RE: WSDL2Java for HTTPS
Thank you for your reply. Yes the server only allows one I.P. Address
that they specify to talk to it. I can't get them to change this it's
the policy they have in place. How can I get this to work if
certificates for IP address will not work?
-Original Message-
From: r1c4r60 [mailto:[EMAIL PROTECTED]
Sent: Monday, June 25, 2007 3:48 PM
To: axis-user@ws.apache.org
Subject: RE: WSDL2Java for HTTPS
Hi,
"Certificates for IP addresses will not work
Quite simply, issuing and using certificates that authenticate IP
addresses
rather than host names will not work. Don't do it. For anything larger
than
a trivial installation, your CAS server and its clients need real
hostnames
and certificates that authenticate those hostnames (for proxy ticket
functionality). In particular, if you get an error like ("unable to find
valid certification path to requested target") in the CAS server log, it
means that the SSL callback was specified in terms of an IP address
rather
than a hostname."
Quoted from: http://www.ja-sig.org/products/cas/server/ssl/index.html
Does this seem to be your case?
Regards,
Ricardo
Mark Babcock-3 wrote:
>
> I did everything you listed step by step and this is the stack trace I
> get:
>
> [axis-wsdl2java] javax.net.ssl.SSLHandshakeException:
> sun.security.validator.Val
> idatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCe
> rtPathBuilderException: unable to find valid certification path to
> requested tar
> get
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(A
> lerts.java:174)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLS
> ocketImpl.java:1520)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Hands
> haker.java:182)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Hands
> haker.java:176)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverC
> ertificate(ClientHandshaker.java:975)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.process
> Message(ClientHandshaker.java:123)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(H
> andshaker.java:511)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.process_recor
> d(Handshaker.java:449)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord
> (SSLSocketImpl.java:817)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performIni
> tialHandshake(SSLSocketImpl.java:1029)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHands
> hake(SSLSocketImpl.java:1056)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHands
> hake(SSLSocketImpl.java:1040)
> [axis-wsdl2java]at
> sun.net.www.protocol.https.HttpsClient.afterConnect(H
> ttpsClient.java:405)
> [axis-wsdl2java]at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLCo
> nnection.connect(AbstractDelegateHttpsURLConnection.java:170)
> [axis-wsdl2java]at
> sun.net.www.protocol.http.HttpURLConnection.getInputS
> tream(HttpURLConnection.java:981)
> [axis-wsdl2java]at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.get
> InputStream(HttpsURLConnectionImpl.java:234)
> [axis-wsdl2java]at
> org.apache.xerces.impl.XMLEntityManager.setupCurrentE
> ntity(Unknown Source)
> [axis-wsdl2java]at
> org.apache.xerces.impl.XMLVersionDetector.determineDo
> cVersion(Unknown Source)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.XML11Configuration.parse(Un
> known Source)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.XML11Configuration.parse(Un
> known Source)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.XMLParser.parse(Unknown Sou
> rce)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.DOMParser.parse(Unknown Sou
> rce)
> [axis-wsdl2java]at
> org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unkn
> own Source)
> [axis-wsdl2java]at
> org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.j
> ava:369)
> [axis-wsdl2java]at
> org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.j
> ava:420)
> [axis-wsdl2java]at
> org.apache.axis.wsdl.symbolTable.SymbolTable.populate
> (SymbolTable.java:482)
> [axis-wsdl2java]at
> org.apache.axis.wsdl.gen.Parser$WSDLRunnable.run(Pars
> er.java:361)
> [axis-wsdl2java]at java.lang.Thread.run(Thread.java:619)
> [axis-wsdl2java] Caused by: sun.security.validator.ValidatorException:
> PKIX path
> building failed:
> sun.security.provider.certp
RE: WSDL2Java for HTTPS
Have you tried adding the following to the constructor in your generated
code stub? If the path and password matches that of the keystore you
imported the key in, that would help.
