CODEWITHSUNDEEP
web-servicesspringsslclientcertificate
Miroslav
Miroslav

Reputation: 453

Spring-WS client with certificate

I am new to web services and I need to write simple spring-ws client that will comunicate with server over SSL. The situation is:

I thought it'll be easy to find a simple tutorial for such task but I have problem to find something like that. Is it really so unusual or is it problem in me? Do you know some good tutorial/book for create this? It could be some simple quick steps, I really just need to connect to that server and get data from it.

I am using:

EDIT: More details on the topic

I changed the client from tutorial I mentioned to work with my webservice I created on localhost (No SSL). It worked well, Requests and Responses was correct. Then I changed it to work with remote server. I generated new classes and set new address of the server in ApplicationContext. First error was missing commons-logging libraries. I added it. Then new error appeard (short version of that error): 

org.springframework.ws.client.WebServiceIOException: I/O error: java.security.cert.CertificateException: No name matching certificatename found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching certificatename found

I added my certificate to cacerts in my jdk using keytool. It didn't help. I found something about that error and tried to add code from last post in here:

http://www.coderanch.com/t/557677/sockets/java/CertificateException-No-name-matching-hostname

It shouldn't be very secure but I tried it. The new error was:

Exception in thread "main" org.springframework.ws.client.WebServiceTransportException: Internal Server Error [500]
at org.springframework.ws.client.core.WebServiceTemplate.handleError(WebServiceTemplate.java:663)
at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:587)
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:537)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:384)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:378)
...

Upvotes: 1

Views: 12550

Answers (2)

user3392362
user3392362

Reputation: 386

This problem is related to dns name that you have not included in your certificate to solve this problem try remaking your certificate : 

keytool ... san=ip:10.1.1.1

or simply try adding a static method that will tell java not to verify the domain : 

 static{
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier(){

    public boolean verify(String dns,
            javax.net.ssl.SSLSession sslSession) {
        return true;
    }
});

}

Upvotes: 0

Miroslav
Miroslav

Reputation: 453

I resolved the problem. I finally got access to our WS server so I could check the logs. It showed that the certificate wasn't problem at all. The message arrived to the server correctly. The problem started when the server tried to parse my message, this failed and server then returned error 500 with error in the log:

Unable to create envelope from given source

Me and my colleague discovered that the server is running on Java 6 but our application is on Java 7, we tried to move our application on Java 7 private server and everything worked well. After some search we discovered that probably the parsers xalan.jar and xerces.jar are the problem, updating them could also resolve that. Anyway, using same version of Java should be the solution.

Sadly I cannot go down to Java 6 and server cannot go up to Java 7 (details are not important). So I created completely new client using Axis and to be honest, I am very happy I made this decission. It has worked since start and it's much easier to use. If anyone is interested, here is the tutorial I folowed (there is also of how to use generated code in the end which I needed)

http://px.pats.no/px/Eclipse_tutorial.html

Upvotes: 1

Related Questions