I'm developing Jersey web service. In one of the methods, I'm invoking WSO2 Identity Server API: https://docs.wso2.com/display/IS530/apidocs/self-registration/#!/operations#SelfRegister#mePost
When I try to invoke it howerver, it returns following exception:
SunCertPathBuilderException: unable to find valid certification path to requested target
The code I'm using:
Client restClient = ClientBuilder.newClient();
WebTarget webTarget = restClient.target("https://localhost:9443/api/identity/user/v0.9/me");
String username = "admin";
String separator = ":";
String password = "admin";
// String passphrase = "";
HttpAuthenticationFeature feature = HttpAuthenticationFeature.basic(username, password);
restClient.register(feature);
Invocation.Builder invocationBuilder = webTarget.request(MediaType.APPLICATION_JSON);
invocationBuilder.header("Authorization", "Basic " + Base64.encodeAsString(username + ":" + password));
Response response = invocationBuilder.post(Entity.entity(UserBean.class, MediaType.APPLICATION_JSON));
So where is the problem. I thought that my authentication failed, the log from WSO2 would support it, because it states:
Error occurred while trying to authenticate and Authorization header values are not define correctly.
So I checked the header in the variables of debuger and it is set correctly, all is according to documentation. I also found this question:
Java Certificate Client SSL: unable to find valid certification path to requested target
Which states, that my client doesn't trust the server certificate and that I should import it. Ok, but, i'm not using any keystore on level of Java or Jersey, where would I put such keystore? Also to note, the Identity Server runs locally uned localhost certificate. When I try to connect from browser, it wanrs me from enetering the site, presumably because client (browser) doesn't trust the certificate as it is self-signed.