System.setProperty(
"java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider( new
com.sun.net.ssl.internal.ssl.Provider() );
System.setProperty("javax.net.ssl.trustStore",
path);
System.setProperty("javax.net.ssl.trustStorePassword", changeit);
-Original Message-
From: r1c4r60 [mailto:[EMAIL PROTECTED]
Sent: Monday, June 25, 2007 2:48 PM
To: axis-user@ws.apache.org
Subject: RE: WSDL2Java for HTTPS
Hi,
"Certificates for IP addresses will not work
Quite simply, issuing and using certificates that authenticate IP
addresses rather than host names will not work. Don't do it. For
anything larger than a trivial installation, your CAS server and its
clients need real hostnames and certificates that authenticate those
hostnames (for proxy ticket functionality). In particular, if you get an
error like ("unable to find valid certification path to requested
target") in the CAS server log, it means that the SSL callback was
specified in terms of an IP address rather than a hostname."
Quoted from: http://www.ja-sig.org/products/cas/server/ssl/index.html
Does this seem to be your case?
Regards,
Ricardo
Mark Babcock-3 wrote:
>
> I did everything you listed step by step and this is the stack trace I
> get:
>
> [axis-wsdl2java] javax.net.ssl.SSLHandshakeException:
> sun.security.validator.Val
> idatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCe
> rtPathBuilderException: unable to find valid certification path to
> requested tar get
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(A
> lerts.java:174)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLS
> ocketImpl.java:1520)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Hands
> haker.java:182)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Hands
> haker.java:176)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverC
> ertificate(ClientHandshaker.java:975)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.process
> Message(ClientHandshaker.java:123)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(H
> andshaker.java:511)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.Handshaker.process_recor
> d(Handshaker.java:449)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord
> (SSLSocketImpl.java:817)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performIni
> tialHandshake(SSLSocketImpl.java:1029)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHands
> hake(SSLSocketImpl.java:1056)
> [axis-wsdl2java]at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHands
> hake(SSLSocketImpl.java:1040)
> [axis-wsdl2java]at
> sun.net.www.protocol.https.HttpsClient.afterConnect(H
> ttpsClient.java:405)
> [axis-wsdl2java]at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLCo
> nnection.connect(AbstractDelegateHttpsURLConnection.java:170)
> [axis-wsdl2java]at
> sun.net.www.protocol.http.HttpURLConnection.getInputS
> tream(HttpURLConnection.java:981)
> [axis-wsdl2java]at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.get
> InputStream(HttpsURLConnectionImpl.java:234)
> [axis-wsdl2java]at
> org.apache.xerces.impl.XMLEntityManager.setupCurrentE
> ntity(Unknown Source)
> [axis-wsdl2java]at
> org.apache.xerces.impl.XMLVersionDetector.determineDo
> cVersion(Unknown Source)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.XML11Configuration.parse(Un
> known Source)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.XML11Configuration.parse(Un
> known Source)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.XMLParser.parse(Unknown Sou
> rce)
> [axis-wsdl2java]at
> org.apache.xerces.parsers.DOMParser.parse(Unknown Sou
> rce)
> [axis-wsdl2java]at
> org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unkn
> own Source)
> [axis-wsdl2java]at
> org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.j
> ava:369)
> [axis-wsdl2java]at
> org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.j
> ava:420)
> [axis-wsdl2java]at
> org.apache.axis.wsdl.symbolTable.SymbolTable.populate
> (SymbolTable.java:482)
> [a
RE: WSDL2Java for HTTPS
