[jboss-user] [JBossWS] - Question on accessing keystore/truststore that is not relati
do-not-reply at jboss.com
Wed Oct 25 12:56:36 EDT 2006
I have a secured web service which is deployed to a secured port. The service is implemented using EJB and JSR181 annonations on the server-side, the client-side is also an EJB. Both are deployed as EAR files. My application runs in the background of a web application which uses SSL/TLS. As part of the the foreground web application, certificates are exchanged and are imported into the appropriate truststore and keystores. My diliema is that I want to use the same keystore and truststore with my client and service. I have the following in my jboss-wsse-client.xml file:
and the same in my jboss-wsse-server.xml file. I am getting the following error when I try to access my service:
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Everything that I have read on this particular exception says that it indicates that the certificate has not been imported into the truststore; however, I have used keytool to verify that the appropriate certs are in the appropriate places. I believe that I am getting this error because the location that I am giving for the keystore and truststore is located on the filesystem outside of the EJB deployment EAR file and it can not find the keystore/truststore.
Can someone validate or invalidate my conclusion? and if my assumption is correct, can someone tell me if it is possible to access a keystore/truststore outside of the relative deployment of the EJB?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980776#3980776
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980776
More information about the jboss-user