File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes PKIX path building failed” and “unable to find valid certification path to requested target Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "PKIX path building failed” and “unable to find valid certification path to requested target" Watch "PKIX path building failed” and “unable to find valid certification path to requested target" New topic
Forums: Glassfish Security
Author

PKIX path building failed” and “unable to find valid certification path to requested target

Pranav Kristam
Greenhorn

Joined: Aug 21, 2014
Posts: 8
Hi,

My application is written in java (apache axis-1.4) and the service provider application is written in .Net webservices which is exposed through https endpoint URL.

By using below mentioned stand alone program I am able to connect with third party .Net web services and getting response. But when I implemented the same code in application and deploy on glassfish 2.1.1 server i am getting an exception as "PKIX path building failed” and “unable to find valid certification path to requested target".

please let us know how to make it work when deployed on glassfish server. do i need any additional configuration changes need to be done on Glassfish to consume the .Net webservices.

Stand alone Program:
===============

String endpoint = "https://thirdparty:8443/Orderservice.svc";

System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty("javax.net.ssl.keyStore","security_com.p12");
System.setProperty("javax.net.ssl.keyStorePassword", "sec2014!!");
System.setProperty("javax.net.debug", "ssl");


/*System.setProperty("javax.net.ssl.trustStore","sec.keystore");
System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.ssl.trustStorePassword", "importkey");*/

try {
Service service = new Service();
Call call = (Call) service.createCall();
call.setTargetEndpointAddress(new java.net.URL(endpoint));
QName qname = new QName(endpoint + "/", "OrderAction");
call.setOperationName(qname);
call.addParameter("Order", org.apache.axis.Constants.XSD_STRING,
javax.xml.rpc.ParameterMode.IN);
call.setReturnType(org.apache.axis.Constants.XSD_INT);
call.setSOAPActionURI("urn:BMWLabelOrderIntf-IBMWLabelOrder#OrderAction");
Object[] arg1 = new Object[] { "abc" };
Object result1 = call.invoke(arg1);
System.out.println("result1 --> " + result1);
} catch (MalformedURLException urlException) {
urlException.printStackTrace();
} catch (ServiceException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (AxisFault e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RemoteException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
Welcome to the Ranch. See the last entry in the http://www.coderanch.com/how-to/java/SecurityFaq.

As an aside, you should upgrade to a current version of Axis - 1.4 is from 2006!


Ping & DNS - my free Android networking tools app
Pranav Kristam
Greenhorn

Joined: Aug 21, 2014
Posts: 8
Thanks for the reply. Due to some reasons on PROD environment i can't add keystore / trust store to $JAVA_HOME/jre/lib/security directory. Generating those to some other directory and using the same path in the code. Still running in to same issue. Please assist me to resolve the same.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
The server may be able to use another keystore (e.g., for Tomcat you would configure this in server.xml). Consult the GlassFish documentation whether that's possible. It's probably easier to use the standard way, though - talk to the sys admin about that.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: PKIX path building failed” and “unable to find valid certification path to requested target