Hello Guys, Colm : I did add the certificates to for e.g. in the Firefox explicitly.
Following http://aruld.info/programming-ssl-for-jetty-based-cxf-services/ for my Dynamic Client, I try to do somthing like below : 1. JaxWsDynamicClientFactory dcf = JaxWsDynamicClientFactory.newInstance(); 2. Client client = dcf.createClient(" https://localhost:9001/ApexCollateral/ing/services/wss/agreementDemo/2.0?wsdl "); 3. configureSSLOnTheClient(client); 4. Object[] res = client.invoke("getAgreementDemoIdentifier", new Integer(1)); Theoretically it should have worked, but it fails with an exception like "org.apache.cxf.service.factory.ServiceConstructionException: Could not resolve URL "https://localhost:9001/someService/2.0?wsdl".";, while excetuing *line number 2 (*logs attached*) *that is even before line 3 where I could setup the truststore, manually. I really want to use the Dynamic Client approach in the test cases to test my web services. I assume, along with the testing services, with this approach I also validate auto code generation for clients, which would be used eventually by the consumers (by exposed wsdls). Please help, Thanks, Himanshu. On Mon, Jun 25, 2012 at 2:51 PM, Glen Mazza <[email protected]> wrote: > Personally, for SSL, I would recommend using a standalone servlet > container like Tomcat to host your web service (http://www.jroller.com/** > gmazza/entry/ssl_for_web_**services<http://www.jroller.com/gmazza/entry/ssl_for_web_services>), > I wouldn't rely on Endpoint.publish() for production, especially if you're > using SSL. > > For your dynamic client, as the link above mentions, the certs will need > to be in the "cacerts" file used by the JRE that is running the dynamic > client--or another truststore file that you configure--the browser is > irrelevant as it's not being used there. > > HTH, > Glen > > > On 06/25/2012 07:46 AM, Himanshu Gupta wrote: > >> Hello Experts, >> >> Quite new to CXF, having a usecase where I need to expose our existing >> services as webservices. App is a standalone server, so am using embedded >> jetty with https. Everything works fine, except that when I hit the server >> with the wsdl url through a browser (any browser), I get >> "javax.net.ssl.**SSLHandshakeException: no cipher suites in common". >> >> This could be reproduced if you just run the wsdl_first_https server and >> hit the url >> https://localhost:9001/**SoapContext/SoapPort?wsdl<https://localhost:9001/SoapContext/SoapPort?wsdl>. >> Please help >> escape this problem. >> >> Also the client in the wsdl_first_https works. But if I try to use the >> Dynamic Client (thats a requirement), it fails as well, as it could not >> find the wsdl. The Dynamic client looks somthing like below : >> >> >> JaxWsDynamicClientFactory dcf = JaxWsDynamicClientFactory.** >> newInstance(); >> Client client = dcf.createClient(" >> https://localhost:443/**someservice/2.0?wsdl<https://localhost:443/someservice/2.0?wsdl> >> <https://**localhost/someservice/2.0?wsdl<https://localhost/someservice/2.0?wsdl> >> **> >> >> "); >> Object[] res = client.invoke(jnew >> QName("http://someNameSpace/<h**ttp://somenamespace/<http://somenamespace/> >> >", >> >> "getSomeIdentifier"), new Integer(1)); >> >> PS : I have already tried adding the certs to the browser. >> >> Thanks in Advance, >> >> > > -- > Glen Mazza > Talend Community Coders > coders.talend.com > blog: www.jroller.com/gmazza > > -- Himanshu Gupta.
org.apache.cxf.service.factory.ServiceConstructionException: Could not resolve URL "https://localhost:9001/someService/2.0?wsdl";. at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.composeUrl(DynamicClientFactory.java:569) at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:259) at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:204) at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:197) at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:152) at com.comp.agreement.service.AgreementServiceDemoWSIntegrationTest.testGetAgreementIdentifierWithDynamicClient(AgreementServiceDemoWSIntegrationTest.java:46) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at junit.framework.TestCase.runTest(TestCase.java:154) at org.springframework.test.context.junit38.AbstractJUnit38SpringContextTests.runManaged(AbstractJUnit38SpringContextTests.java:334) at org.springframework.test.context.junit38.AbstractJUnit38SpringContextTests.access$0(AbstractJUnit38SpringContextTests.java:326) at org.springframework.test.context.junit38.AbstractJUnit38SpringContextTests$1.run(AbstractJUnit38SpringContextTests.java:216) at org.springframework.test.context.junit38.AbstractJUnit38SpringContextTests.runTest(AbstractJUnit38SpringContextTests.java:296) at org.springframework.test.context.junit38.AbstractJUnit38SpringContextTests.runTestTimed(AbstractJUnit38SpringContextTests.java:253) at org.springframework.test.context.junit38.AbstractJUnit38SpringContextTests.runBare(AbstractJUnit38SpringContextTests.java:213) at junit.framework.TestResult$1.protect(TestResult.java:106) at junit.framework.TestResult.runProtected(TestResult.java:124) at junit.framework.TestResult.run(TestResult.java:109) at junit.framework.TestCase.run(TestCase.java:118) at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:130) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197) Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) at org.apache.cxf.resource.URIResolver.tryFileSystem(URIResolver.java:167) at org.apache.cxf.resource.URIResolver.<init>(URIResolver.java:90) at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.composeUrl(DynamicClientFactory.java:561) ... 26 more Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217) at sun.security.validator.Validator.validate(Validator.java:218) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185) ... 40 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) ... 46 more
