« Return to Thread: HTTPS connection
Re: HTTPS connection
by stlecho
::
Rate this Message:
Hi Asankha,
I've changed the HTTPS Transport sender and the following error message disappeared: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target".
But now I'm receiving another one :o(: "com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character '"' (code 34) in DOCTYPE declaration; expected a space between public and system identifiers".
The only modification I've done, is changing the trustStore parameter of the HTTPS Transport Sender in the webapp\WEB-INF\classes\conf\axis2.xml file. Based on the stacktrace I'm not able to determine which document causes this error. The modified axis2.xml file does not contain a DOCTYPE declaration.
Stacktrace:
2008-03-05 17:20:01,567 [192.168.13.175-INFOR2] [I/O dispatcher 3] ERROR ClientHandler Received an unexpected response - of content type : text/html; charset=iso-8859-1 and status code : 404 with reason : Not Found
2008-03-05 17:20:01,582 [192.168.13.175-INFOR2] [HttpClientWorker-1] ERROR ClientWorker Unexpected response received
org.apache.axiom.om.OMException: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character '"' (code 34) in DOCTYPE declaration; expected a space between public and system identifiers
at [row,col {unknown-source}]: [1,50]
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:239)
at org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.getSOAPEnvelope(StAXSOAPModelBuilder.java:161)
at org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.<init>(StAXSOAPModelBuilder.java:110)
at org.apache.axis2.builder.BuilderUtil.getSOAPBuilder(BuilderUtil.java:609)
at org.apache.axis2.transport.TransportUtils.createDocumentElement(TransportUtils.java:178)
at org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:111)
at org.apache.synapse.transport.nhttp.ClientWorker.run(ClientWorker.java:160)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
at java.lang.Thread.run(Thread.java:595)
PS: I'm using ESB v1.6.
Regards, Stefan Lecho.
I've changed the HTTPS Transport sender and the following error message disappeared: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target".
But now I'm receiving another one :o(: "com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character '"' (code 34) in DOCTYPE declaration; expected a space between public and system identifiers".
The only modification I've done, is changing the trustStore parameter of the HTTPS Transport Sender in the webapp\WEB-INF\classes\conf\axis2.xml file. Based on the stacktrace I'm not able to determine which document causes this error. The modified axis2.xml file does not contain a DOCTYPE declaration.
Stacktrace:
2008-03-05 17:20:01,567 [192.168.13.175-INFOR2] [I/O dispatcher 3] ERROR ClientHandler Received an unexpected response - of content type : text/html; charset=iso-8859-1 and status code : 404 with reason : Not Found
2008-03-05 17:20:01,582 [192.168.13.175-INFOR2] [HttpClientWorker-1] ERROR ClientWorker Unexpected response received
org.apache.axiom.om.OMException: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character '"' (code 34) in DOCTYPE declaration; expected a space between public and system identifiers
at [row,col {unknown-source}]: [1,50]
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:239)
at org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.getSOAPEnvelope(StAXSOAPModelBuilder.java:161)
at org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.<init>(StAXSOAPModelBuilder.java:110)
at org.apache.axis2.builder.BuilderUtil.getSOAPBuilder(BuilderUtil.java:609)
at org.apache.axis2.transport.TransportUtils.createDocumentElement(TransportUtils.java:178)
at org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:111)
at org.apache.synapse.transport.nhttp.ClientWorker.run(ClientWorker.java:160)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
at java.lang.Thread.run(Thread.java:595)
PS: I'm using ESB v1.6.
Regards, Stefan Lecho.
asankha wrote:Hi Stefan
> In order to setup an SSL connection with the Axis2-based client, we've added
> the following: "System.setProperty("javax.net.ssl.trustStore",
> "d:/path_to_file/name_of_keystore");
> System.setProperty("javax.net.ssl.trustStorePassword", "secret");".
>
> In ESB, I've changed the value of the "truststore" parameter to use the same
> truststore used by the Axis2-based client. I've also created a Proxy that
> points to the https webservice. When calling this Proxy, the following error
> is generated: "Caused by: sun.security.validator.ValidatorException: PKIX
> path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target". The used truststore contains
> the SSL certificate of the site.
>
Which "truststore" parameter did you change? Since you are "calling" and
external HTTPS service, you must edit the HTTPS Transport Sender
configuration as follows, and not the Listener
<transportSender name="https"
class="org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender">
<parameter name="non-blocking" locked="false">true</parameter>
<parameter name="keystore" locked="false">
<KeyStore>
<Location>identity.jks</Location>
<Type>JKS</Type>
<Password>password</Password>
<KeyPassword>password</KeyPassword>
</KeyStore>
</parameter>
*<parameter name="truststore" locked="false">
<TrustStore>
<Location>trust.jks</Location>
<Type>JKS</Type>
<Password>password</Password>
</TrustStore>
</parameter>*
<!--<parameter
name="HostnameVerifier">DefaultAndLocalhost</parameter>
supports Strict|AllowAll|DefaultAndLocalhost or the default
if none specified -->
</transportSender>
> I'm aware that this question is more related to JKS and SSL configuration,
> but - although I found it out for the Axis2-based client - I'm unable to
> configure it correctly for ESB.
>
I am confident that this works without any issues if the keystores are
properly configured. Basically I would expect the truststore to contain
the CA certificate of your external server as a "trusted certificate" in
the keystore
If you can also send me the output of "keytool -v -list -keystore
trust.jks" for your JKS, that would be helpful (please remember to hide
your password from the output generated before you post it here :-))
asankha
_______________________________________________
Esb-java-user mailing list
Esb-java-user@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/esb-java-user
« Return to Thread: HTTPS connection
| Free embeddable forum powered by Nabble | Forum Help |