rity.validator.Validator.validate(Validator.j > ava:218) > [axis-wsdl2java]at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.val > idate(X509TrustManagerImpl.java:126) > [axis-wsdl2java]at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.che > ckServerTrusted(X509TrustManagerImpl.java:209) > [axis-wsdl2java]at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.che > ckServerTrusted(X509TrustManagerImpl.java:249) > [axis-wsdl2java]at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverC > ertificate(ClientHandshaker.java:954) > [axis-wsdl2java]... 23 more > [axis-wsdl2java] Caused by: > sun.security.provider.certpath.SunCertPathBuilderExc > eption: unable to find valid certification path to requested target > [axis-wsdl2java]at > sun.security.provider.certpath.SunCertPathBuilder.eng > ineBuild(SunCertPathBuilder.java:174) > [axis-wsdl2java]at > java.security.cert.CertPathBuilder.build(CertPathBuil > der.java:238) > [axis-wsdl2java]at > sun.security.validator.PKIXValidator.doBuild(PKIXVali > dator.java:280) > [axis-wsdl2java]... 29 more > -Original Message- > From: r1c4r60 [mailto:[EMAIL PROTECTED] > Sent: Monday, June 25, 2007 10:57 AM > To: axis-user@ws.apache.org > Subject: RE: WSDL2Java for HTTPS > > > Hi Mark, > > Most likely you haven't set the Axis Classpath. It could be done in > several > different ways as for example the one described at the Axis Installation > page: > > http://ws.apache.org/axis/java/install.html#ClasspathSetup > > > Or just follow the instruction below: > > Add these lines to your build.xml and it should start working. > > > > > > > > > > /> > > PS. This is a refence to http://ws.apache.org/axis/java/ant/ant.html > > Best Regards, > Ricardo > > > > Mark Babcock-3 wrote: >> >> Ricardo, >> >> Thank you for that amazing help. However, I'm having problems with > the >> ant tag axis-wsdl2java. Getting the name is undefined. >> >> -Original Message- >> From: r1c4r60 [mailto:[EMAIL PROTECTED] >> Sent: Monday, June 25, 2007 9:22 AM >> To: axis-user@ws.apache.org >> Subject: Re: WSDL2Java for HTTPS >> >> >> Hi, >> >> This is a way to solve the WSDL over HTTPS issue reported by so many >> resulting in "No Trusted Certificate". >> >> 1 - Export Certificate from Internet Explorer >> >> 1.1 -> Access the service WSDL location (Ex. https://foo.com/bar?wsdl) >> 1.2 -> Internet explorer will prompt a security alert >> 1.3 -> Select the "View Certificate" button >> 1.4 -> Navigate to the tab "Details" >> 1.5 -> Select the "Copy to File.." button >> 1.6 -> Certificate Export Wizard will be displayed. Select "NEXT" >> button. >> 1.7 -> The option "DER encoded binary X.509 (.CER) will by default be >> selected. Select "Next" >> 1.8 -> Place the file where it suits you better. (Ex. foobar) PS. > Don't >> add >> an extension. It will be store as: [given name].cer >> 1.9 -> Select "Next" >> 1.10 -> The "Completing Certificate Export Wizard" will be displayed. >> 1.11 -> Select "Finish" >> 1.12 -> The will be a pop-up saying "The export was successful" >> >> 2 - Importing the certificate signature into the keystore >> >> 2.1 -> Find out which keystore is being used by ANT by using the >> command: >> ant -diagnostics >> 2.2 -> Lots of information will be displayed. Find the key "java.home" >> (Ex. >> "java.home : C:\j2sdk1.4.2_14\jre") >> 2.3 -> Thereby the truststore being used by ANT is in: >> C:\j2sdk1.4.2_14\jre\lib\security\cacerts >> 2.4 -> Now you have to import the certificate into the keystore: >> "keytool >> -import -trustcacerts -keystore >> "C:\j2sdk1.4.2_14\jre\lib\security\cacerts" >> -storepass changeit -alias [foo bar] -file [the name you gave in step >> 1.8].cer" >> 2.5 -> Verify if the entry was created correctly. >> "C:\j2sdk1.4.2_14\jre\lib\security>keytool -keystore cacerts > -storepass >> changeit -list -alias [foo bar]" >> >> 3 - Run the Ant task >> >> >> >> > output="src/main/java-generated" >> testcase="false" >> verbose="true" >> serverside="false&q
