stackoom
  简体   繁体   中英

web service on PAT port over secure connection

 原文  2019-07-01 17:04:41       web-services/ iis/ soap/ wsdl/ soa

Question

I have an issue at production when connecting to web service.

Below is the error message

Error: Unable to invoke endpoint URI " https://example.com/WebserviceLibrary/test.asmx " successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This is failing with SOA tool when submitting jobs. Web server is hosted on IIS under secure port

Information on SOA:

SOA create WSDL client at runtime and use binding port endpoint URL of the service from the WSDL retrieved at run time.

SOA uses the concept of discovering the service from registry then reading the WSDL retrieved and call the service at mentioned endpoint in WSDL retrieved.

I see WSDL client created at runtime by SOA has location URI " https://example.com/WebserviceLibrary/test.asmx "

They have an external PAT port involved. Server has a PAT port say 11560. The URL with IP and PAT Port 11560 is working fine and able to connect the URL. They can test it through curl command or any non SOA java codes.

They could connect to this URI " https://example.com:11560/WebserviceLibrary/test.asmx "

This issue is not occurring when tested internally on our environments as external PAT port is not involved.

I suspect PAT port could be the reason for this issue but not sure how that can happen.

Though error message says as some sort of cert issue but they could connect and test with IP and port on https.

I think one way to resolve this issue is hosting web server on IIS under PAT port. Do you guys have any alternate solution for this?

Thanks in advance!

1 answers

solution1
 0  2019-07-10 08:26:59

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

As far as I know, when trying to open an SSL connection to a host using JSSE. What this usually means is that the server is using a test certificate (possibly generated using keytool) rather than a certificate which is inside the system certificate store.So You could try to edit JAVA_HOME/jre/lib/security/cacerts file or run you application with -Djavax.net.ssl.trustStore parameter to add the certficate.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Login to Django web service using a secure connection How to secure a web service call over HTTP Where to check for secure connection with Web Service on any type of call to the Service Consuming a web service over a HTTPS connection Best way to secure a PHP web service / relevant connection data? Windows Phone 8 secure connection through Azure, to an on-premise web service .NET web service secure Secure web service requests Secure web service methods how to secure web service?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM