[jboss-user] [Remoting] - Caused by: sun.security.validator.ValidatorException: No tru
vbatista
do-not-reply at jboss.com
Thu Sep 4 19:06:40 EDT 2008
Hello,
I am using JBoss-4.2.2.GA with Java 1.6.0_04. My application implements a WS client which needs to integrate with an external Web Service. This communication needs to be handled through https.
I have created a jks keystore with the server certificate, and passed its details to JBoss through the System Properties:
| -Djavax.net.ssl.trustStore=/Path-to-file -Djavax.net.ssl.trustStorePassword=password
|
On my development environment I can call the Web Service correctly.
Although, on the production environment, I amgetting the following exception:
| javax.xml.ws.WebServiceException: java.io.IOException: Could not transmit message
| at org.jboss.ws.core.jaxws.client.ClientImpl.handleRemoteException(ClientImpl.java:317)
| at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:255)
| at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:164)
| at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)
| at $Proxy171.send(Unknown Source)
| at com.xpto.integration.SmsHelper.send(SmsHelper.java:57)
| at com.xpto.services.sms.SMSSenderServiceMBean.run(SMSSenderServiceMBean.java:106)
| at java.lang.Thread.run(Thread.java:619)
| Caused by: java.io.IOException: Could not transmit message
| at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:204)
| at org.jboss.ws.core.client.SOAPRemotingConnection.invoke(SOAPRemotingConnection.java:77)
| at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:337)
| at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:243)
| ... 6 more
| Caused by: org.jboss.remoting.CannotConnectException: Can not connect http client invoker.
| at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:333)
| at org.jboss.remoting.transport.http.HTTPClientInvoker.transport(HTTPClientInvoker.java:135)
| at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
| at org.jboss.remoting.Client.invoke(Client.java:1634)
| at org.jboss.remoting.Client.invoke(Client.java:548)
| at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:183)
| ... 9 more
| Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
| at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
| at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
| at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
| at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
| at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
| at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
| at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
| at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
| at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
| at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:832)
| at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
| at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:275)
| ... 14 more
| Caused by: sun.security.validator.ValidatorException: No trusted certificate found
| at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304)
| at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107)
| at sun.security.validator.Validator.validate(Validator.java:218)
| at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
| at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
| at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
| at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
| ... 26 more
|
Both systems are configured with the same JBoss, JVM, ...
The certificate details are:
| Owner=
| CN=*...., OU=..., O=..., L=..., ST=..., C=PT
| Issuer=
| CN=..., O=..., C=PT
| Version=3
| Serial Number=BC81A81843E26C2597CD10354588F61E
| Valid From=Monday, 3 March 2008 18:50
| Valid Until=Tuesday, 3 March 2009 18:50
| Signature Algorithm=SHA1withRSA
|
| Fingerprints=
| MD5: 0A:A6:89:92:A4:CF:17:74:7C:4E:20:63:6B:81:AE:85
| SHA1: 35:01:74:8C:35:AB:9F:02:7B:23:3F:15:5E:73:C6:4D:DD:BB:C0:7A
| Key Usage= critical
| List:
| . digitalSignature
| . keyEncipherment
| . dataEncipherment
| . keyAgreement
| Extended Key Usage= none
|
On production I have also tried adding the following properties:
| -Djavax.net.ssl.keyStore=/Path-to-file -Djavax.net.ssl.keyStorePassword=password
|
But I still get the error.
Any one has any hint for this problem? Is there any property which I can define to ignore untrusted certificates?
Any help would really be welcome.
Thanks in advance.
Best regards,
Victor Batista
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4174436#4174436
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4174436
More information about the jboss-user
mailing list