RE: WSDL2Java for HTTPS
I did everything you listed step by step and this is the stack trace I get: [axis-wsdl2java] javax.net.ssl.SSLHandshakeException: sun.security.validator.Val idatorException: PKIX path building failed: sun.security.provider.certpath.SunCe rtPathBuilderException: unable to find valid certification path to requested tar get [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(A lerts.java:174) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLS ocketImpl.java:1520) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Hands haker.java:182) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Hands haker.java:176) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverC ertificate(ClientHandshaker.java:975) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.ClientHandshaker.process Message(ClientHandshaker.java:123) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(H andshaker.java:511) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.Handshaker.process_recor d(Handshaker.java:449) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord (SSLSocketImpl.java:817) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performIni tialHandshake(SSLSocketImpl.java:1029) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHands hake(SSLSocketImpl.java:1056) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHands hake(SSLSocketImpl.java:1040) [axis-wsdl2java]at sun.net.www.protocol.https.HttpsClient.afterConnect(H ttpsClient.java:405) [axis-wsdl2java]at sun.net.www.protocol.https.AbstractDelegateHttpsURLCo nnection.connect(AbstractDelegateHttpsURLConnection.java:170) [axis-wsdl2java]at sun.net.www.protocol.http.HttpURLConnection.getInputS tream(HttpURLConnection.java:981) [axis-wsdl2java]at sun.net.www.protocol.https.HttpsURLConnectionImpl.get InputStream(HttpsURLConnectionImpl.java:234) [axis-wsdl2java]at org.apache.xerces.impl.XMLEntityManager.setupCurrentE ntity(Unknown Source) [axis-wsdl2java]at org.apache.xerces.impl.XMLVersionDetector.determineDo cVersion(Unknown Source) [axis-wsdl2java]at org.apache.xerces.parsers.XML11Configuration.parse(Un known Source) [axis-wsdl2java]at org.apache.xerces.parsers.XML11Configuration.parse(Un known Source) [axis-wsdl2java]at org.apache.xerces.parsers.XMLParser.parse(Unknown Sou rce) [axis-wsdl2java]at org.apache.xerces.parsers.DOMParser.parse(Unknown Sou rce) [axis-wsdl2java]at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unkn own Source) [axis-wsdl2java]at org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.j ava:369) [axis-wsdl2java]at org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.j ava:420) [axis-wsdl2java]at org.apache.axis.wsdl.symbolTable.SymbolTable.populate (SymbolTable.java:482) [axis-wsdl2java]at org.apache.axis.wsdl.gen.Parser$WSDLRunnable.run(Pars er.java:361) [axis-wsdl2java]at java.lang.Thread.run(Thread.java:619) [axis-wsdl2java] Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: un able to find valid certification path to requested target [axis-wsdl2java]at sun.security.validator.PKIXValidator.doBuild(PKIXVali dator.java:285) [axis-wsdl2java]at sun.security.validator.PKIXValidator.engineValidate(P KIXValidator.java:191) [axis-wsdl2java]at sun.security.validator.Validator.validate(Validator.j ava:218) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.val idate(X509TrustManagerImpl.java:126) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.che ckServerTrusted(X509TrustManagerImpl.java:209) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.che ckServerTrusted(X509TrustManagerImpl.java:249) [axis-wsdl2java]at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverC ertificate(ClientHandshaker.java:954) [axis-wsdl2java]... 23 more [axis-wsdl2java] Caused by: sun.security.provider.certpath.SunCertPathBuilderExc eption: unable to find valid certification path to requested target [axis-wsdl2java]at sun.security.provider.certpath.SunCertPathBuilder.eng ineBuild(SunCertPathBuilder.java:174) [axis-wsdl2java]at java.security.cert.CertPathBuilder.build(CertPathBuil der.java:238) [axis-wsdl2java]at sun.security.validator.PKIXValidator.doBuild(PKIXVali dator.java:280) [axis-wsdl2java]... 29 more -Original Message- From: r1c4r60 [mailto:[EMAIL PROTECTED] Sent: Monday, June 25, 2007 10:57 AM To: axis-user@ws.apache.org Subject: RE: WSDL2Java for HTTPS Hi Mark, Most likely you haven't set the Axis Classpath. It could be done in several diff
