:462) >>> INFO - jetty - jetty-6.0.1 >>> INFO - jetty - Started SelectChannelConnector @ >>> 0.0.0.0:8989 >>> INFO - AutoDeploymentService - Directory: deploy: Finished >>> installation of archive: SA.zip >>> >>> >>> >>> >>> >>> tterm wrote: >>>> jlbarrera wrote: >>>>> I try to create a BC with the role "provider" that connect with a Web >>>>> Services by SSL and auth basic. But in the documentation said that the >>>>> basic >>>>> auth only has enabled for role "consumer" .. it's right? >>>> I never tested basic auth. I used just ssl for authentication with >>>> certificates. >>>> >>>>> But the keystore and truststore not found, i think that the path can be >>>>> mistaken. >>>> The truststore and keystore will be found. You might try to put both >>>> into the conf directory of servicemix and specify in the config file >>>> file:con/your.truststore.jks or something. That works. >>>> >>>> This is also a big help sometimes: >>>> -Djavax.net.debug=ssl >>>> >>>> Cheers, >>>> Thomas >>>> >>>>> regards >>>>> >>>>> >>>>> >>>>> tterm wrote: >>>>>> set it with "file:" (keystore , truststore) >>>>>> >>>>>> You should provide more information on what you are want to do. >>>>>> >>>>>> jlbarrera wrote: >>>>>>> Hello >>>>>>> >>>>>>> I'm using servicemix-http with SSL. >>>>>>> >>>>>>> I have generated the keyStore: >>>>>>> keytool -genkey -keypass password -keystore keystoredemo >>>>>>> -storepass >>>>>>> password >>>>>>> And i generated the trustStore: >>>>>>> keytool -import -trustcacerts -keystore keystoretrust -file >>>>>>> somename.cer >>>>>>> -v >>>>>>> >>>>>>> In the xbean.xml configuration file: >>>>>>> >>>>>>> <http:ssl> >>>>>>> <http:sslParameters >>>>>>> keyStore="/home/jlbarrera/keystoredemo" >>>>>>> keyStorePassword="password" >>>>>>> >>>>>>> trustStore="/home/jlbarrera/keystoretrust" >>>>>>> >>>>>>> trustStorePassword="password"/> >>>>>>> </http:ssl> >>>>>>> >>>>>>> But i get the next error: >>>>>>> >>>>>>> "No trusted certificate found" >>>>>>> >>>>>>> Somebody know the problem? The route of files it's mistaken? I try >>>>>>> with >>>>>>> file:///route... too. I'm using Linux filesystem.. >>>>>>> >>>>>>> Thanks! >>>>>> >>>> -- >>>> Thomas Termin >>>> _______________________________ >>>> blue elephant systems GmbH >>>> Wollgrasweg 49 >>>> D-70599 Stuttgart >>>> >>>> Tel : (+49) 0711 - 45 10 17 676 >>>> Fax : (+49) 0711 - 45 10 17 573 >>>> WWW : http://www.blue-elephant-systems.com >>>> Email : [EMAIL PROTECTED] >>>> >>>> blue elephant systems GmbH >>>> Firmensitz : Wollgrasweg 49, D-70599 Stuttgart >>>> Registergericht : Amtsgericht Stuttgart, HRB 24106 >>>> Geschäftsführer : Holger Dietrich, Thomas Gentsch, Joachim Hoernle >>>> >>>> Thanks! >>>> >> >> -- >> Thomas Termin >> _______________________________ >> blue elephant systems GmbH >> Wollgrasweg 49 >> D-70599 Stuttgart >> >> Tel : (+49) 0711 - 45 10 17 676 >> Fax : (+49) 0711 - 45 10 17 573 >> WWW : http://www.blue-elephant-systems.com >> Email : [EMAIL PROTECTED] >> >> blue elephant systems GmbH >> Firmensitz : Wollgrasweg 49, D-70599 Stuttgart >> Registergericht : Amtsgericht Stuttgart, HRB 24106 >> Geschäftsführer : Holger Dietrich, Thomas Gentsch, Joachim Hoernle >> >> >> > -- Thomas Termin _______________________________ blue elephant systems GmbH Wollgrasweg 49 D-70599 Stuttgart Tel : (+49) 0711 - 45 10 17 676 Fax : (+49) 0711 - 45 10 17 573 WWW : http://www.blue-elephant-systems.com Email : [EMAIL PROTECTED] blue elephant systems GmbH Firmensitz : Wollgrasweg 49, D-70599 Stuttgart Registergericht : Amtsgericht Stuttgart, HRB 24106 Geschäftsführer : Holger Dietrich, Thomas Gentsch, Joachim Hoernle
