Could anyone help me with that.
I found that the stub client in fact does not work with HTTPS either. The SSLHandshakeException happens in the stub client too.
Regards,
Xinjun
On 4/17/06, Xinjun Chen <[EMAIL PROTECTED]> wrote:
I am trying to invoke a web service (TraderService) deployed in web
logic server 8.1 using Axis client. It works fine whether I use stub
or dynamic invocation. Then I try to invoke the service using HTTPS. I
have already configured web logic server to enable HTTPS.
I tried the stub client using HTTPS, it works. But it failed when I
use dynamic invocation.
In both the stub client and dynamic invocation client, I have inserted
the following code snippet to by pass the cert validation.
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType)
{ }
public void checkServerTrusted(
java.security.cert.X509Certificate[]
certs, String authType) { }
} };
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
The above code is supposed to by pass the cert validation, yet it only
succeeds in the stub client, and failed in the stubless client. In the
stubless client, I get the following error message,
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException :
sun.security.validator.ValidatorException: No trusted certificate
found
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException :
sun.security.validator.ValidatorException: No trusted certificate
found
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a (DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket (HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
at org.apache.axis.strategies.InvocationStrategy.visit (InvocationStrategy.java:32)
Could anyone tell me what else I need to do to by pass the cert
validation? The client code uses Axis 1.2.1.
Regards,
Xinjun