RE: WSDL2Java for HTTPS
Hi Mark, Most likely you haven't set the Axis Classpath. It could be done in several different ways as for example the one described at the Axis Installation page: http://ws.apache.org/axis/java/install.html#ClasspathSetup Or just follow the instruction below: Add these lines to your build.xml and it should start working. PS. This is a refence to http://ws.apache.org/axis/java/ant/ant.html Best Regards, Ricardo Mark Babcock-3 wrote: > > Ricardo, > > Thank you for that amazing help. However, I'm having problems with the > ant tag axis-wsdl2java. Getting the name is undefined. > > -Original Message- > From: r1c4r60 [mailto:[EMAIL PROTECTED] > Sent: Monday, June 25, 2007 9:22 AM > To: axis-user@ws.apache.org > Subject: Re: WSDL2Java for HTTPS > > > Hi, > > This is a way to solve the WSDL over HTTPS issue reported by so many > resulting in "No Trusted Certificate". > > 1 - Export Certificate from Internet Explorer > > 1.1 -> Access the service WSDL location (Ex. https://foo.com/bar?wsdl) > 1.2 -> Internet explorer will prompt a security alert > 1.3 -> Select the "View Certificate" button > 1.4 -> Navigate to the tab "Details" > 1.5 -> Select the "Copy to File.." button > 1.6 -> Certificate Export Wizard will be displayed. Select "NEXT" > button. > 1.7 -> The option "DER encoded binary X.509 (.CER) will by default be > selected. Select "Next" > 1.8 -> Place the file where it suits you better. (Ex. foobar) PS. Don't > add > an extension. It will be store as: [given name].cer > 1.9 -> Select "Next" > 1.10 -> The "Completing Certificate Export Wizard" will be displayed. > 1.11 -> Select "Finish" > 1.12 -> The will be a pop-up saying "The export was successful" > > 2 - Importing the certificate signature into the keystore > > 2.1 -> Find out which keystore is being used by ANT by using the > command: > ant -diagnostics > 2.2 -> Lots of information will be displayed. Find the key "java.home" > (Ex. > "java.home : C:\j2sdk1.4.2_14\jre") > 2.3 -> Thereby the truststore being used by ANT is in: > C:\j2sdk1.4.2_14\jre\lib\security\cacerts > 2.4 -> Now you have to import the certificate into the keystore: > "keytool > -import -trustcacerts -keystore > "C:\j2sdk1.4.2_14\jre\lib\security\cacerts" > -storepass changeit -alias [foo bar] -file [the name you gave in step > 1.8].cer" > 2.5 -> Verify if the entry was created correctly. > "C:\j2sdk1.4.2_14\jre\lib\security>keytool -keystore cacerts -storepass > changeit -list -alias [foo bar]" > > 3 - Run the Ant task > > > > output="src/main/java-generated" > testcase="false" > verbose="true" > serverside="false" > url="https://foo.com/bar?wsdl"/> > > > Best Regards, > Ricardo > > > Mark Babcock-3 wrote: >> >> I am trying to generate stubs with the WSDL2Java tool >> >> I imported my certificate into my keystore (cacerts) using >> >> The keytool. >> >> >> >> When I run my build file I get the following exception: >> >> >> >> [java] javax.net.ssl.SSLHandshakeException: >> sun.security.validator.Validato >> >> rException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPat >> >> hBuilderException: unable to find valid certification path to > requested >> target >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > >> >> > fork="true"> >> >> >> >> >> >> >> >> >> >> > location="commons-logging-1.0.4.jar" /> >> >> > location="commons-discovery-0.2.jar" /> >> >> >> >> >> >> https://URL/"/> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> Building xxx WSDL 2 Java\par >> >> >> >> >> >> >> >> >> >> >> >> >> > > -- > View this message in context: > http://www.nabble.com/WSDL2Java-for-HTTPS-tf3965233.html#a11286558 > Sent from the Axis - User mailing list archive at Nabble.com. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/WSDL2Java-for-HTTPS-tf3965233.html#a11288117 Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: WSDL2Java for HTTPS
