Hi Christian,
Take a look at this thread.
http://marc.theaimsgroup.com/?l=axis-user&m=110211375809714&w=2
What we had to do was to create a custom
socket factory that trusted all certs, and then point Axis at our factory class
via the meta-inf stuff.
-----Original Message-----
From: Faucher, Christian [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 11, 2005
3:10 PM
To: [EMAIL PROTECTED]
Subject: Disabling Certification
validation in HTTPS
I have a SOAP Server that does not
have (yet) its trusted certificate, but nonetheless runs in HTTPS. For
instance, we can use portals on it, providing we accept the fact the server
cannot authenticate itself.
I run a Axis client that connects to
this server, using a HTTPS:// URL. However, the client fails, saying that
the server has no trusted certificate (see exception below).
Is there a way in Axis to configure
an Axis client
to accept the SSL connection, no matter if the certificate is valid/trusted/found?
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: No trusted certificate found
at
org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at
org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:97)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.client.AxisClient.invoke(AxisClient.java:147)
at
org.apache.axis.client.Call.invokeEngine(Call.java:2719)
at
org.apache.axis.client.Call.invoke(Call.java:2702)
at
org.apache.axis.client.Call.invoke(Call.java:1738)
at
axa.Main.main(Main.java:90)
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at
java.lang.reflect.Method.invoke(Method.java:324)
at
com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
Caused
by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: No trusted certificate found
at
com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
at
org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at
org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:131)
at
org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:370)
at
org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:88)
...
13 more
Caused
by: sun.security.validator.ValidatorException: No trusted certificate found
at
sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304)
at
sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107)
at
sun.security.validator.Validator.validate(Validator.java:202)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA12275)
at
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA12275)
...
23 more
Exception
in thread "main"
"Ce
message est confidentiel, a l'usage exclusif du destinataire ci-dessus et son
contenu ne represente en aucun cas un engagement de la part de AXA, sauf en cas
de stipulation expresse et par ecrit de la part de AXA. Toute publication,
utilisation ou diffusion, meme partielle, doit etre autorisee prealablement. Si
vous n'etes pas destinataire de ce message, merci d'en avertir immediatement
l'expediteur."
"This e-mail message is confidential, for the exclusive use of the
addressee and its contents shall not constitute a commitment by AXA, except as
otherwise specifically provided in writing by AXA. Any unauthorized disclosure,
use or dissemination, either whole or partial, is prohibited. If you are not
the intended recipient of the message, please notify the sender
immediately."
|
