Hi,
Your cxf bc provider didn't pick up the bus which have the
http:conduit configuration.
You need take a look at CxfBcProviderHttpsTest[1], especially the
configuration for this test[2]
[1]https://svn.apache.org/repos/asf/servicemix/components/trunk/bindings/servicemix-cxf-bc/src/test/java/org/apache/servicemix/cxfbc/ws/security/CxfBcProviderHttpsTest.java
[2]https://svn.apache.org/repos/asf/servicemix/components/trunk/bindings/servicemix-cxf-bc/src/test/resources/org/apache/servicemix/cxfbc/ws/security/provider.xml
Freeman
On 2012-4-3, at 下午3:15, Radomir Kadlec wrote:
Hello,
I have to call webservice throught SSL (HTTPS).
For the first test I deployed testservice on Servicemix and exposed
through
https.
I can call this service from SoapUI test client.
But whenn I try to call this service from cxfbc:provider deployed on
the
same Servicemix, I become this *fault message*:
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>Fault occured</faultstring>
<detail>
<detail>sun.security.validator.ValidatorException: PKIX
path
building failed:
sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target</detail>
</detail>
</soap:Fault>
I use self signed certificates generated as described in the
amq_security.pdf guide.
Have You any idea or tips, what can be wrong?
It seems, the certificates on the client (cxfbc:provider) are not
found.
Thank You
Radomir Kadlec
The configuration:
<cxfbc:provider
service="isl-a:IslAWebService"
endpoint="IslAWebServiceSoapProvider"
wsdl="classpath:wsdl/isl_a.wsdl"
locationURI="https://localhost:8195/islAFile";
</cxfbc:provider>
<cxfbc:consumer
service="isl-a:IslAWebServiceFile"
endpoint="IslAWebServiceSoapFile"
locationURI="https://localhost:8195/islAFile";
wsdl="classpath:wsdl/isl_a.wsdl"
targetService="isl:fakturaFile"
targetEndpoint="xquery"
schemaValidationEnabled="true"
delegateToJaas="true"
properties="#properties"
</cxfbc:consumer>
<httpt:conduit
name="{http://www.aura.cz/xrg/isl/a/
v_1.0.0.0}IslAWebServiceSoapProvider.http-conduit">
<httpt:tlsClientParameters>
<sec:trustManagers>
<sec:keyStore
type="JKS"
password="jks123"
file="/opt/smx/truststore.ts" />
</sec:trustManagers>
<sec:keyManagers keyPassword="jks123">
<sec:keyStore
type="JKS"
password="jks123"
file="${keyStore.file}" />
</sec:keyManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_WITH_3DES_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:exclude>.*_WITH_NULL_.*</sec:exclude>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</httpt:tlsClientParameters>
<httpt:authorization >
<sec:UserName>ws_sluzba</sec:UserName>
<sec:Password>h</sec:Password>
</httpt:authorization>
</httpt:conduit>
--
View this message in context:
http://servicemix.396122.n5.nabble.com/cxfbc-provider-with-SSL-tp5614411p5614411.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
---------------------------------------------
Freeman Fang
FuseSource
Email:[email protected]
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: http://weibo.com/u/1473905042