Ricardo, Thank you for that amazing help. However, I'm having problems with the ant tag axis-wsdl2java. Getting the name is undefined. -Original Message- From: r1c4r60 [mailto:[EMAIL PROTECTED] Sent: Monday, June 25, 2007 9:22 AM To: axis-user@ws.apache.org Subject: Re: WSDL2Java for HTTPS Hi, This is a way to solve the WSDL over HTTPS issue reported by so many resulting in "No Trusted Certificate". 1 - Export Certificate from Internet Explorer 1.1 -> Access the service WSDL location (Ex. https://foo.com/bar?wsdl) 1.2 -> Internet explorer will prompt a security alert 1.3 -> Select the "View Certificate" button 1.4 -> Navigate to the tab "Details" 1.5 -> Select the "Copy to File.." button 1.6 -> Certificate Export Wizard will be displayed. Select "NEXT" button. 1.7 -> The option "DER encoded binary X.509 (.CER) will by default be selected. Select "Next" 1.8 -> Place the file where it suits you better. (Ex. foobar) PS. Don't add an extension. It will be store as: [given name].cer 1.9 -> Select "Next" 1.10 -> The "Completing Certificate Export Wizard" will be displayed. 1.11 -> Select "Finish" 1.12 -> The will be a pop-up saying "The export was successful" 2 - Importing the certificate signature into the keystore 2.1 -> Find out which keystore is being used by ANT by using the command: ant -diagnostics 2.2 -> Lots of information will be displayed. Find the key "java.home" (Ex. "java.home : C:\j2sdk1.4.2_14\jre") 2.3 -> Thereby the truststore being used by ANT is in: C:\j2sdk1.4.2_14\jre\lib\security\cacerts 2.4 -> Now you have to import the certificate into the keystore: "keytool -import -trustcacerts -keystore "C:\j2sdk1.4.2_14\jre\lib\security\cacerts" -storepass changeit -alias [foo bar] -file [the name you gave in step 1.8].cer" 2.5 -> Verify if the entry was created correctly. "C:\j2sdk1.4.2_14\jre\lib\security>keytool -keystore cacerts -storepass changeit -list -alias [foo bar]" 3 - Run the Ant task https://foo.com/bar?wsdl"/> Best Regards, Ricardo Mark Babcock-3 wrote: > > I am trying to generate stubs with the WSDL2Java tool > > I imported my certificate into my keystore (cacerts) using > > The keytool. > > > > When I run my build file I get the following exception: > > > > [java] javax.net.ssl.SSLHandshakeException: > sun.security.validator.Validato > > rException: PKIX path building failed: > sun.security.provider.certpath.SunCertPat > > hBuilderException: unable to find valid certification path to requested > target > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > fork="true"> > > > > > > > > > > location="commons-logging-1.0.4.jar" /> > > location="commons-discovery-0.2.jar" /> > > > > > > https://URL/"/> > > > > > > > > > > > > > > > > Building xxx WSDL 2 Java\par > > > > > > > > > > > > > -- View this message in context: http://www.nabble.com/WSDL2Java-for-HTTPS-tf3965233.html#a11286558 Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WSDL2Java for HTTPS
Excellent write up. thanks! -- dims On 6/25/07, r1c4r60 <[EMAIL PROTECTED]> wrote: Hi, This is a way to solve the WSDL over HTTPS issue reported by so many resulting in "No Trusted Certificate". 1 - Export Certificate from Internet Explorer 1.1 -> Access the service WSDL location (Ex. https://foo.com/bar?wsdl) 1.2 -> Internet explorer will prompt a security alert 1.3 -> Select the "View Certificate" button 1.4 -> Navigate to the tab "Details" 1.5 -> Select the "Copy to File.." button 1.6 -> Certificate Export Wizard will be displayed. Select "NEXT" button. 