Hi I am trying to connect a webservice using https using client certificate i am getting the following exception. We are using jdk 1.4.2 and using web sphere server..I created key store using keytool and added the certificate. For the web service call i am putting code like this
String[][] props = { { "javax.net.ssl.trustStore", keystore, },
{ "javax.net.ssl.trustStorePassword", "changeit", },
{ "javax.net.ssl.keyStore", keystore, },
{ "javax.net.ssl.keyStorePassword", "changeit", },
{ "javax.net.ssl.keyStoreType", storetype, }, };
for (int i = 0; i < props.length; i++)
System.getProperties().setProperty(props[i][0], props[i][1]);
System.setProperty( "java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol" );
Provider provider = new com.sun.net.ssl.internal.ssl.Provider();
Security.addProvider( provider);
I tried with all combinations but always getting the following exception..When i invoke the same from browser it is working..but not from client application.. any help thanks..
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at org.apache.axis.AxisFault.makeFault(AxisFault.java:129)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:131)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:2248)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1282)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:673)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:2916)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:220)
at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:204)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1831)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:84)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:469)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:408)
at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:101)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java:566)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java:619)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:952)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1039)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1455)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse2.bx.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.w.a(Unknown Source)
at com.ibm.jsse2.w.a(Unknown Source)
at com.ibm.jsse2.v.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.l(Unknown Source)
at com.ibm.jsse2.by.startHandshake(Unknown Source)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:224)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
... 28 more
Caused by: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse.bi.a(Unknown Source)
at com.ibm.jsse.bi.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(Unknown Source)
... 37 more