0

I developed a spring SOAP web service secured with x509 like it's described in the x-509-spring-rest-web-service-tutorial (I adapted it for the SOAP WS). It works fine. I can communicate with the service through the browser (to get WSDL or to check health) or SOAP UI (to make requests). SOAP UI configuration for it was tricky.

Then I've implemented a spring client to communicate with the server according to the spring-soap-client-tutorial. It works.

Now Im trying to facilitate a secure communication with x509. Im stuck on the build. To build I use this command clean compile \ -Djavax.net.ssl.trustStore=src/main/resources/truststore.jks \ -Djavax.net.ssl.trustStoreType=JKS \ -Djavax.net.ssl.trustStorePassword=password

I get the exception Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

I suppose my truststore isn't correct. I put there ca with the signed server certificate. What should it contain? What else may I do wrong?

user1648825
  • 979
  • 11
  • 19

1 Answers1

1

You want stable, repeatable builds so do not compile online resources.
Make local copies of online resources and use catalog files to rewrite absolute URLs to point to local copies.

Save your https://www.acme.com/foo/schema.xsd as src/main/resources/www.acme.com/foo/schema.xsd.

Write a catalog file:

REWRITE_SYSTEM "https://www.acme.com" "www.acme.com"

Use it in your build:

<catalog>src/main/resources/catalog.cat</catalog>
<schemas>
    <schema>
        <url>https://www.acme.com/foo/schema.xsd</url>
    </schema>
</schemas>

I don't think the SSL problem is worth fighting here. But try -Djavax.net.debug=all to debug it.

lexicore
  • 42,748
  • 17
  • 132
  • 221
  • I run `mvn clean compile` and get an exception `Failed to execute goal org.jvnet.jaxb2.maven2:maven-jaxb2-plugin:0.13.1:generate (default) on project myproject: Unable to parse configuration of mojo org.jvnet.jaxb2.maven2:maven-jaxb2-plugin:0.13.1:generate for parameter schema: Cannot find setter, adder nor field in org.jvnet.jaxb2.maven2.ResourceEntry for 'schema'`. What may I do wrong? – user1648825 Nov 05 '16 at 09:32
  • One `schema` element was duplicated. Corrected now. – lexicore Nov 05 '16 at 09:45
  • Thank you. It works. Now I get the bad certificate exception at the start of my client. – user1648825 Nov 05 '16 at 16:34
  • @user1648825 That's a different problem. – lexicore Nov 06 '16 at 09:14