1.7 -> The option "DER encoded binary X.509 (.CER) will by default be selected. Select "Next" 1.8 -> Place the file where it suits you better. (Ex. foobar) PS. Don't add an extension. It will be store as: [given name].cer 1.9 -> Select "Next" 1.10 -> The "Completing Certificate Export Wizard" will be displayed. 1.11 -> Select "Finish" 1.12 -> The will be a pop-up saying "The export was successful" 2 - Importing the certificate signature into the keystore 2.1 -> Find out which keystore is being used by ANT by using the command: ant -diagnostics 2.2 -> Lots of information will be displayed. Find the key "java.home" (Ex. "java.home : C:\j2sdk1.4.2_14\jre") 2.3 -> Thereby the truststore being used by ANT is in: C:\j2sdk1.4.2_14\jre\lib\security\cacerts 2.4 -> Now you have to import the certificate into the keystore: "keytool -import -trustcacerts -keystore "C:\j2sdk1.4.2_14\jre\lib\security\cacerts" -storepass changeit -alias [foo bar] -file [the name you gave in step 1.8].cer" 2.5 -> Verify if the entry was created correctly. "C:\j2sdk1.4.2_14\jre\lib\security>keytool -keystore cacerts -storepass changeit -list -alias [foo bar]" 3 - Run the Ant task https://foo.com/bar?wsdl"/> Best Regards, Ricardo Mark Babcock-3 wrote: > > I am trying to generate stubs with the WSDL2Java tool > > I imported my certificate into my keystore (cacerts) using > > The keytool. > > > > When I run my build file I get the following exception: > > > > [java] javax.net.ssl.SSLHandshakeException: > sun.security.validator.Validato > > rException: PKIX path building failed: > sun.security.provider.certpath.SunCertPat > > hBuilderException: unable to find valid certification path to requested > target > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > fork="true"> > > > > > > > > > > location="commons-logging-1.0.4.jar" /> > > location="commons-discovery-0.2.jar" /> > > > > > > https://URL/"/> > > > > > > > > > > > > > > > > Building xxx WSDL 2 Java\par > > > > > > > > > > > > > -- View this message in context: http://www.nabble.com/WSDL2Java-for-HTTPS-tf3965233.html#a11286558 Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Davanum Srinivas :: http://davanum.wordpress.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WSDL2Java for HTTPS
Hi, This is a way to solve the WSDL over HTTPS issue reported by so many resulting in "No Trusted Certificate". 1 - Export Certificate from Internet Explorer 1.1 -> Access the service WSDL location (Ex. https://foo.com/bar?wsdl) 1.2 -> Internet explorer will prompt a security alert 1.3 -> Select the "View Certificate" button 1.4 -> Navigate to the tab "Details" 1.5 -> Select the "Copy to File.." button 1.6 -> Certificate Export Wizard will be displayed. Select "NEXT" button. 1.7 -> The option "DER encoded binary X.509 (.CER) will by default be selected. Select "Next" 1.8 -> Place the file where it suits you better. (Ex. foobar) PS. Don't add an extension. It will be store as: [given name].cer 1.9 -> Select "Next" 1.10 -> The "Completing Certificate Export Wizard" will be displayed. 1.11 -> Select "Finish" 1.12 -> The will be a pop-up saying "The export was successful" 2 - Importing the certificate signature into the keystore 2.1 -> Find out which keystore is being used by ANT by using the command: ant -diagnostics 2.2 -> Lots of information will be displayed. Find the key "java.home" (Ex. "java.home : C:\j2sdk1.4.2_14\jre") 2.3 -> Thereby the truststore being used by ANT is in: C:\j2sdk1.4.2_14\jre\lib\security\cacerts 2.4 -> Now you have to import the certificate into the keystore: "keytool -import -trustcacerts -keystore "C:\j2sdk1.4.2_14\jre\lib\security\cacerts" -storepass changeit -alias [foo bar] -file [the name you gave in step 1.8].cer" 2.5 -> Verify if the entry was created correctly. "C:\j2sdk1.4.2_14\jre\lib\security>keytool -keystore cacerts -storepass changeit -list -alias [foo bar]" 3 - Run the Ant task https://foo.com/bar?wsdl"/> Best Regards, Ricardo Mark Babcock-3 wrote: > > I am trying to generate stubs with the WSDL2Java tool > > I imported my certificate into my keystore (cacerts) using > > The keytool. > > > > When I run