Custom SOAP request, SSLHandshake exception (PKIX path building failed)
0
Hi, I'm trying to sent a custom SOAP message to a specific webservice using HTTPComponents. We use a certificate for communication and the webservice endpoint is "https://preprod-dgp.procesinfrastructuur.nl/wus/2.0/aanleverservice/1.2". The endpoint itself uses a certificate for the https encryption. Via a custom Java action I'm trying to sent the SOAP message but at the point where I execute the httppost an error is thrown: Executing request POST https://preprod-dgp.procesinfrastructuur.nl/wus/2.0/aanleverservice/1.2 HTTP/1.1 Exception While Connecting sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) I did some research on this issue and apparently Java needs the certificate which is used for the webservice URL in its cacerts. Using a Java tool called InstallCert I tried to add the certificate(s) to cacerts, but I still get this error. Is it correct that I need to add the endpoint certificate to the cacerts file? Any ideas on how to fix this issue / how to succesfully add the certificate to trusted certificates? PS: I also tried adding the certificate to cacerts using keytool, but no luck either. Thanks! EDIT, here's the java code I use to setup the connection and sent soapmessage: // Trust own CA and all self-signed certs SSLContext sslcontext = SSLContexts.custom() .loadTrustMaterial(new File("C:/ourcert.p12"), "MyPass".toCharArray(), new TrustSelfSignedStrategy()) .build(); // Allow TLSv1 protocol only SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( sslcontext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier()); CloseableHttpClient httpclient = HttpClients.custom() .setSSLSocketFactory(sslsf) .build(); Byte[] result = null; HttpParams httpParameters = new BasicHttpParams(); // Set the timeout in milliseconds until a connection is established. int timeoutConnection = 15000; HttpConnectionParams.setConnectionTimeout(httpParameters, timeoutConnection); // Set the default socket timeout (SO_TIMEOUT) // in milliseconds which is the timeout for waiting for data. int timeoutSocket = 35000; HttpConnectionParams.setSoTimeout(httpParameters, timeoutSocket); byte[] result1 = null; HttpPost httppost = new HttpPost(webserviceUrl); httppost.setHeader("soapaction", "aanleveren"); httppost.setHeader("Content-Type", "text/xml; charset=utf-8"); System.out.println("Executing request " + httppost.getRequestLine()); try { HttpEntity entity = new StringEntity(soapBericht,HTTP.UTF_8); httppost.setEntity(entity); HttpResponse response = httpclient.execute(httppost);// calling server HttpEntity r_entity = response.getEntity(); //get response if (r_entity != null) { result1 = new byte[(int) r_entity.getContentLength()]; if (r_entity.isStreaming()) { DataInputStream is = new DataInputStream( r_entity.getContent()); is.readFully(result1); } } EntityUtils.consume(entity); } catch (Exception E) { Core.getLogger("SBR").log(LogLevel.WARNING,"ERROR " + E.getMessage() + E.getStackTrace()); System.out.println("Exception While Connecting " +E.getMessage()); E.printStackTrace(); } httpclient.close(); //shut down the connection
asked
Marcel Vuijk
5 answers
2
Try do download the certificate from your browser and add this certificate in your Mendix modeler.
I had the same problem with a https webservice from SAP.