Yogesh, I have similar problem and have seen your solution too. The problem I have is the Protocol.registerProtocol part, i don't want to associate every https request to use my protocolSocketFactory as the factory that i have (it's not using the not yet commons libaries), uses an SSLContext that I supply and creates sockets based on that. Each SSLContext contains keystore and password information which contains information specific to the target server.
I understand that the other alternative is to create a custom protocol with host port combination and register that but the problem with that is that all my requests now have to contain the custom protocol scheme which is something i don't want. What i'd like to ideally do is something that's suggested here http://jakarta.apache.org/commons/httpclient/sslguide.html For this to happen though, i'd have to create my own http client and supply that to the xFire proxy client. The problem there is that i'd be replicating the code present in createClient method of the CommonsHttpMessageSender (basically setting up the client with multithreaded connection manager and bunch of other good stuff that the commons class already does). Ankur Yogesh Chawla - PD <[EMAIL PROTECTED]> wrote: Hey, I set up a SSL client that used x509 certs with Xfire using the Not Yet Commons SSL project. Details are here: http://docs.codehaus.org/display/XFIRE/HTTP+Transport --- Arian Rodrigo Pasquali wrote: > My dynamic client must present a certificate to > another server that host a web service within ssl. > > My url : > https://homologacao.nfe.sefaz.rs.gov.br/ws/nferecepcao/NfeRecepcao.asmx?WSDL > > > > > > > But I´ve got this exception when I create the Client > > > > Thread-8, SEND TLSv1 ALERT: fatal, description = > certificate_unknown > > Thread-8, WRITE: TLSv1 Alert, length = 2 > > [Raw write]: length = 7 > > 0000: 15 03 01 00 02 02 2E > ....... > > Thread-8, called closeSocket() > > Thread-8, handling exception: > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path > building failed: sun.security. > > provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested > target > > 18:44:09,510 ERROR [WSSender] > sun.security.validator.ValidatorException: PKIX path > building failed: > sun.security.provider.certpath.SunCertPathBuilderE > > xception: unable to find valid certification path to > requested target > > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path > building failed: > sun.security.provider.certpath.SunCertPathB > > uilderException: unable to find valid certification > path to requested target > > at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) > > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476) > > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) > > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) > > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:847) > > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) > > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) > > at > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) > > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815) > > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) > > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038) > > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) > > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170) > > at > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913) > > at > com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getInputStream(HttpsURLConnectionOldImpl.java:204) > > at java.net.URL.openStream(URL.java:1007) > > at > org.codehaus.xfire.client.Client.(Client.java:246) > > at > com.neogrid.integrator.components.ws.WSSender.sendMessage(WSSender.java:169) > > at > com.neogrid.integrator.jbi.SenderLegacyComponent.transform(SenderLegacyComponent.java:61) > > at > org.apache.servicemix.components.util.TransformComponentSupport.onMessageExchange(TransformComponentSupport.java:66) > > at > org.apache.servicemix.jbi.messaging.DeliveryChannelImpl.processInBound(DeliveryChannelImpl.java:624) > > at > org.apache.servicemix.jbi.nmr.flow.AbstractFlow.doRouting(AbstractFlow.java:170) > > at > org.apache.servicemix.jbi.nmr.flow.seda.SedaFlow.doRouting(SedaFlow.java:177) > > at > org.apache.servicemix.jbi.nmr.flow.seda.SedaQueue$1.run(SedaQueue.java:227) > > at > org.apache.geronimo.connector.work.WorkerContext.run(WorkerContext.java:291) > > at > EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(Unknown > Source) > > at java.lang.Thread.run(Thread.java:595) > > > > code > > > > System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol"); > > > System.setProperty("javax.net.debug","all"); > > > System.setProperty("java.security.debug","all"); > > > > > System.setProperty("javax.net.ssl.keyStore", > "D:/work/ncp/integrator/5.0/modules/integrator-components/integrator-component-binding-ws/src/main/java/com/neogrid/integrator/components/ws/security/datasul.jks"); > > > System.setProperty("javax.net.ssl.keyStorePassword", > "datasul"); > > > System.setProperty("javax.net.ssl.trustStore", > "D:/work/ncp/integrator/5.0/modules/integrator-components/integrator-component-binding-ws/src/main/java/com/neogrid/integrator/components/ws/security/datasul.jks"); > > > System.setProperty("javax.net.ssl.trustStorePassword", > "datasul"); > > > > Security.addProvider(new > com.sun.net.ssl.internal.ssl.Provider()); > > > > URL urlEndPoint = new URL(url); > > Client client = new Client(urlEndPoint); <- > exception here > > > > > > I had implement a handler to manipulate the > OutMessages as I saw at xfire samples, but the error > occurs before xfire call my handler. > > > > Any ideia? > > > > Arian Rodrigo Pasquali > Desenvolvimento > [EMAIL PROTECTED] > Tel. +55 (47) 3802-8446 > www.neogrid.com.br > > > > --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