my build file I get the following exception: > > > > [java] javax.net.ssl.SSLHandshakeException: > sun.security.validator.Validato > > rException: PKIX path building failed: > sun.security.provider.certpath.SunCertPat > > hBuilderException: unable to find valid certification path to requested > target > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > fork="true"> > > > > > > > > > > location="commons-logging-1.0.4.jar" /> > > location="commons-discovery-0.2.jar" /> > > > > > > https://URL/"/> > > > > > > > > > > > > > > > > Building xxx WSDL 2 Java\par > > > > > > > > > > > > > -- View this message in context: http://www.nabble.com/WSDL2Java-for-HTTPS-tf3965233.html#a11286558 Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: WSDL2Java for HTTPS
How do I use the JVM arg for javax.net.ssl.trustStore? -Original Message- From: Davanum Srinivas [mailto:[EMAIL PROTECTED] Sent: Friday, June 22, 2007 11:37 AM To: axis-user@ws.apache.org Subject: Re: WSDL2Java for HTTPS try using for the javax.net.ssl.trustStore On 6/22/07, Mark Babcock <[EMAIL PROTECTED]> wrote: > > > > > I am trying to generate stubs with the WSDL2Java tool > > I imported my certificate into my keystore (cacerts) using > > The keytool. > > > > When I run my build file I get the following exception: > > > > [java] javax.net.ssl.SSLHandshakeException: > sun.security.validator.Validato > > rException: PKIX path building failed: > sun.security.provider.certpath.SunCertPat > > hBuilderException: unable to find valid certification path to requested > target > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://URL/"/> > > > >value="-Djavax.net.ssl.trustStore=c:/program > files/javajre1.6.0_01/lib/security/cacerts" /> > > > > > > > >depends="generateWebServiceStubs"> > > > > Building xxx WSDL 2 Java\par > > > > > > > > > > -- Davanum Srinivas :: http://davanum.wordpress.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WSDL2Java for HTTPS
http://ant.apache.org/manual/CoreTasks/java.html On 6/22/07, Mark Babcock <[EMAIL PROTECTED]> wrote: How do I use the JVM arg for javax.net.ssl.trustStore? -Original Message- From: Davanum Srinivas [mailto:[EMAIL PROTECTED] Sent: Friday, June 22, 2007 11:37 AM To: axis-user@ws.apache.org Subject: Re: WSDL2Java for HTTPS try using for the javax.net.ssl.trustStore On 6/22/07, Mark Babcock <[EMAIL PROTECTED]> wrote: > > > > > I am trying to generate stubs with the WSDL2Java tool > > I imported my certificate into my keystore (cacerts) using > > The keytool. > > > > When I run my build file I get the following exception: > > > > [java] javax.net.ssl.SSLHandshakeException: > sun.security.validator.Validato > > rException: PKIX path building failed: > sun.security.provider.certpath.SunCertPat > > hBuilderException: unable to find valid certification path to requested > target > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://URL/"/> > > > >value="-Djavax.net.ssl.trustStore=c:/program > files/javajre1.6.0_01/lib/security/cacerts" /> > > > > > > > >depends="generateWebServiceStubs"> > > > > Building xxx WSDL 2 Java\par > > > > > > > > > > -- Davanum Srinivas :: http://davanum.wordpress.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Davanum Srinivas :: http://davanum.wordpress.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WSDL2Java for HTTPS
try using for the javax.net.ssl.trustStore On 6/22/07, Mark Babcock <[EMAIL PROTECTED]> wrote: I am trying to generate stubs with the WSDL2Java tool I imported my certificate into my keystore (cacerts) using The keytool. When I run my build file I get the following exception: [java] javax.net.ssl.SSLHandshakeException: sun.security.validator.Validato rException: PKIX path building failed: sun.security.provider.certpath.SunCertPat hBuilderException: unable to find valid certification path to requested target https://URL/"/> Building xxx WSDL 2 Java\par -- Davanum Srinivas :: http://davanum.wordpress.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
