I was playing around with the WSDL First HTTPS sample distributed with
apache 2.2.3. I got it working out of the box as one might have
expected, I did however run into a problem when changing around the
client to use the remote WSDL published by the service instead of the
local file. When I do this I get the following exception:
Caused by: javax.wsdl.WSDLException: WSDLException:
faultCode=PARSER_ERROR: Problem parsing 'https://llanowar:9001/HelloWorldService?wsdl'
.: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at
org
.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:
210)
at
org
.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:
175)
at
org
.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:91)
... 9 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:
150)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:
1584)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:
174)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:
168)
at
com
.sun
.net
.ssl
.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:
848)
at
com
.sun
.net
.ssl
.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:
433)
at
com
.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:
877)
at
com
.sun
.net
.ssl
.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:
1089)
at
com
.sun
.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:
1116)
at
com
.sun
.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:
1100)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
402)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun
.net
.www
.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:
951)
at
sun
.net
.www
.protocol
.https
.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at
com
.sun
.org
.apache
.xerces
.internal
.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:973)
at
com
.sun
.org
.apache
.xerces
.internal
.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:
184)
at
com
.sun
.org
.apache
.xerces
.internal.parsers.XML11Configuration.parse(XML11Configuration.java:798)
at
com
.sun
.org
.apache
.xerces
.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764)
at
com
.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:
148)
at
com
.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:
250)
at
com
.sun
.org
.apache
.xerces
.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:292)
... 15 more
It seems that the code that obtains the remote WSDL (WSDLReaderImpl)
is not using the trust manager configuration set in the spring
configuration file (WibbleClient.xml). I can get to work if I set
the “javax.net.ssl.trustStore“ system property to the trust store I
configured in WibbleClient.xml, however this seems redundant and I
would think that the underlying client code would use a single point
of configuration, am I missing something?, is this intentional?, or is
this a bug? Thanks in advance.
--Steve
Stephen Langella
Co-Founder
Inventrio, LLC
www.inventrio.com
[email protected]
