I have to consume a webservice done in Axis with my Java web application (that runs on Tomcat). The company that made the webservice uses HTTPS and a certificate self signed for testing.
I have run a Netbeans wizzard to generate a Webservice based on the WSDL, and that is done correctly. If I enter to the website of the webservice using a browser, I get a warning because of the SSL certificate, and I have to create an exception.
When trying to run my code, I get exceptions when the SSL connection is made. The exceptions are:
1.
com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
and some times (without changing the code)
2.
com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I imagine that I have to incorporate a certificate into the Java VM and/or Tomcat, and also tells to ignore that is not a trusted source.
How to do this? How to consume this secure webservice correctly?
If the information I provide is not enough, please ask for more.
Thanks
Ezequiel
UPDATE:
I have tried this two things, both without success, the exceptions are the same.
Option 1)
System.setProperty("javax.net.ssl.trustStore","/home/serverapp/BSS-cert.p12");
System.setProperty("javax.net.ssl.trustStorePassword","password");
System.setProperty("javax.net.ssl.trustStoreType","PKCS12");
Option 2) KeyStore ks = KeyStore.getInstance( "pkcs12" ); ks.load( new FileInputStream("/home/serverapp/BSS-cert.p12"), "password".toCharArray() );
KeyStore jks = KeyStore.getInstance( "JKS" );
jks.load( null );
KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
kmf.init( ks, "f0p6k9n2".toCharArray() );
TrustManagerFactory tmf = TrustManagerFactory.getInstance( "SunX509" );
tmf.init( jks );
SSLContext ctx = SSLContext.getInstance( "TLS" );
ctx.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );
Also, as I thought that may be the problem was the web service, I tried to stablish an HTTPS connection, and it fails with the same error when openning an input stream.
String httpsURL = "https://serverurl:443/theservice?wsdl";
URL myurl = new URL(httpsURL);
HttpsURLConnection con = (HttpsURLConnection)myurl.openConnection();
InputStream ins = con.getInputStream(); //Exception here!
InputStreamReader isr = new InputStreamReader(ins);
BufferedReader in = new BufferedReader(isr);
I think you have to configure, that the unsigned certificate can be trusted. Maybe this will help you.