JBoss Community

Re: https web service hangs when using wssecurity

created by Kerry Ward in JBoss Web Services - View the full discussion

This statement is false:

 

I have another service that I did with JBoss 4.2.3.GA and JDK 5 that uses https and is working just fine.  I tried to connect to it using JBoss 5.1.0.GA and JDK 6 and it has the same problem as my new service.


Somewhere along the way I got wires crossed.  The existing web service call is working in JBoss 5.1.0.GA and JDK 6.  So now I just need to concentrate on my new service.

 

I added the environment variable  -Djavax.net.debug=all and shortly before hanging I get this output

 

 

New I/O client worker #1-1, fatal error: 46: General SSLEngine problem
sun.security.validator.ValidatorException: Violated path length constraints
New I/O client worker #1-1, SEND TLSv1 ALERT:  fatal, description = certificate_unknown
New I/O client worker #1-1, WRITE: TLSv1 Alert, length = 2
New I/O client worker #1-1, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: General SSLEngine problem
[Raw write]: length = 7
0000: 15 03 01 00 02 02 2E                               .......
New I/O client worker #1-1, called closeOutbound()
New I/O client worker #1-1, closeOutboundInternal()
Keep-Alive-Timer, called close()
Keep-Alive-Timer, called closeInternal(true)
Keep-Alive-Timer, SEND TLSv1 ALERT:  warning, description = close_notify


I checked the WSDL location (https://x.asite.org/pay/service/ExtendedStatus?WSDL) and the certificate checks out.  It is named *.asite.org and signed by DigiCert.  My debug also shows that DigiCert is in my truststore.  However, the wsdl references

targetNamespace="https://www.bsite.gov/pay/service".  When I go here in the browser I get a certificate error - it is using the same *.asite.org certificate at www.bsitehttp://www.bsite.g.gov, which is clearly wrong. 

 

Will JBossWS trip up on a targetnamespace, where other tools do not?  I've notified the producer of the service of the inconsistency, but I am wondering if there is a way to quickly test/confirm the issue without having to wait for them to fix things on their side?

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community