Charan
Reputation: 199
Invoking Rest Client to call WSO2 ESB Service :unable to find valid certification path to requested target
i am trying to invoke an ESB service in wso2 from a rest client while invoking i am facing this exception. ESB Service: default Echo Service Rest Clent :
public static void main(String a[]){
String url = "https://localhost:9443/services/echo";
String name = "admin";
String password = "admin";
String authString = name + ":" + password;
String authStringEnc = new BASE64Encoder().encode(authString.getBytes());
System.out.println("Base64 encoded auth string: " + authStringEnc);
ClientConfig config = new DefaultClientConfig();
Client client = Client.create(config);
WebResource webResource = client.resource(UriBuilder.fromUri(url).build());
MultivaluedMap<String, String> formData = new MultivaluedMapImpl();
formData.add("in", "786");
ClientResponse response = webResource.accept("application/xml").post(ClientResponse.class, formData);
System.out.println("Response " + response.getEntity(String.class));
if(response.getStatus() != 200){
System.err.println("Unable to connect to the server");
}
String output = response.getEntity(String.class);
System.out.println("response: "+output);
}
This prints out:
Base64 encoded auth string: YWRtaW46YWRtaW4=
And then throws:
Exception in thread "main" com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:151)
at com.sun.jersey.api.client.Client.handle(Client.java:648)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:680)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:568)
at HelloServiceRestClient.main(HelloServiceRestClient.java:76)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler$1$1.getOutputStream(URLConnectionClientHandler.java:234)
at com.sun.jersey.api.client.CommittingOutputStream.commitWrite(CommittingOutputStream.java:117)
at com.sun.jersey.api.client.CommittingOutputStream.write(CommittingOutputStream.java:89)
at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at java.io.BufferedWriter.flush(Unknown Source)
at com.sun.jersey.core.util.ReaderWriter.writeToAsString(ReaderWriter.java:191)
at com.sun.jersey.core.provider.AbstractMessageReaderWriterProvider.writeToAsString(AbstractMessageReaderWriterProvider.java:128)
at com.sun.jersey.core.impl.provider.entity.BaseFormProvider.writeTo(BaseFormProvider.java:109)
at com.sun.jersey.core.impl.provider.entity.FormMultivaluedMapProvider.writeTo(FormMultivaluedMapProvider.java:99)
at com.sun.jersey.core.impl.provider.entity.FormMultivaluedMapProvider.writeTo(FormMultivaluedMapProvider.java:59)
at com.sun.jersey.api.client.RequestWriter.writeRequestEntity(RequestWriter.java:300)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:213)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:149)
... 5 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 34 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 40 more
Can anyone help me out?
Upvotes: 0
Views: 499
Answers (2)
Charan
Reputation: 199
My Problem was solved after adding below piece of code and changed the url. Thanks Rajeev for nice suggestion.
String url = "https://localhost:9443/services/echo/echoString";
System.setProperty("javax.net.ssl.trustStore", "D:/WSo2/WsO2/ESB/wso2esb-4.8.1/repository/resources/security/client-truststore.jks"); System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
Upvotes: 1
Rajeev Sampath
Reputation: 2747
This happens since there are no public certificates installed in your client to establish a secure connection (https) with ESB.
You can point to the carbon truststore/keystore which contain the certificates.
The code will look like:
System.setProperty("javax.net.ssl.trustStore", your_truststore_path_here);
System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
In ESB, the keystore is located at repository/resources/security (both the keystore and trust-store are there)
Upvotes: 0
Related Questions
- Invoking HTTPS end point from wso2 esb
- Calling a HTTPS secure REST service using a REST Endpoint in BPM
- certificate https endpoint in wso2 esb
- Invoke RESTFul API using WSO2 ESB error
- WSO2 ESB SSL handshake failure
- wso2esb "Unable to validate SSL Certificate"
- WSO2 ESB adding a secure endpoint with custom certificate
- Invoke Secured web service in wso2esb
- WSO2 ESB to invoke secured web service deployed on weblogic
- Invoking secured web services using wso2 esb