0

I'm trying to make an https soap request but I get this error :

Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking *** : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)

The probleme is when I use the system properties : 

System.setProperty("javax.net.ssl.trustStore", certPath);
System.setProperty("javax.net.ssl.trustStorePassword", certPasswd);

I don't get the error, but when I try to load the trust store manually it doesn't seem to work : 

TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    KeyStore trustStore = KeyStore.getInstance("JKS");
    trustStore.load(new FileInputStream(certPath), certPasswd.toCharArray());
    tmFactory.init(trustStore);

    SSLContext sslContext = SSLContext.getInstance("SSLv3");
    sslContext.init(null , tmFactory.getTrustManagers(), null);
    bp.getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());

I get the exception mentioned above, any idea on how to solve it ?

Ilias Yahia
  • 1
  • 1
  • there are many similar questions, did you check them ? Why do you choose SSLv3, as it is disabled by default on recent Java ? What is your Java version ? – Eugène Adell Mar 15 '18 at 10:00
  • Yes I've tried every possible solution on the internet, yes I've used SSL TLS and SSLv3 nothing worked, when I use `System.setProperty("javax.net.debug", "all");` to view the certificates but when the method invocation is called Java uses the default JVM certificates and not the I specified – Ilias Yahia Mar 15 '18 at 10:18
  • It's unclear what you want to do. If you just want to accept the server's certificate for a SOAP request, those 2 properties are enough (with setProperty or a JVM option -D is the same, but I think an option is easier). TrustManagerFactory is not required there. – Eugène Adell Mar 15 '18 at 10:57
  • For local developement it's okay, but they don't to use system properties on production server – Ilias Yahia Mar 15 '18 at 13:02

0 Answers0