I am getting the below error talking to a https webservice.
org.springframework.ws.client.WebServiceIOException: I/O error:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid
certification path to requested target; nested exception is
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX
path
building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
I am using spring's WebServiceTemplate and below's my xml configuration for it
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:sws="http://www.springframework.org/schema/web-services"
xmlns:oxm="http://www.springframework.org/schema/oxm"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/web-services
http://www.springframework.org/schema/web-services/web-services-2.0.xsd
http://www.springframework.org/schema/oxm
http://www.springframework.org/schema/oxm/spring-oxm-1.5.xsd">
<bean id="webServiceTemplate"
class="org.springframework.ws.client.core.WebServiceTemplate"
p:marshaller-ref="jaxbMarshaller"
p:unmarshaller-ref="jaxbMarshaller"
p:defaultUri="https://XXXXXXXXXXXXXXXX"
p:messageSender-ref="messageSender">
<constructor-arg ref="messageFactory" />
</bean>
<bean id="messageSender"
class="org.springframework.ws.transport.http.CommonsHttpMessageSender" />
<!-- <bean id="messageSender"
class="org.springframework.ws.transport.http.HttpsUrlConnectionMessageSender" /> -->
<bean id="messageFactory"
class="org.springframework.ws.soap.saaj.SaajSoapMessageFactory" />
<bean id="jaxbMarshaller" class="org.springframework.oxm.jaxb.Jaxb2Marshaller"
p:contextPath="com.test.schemas" />
</beans>
I am able to hit the service from soapui but not from the sample java code I wrote. Could some one please point me to why this is happening and how I can resolve this? Should we have received some security certificates from the 3'rd party wsdl folks?
According to documentation CommonsHttpMessageSender is Deprecated in favor of HttpComponentsMessageSender.
Please configure httpClient property of HttpComponentsMessageSender:
http://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/transport/http/HttpComponentsMessageSender.html#setHttpClient%28org.apache.http.client.HttpClient%29
See my other post on how to configure httpClient bean to work around self-signed certificate issues. sending https post request with post data using spring web
No need to import keys into keystore.
Check if this works:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:sws="http://www.springframework.org/schema/web-services"
xmlns:oxm="http://www.springframework.org/schema/oxm"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/web-services
http://www.springframework.org/schema/web-services/web-services-2.0.xsd
http://www.springframework.org/schema/oxm
http://www.springframework.org/schema/oxm/spring-oxm-1.5.xsd">
<!-- HTTPS connection to trust self signed certificates -->
<bean id="sslSocketFactory" class="org.apache.http.conn.ssl.SSLSocketFactory">
<constructor-arg name="trustStrategy">
<bean class="org.apache.http.conn.ssl.TrustSelfSignedStrategy" />
</constructor-arg>
<constructor-arg name="hostnameVerifier">
<bean class="org.apache.http.conn.ssl.AllowAllHostnameVerifier" />
</constructor-arg>
</bean>
<bean id="httpsSchemaRegistry" class="org.apache.http.conn.scheme.SchemeRegistry">
<property name="items">
<map>
<entry key="https">
<bean class="org.apache.http.conn.scheme.Scheme">
<constructor-arg value="https" />
<constructor-arg value="443" />
<constructor-arg ref="sslSocketFactory" />
</bean>
</entry>
</map>
</property>
</bean>
<bean id="httpClient" class="org.apache.http.impl.client.DefaultHttpClient">
<constructor-arg>
<bean class="org.apache.http.impl.conn.PoolingClientConnectionManager">
<constructor-arg ref="httpsSchemaRegistry" />
</bean>
</constructor-arg>
</bean>
<!-- <bean id="apacheHttpsRequestFactory"
class="org.springframework.http.client.HttpComponentsClientHttpRequestFactory">
<constructor-arg ref="httpClient" />
-->
<bean id="webServiceTemplate"
class="org.springframework.ws.client.core.WebServiceTemplate"
p:marshaller-ref="jaxbMarshaller"
p:unmarshaller-ref="jaxbMarshaller"
p:defaultUri="https://XXXXXXXXXXXXXXXX"
p:messageSender-ref="messageSender">
<constructor-arg ref="messageFactory" />
</bean>
<bean id="messageSender"
class="org.springframework.ws.transport.http.HttpComponentsMessageSender"
p:httpClient="httpClient" />
<bean id="messageFactory"
class="org.springframework.ws.soap.saaj.SaajSoapMessageFactory" />
<bean id="jaxbMarshaller" class="org.springframework.oxm.jaxb.Jaxb2Marshaller"
p:contextPath="com.test.schemas" />
</beans>