Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I use self signed certificate in Axis2 Java client?

Tags:

certificate

https

client

apache-axis

I have generated code using org.codehaus.mojo axistools-maven-plugin plugin version 1.4. I am trying to connect to web service over https. I have installed server certificate into jssecacerts and copied this key store into /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/ folder. So this means I have server certificate in the client keystore. I have also imported server private key and certificate into kestore.ImportKey key store. I guess I will have to use this as trust store. Now, how to I connect all these together in java client? I am using auto generated stub at client side. I tried using following but does not work.

System.setProperty("javax.net.ssl.trustStore","certs/keystore.ImportKey");
System.setProperty("javax.net.ssl.trustStorePassword", "importkey");

I am getting following exception. 

faultString: javax.net.ssl.SSLHandshakeException: 
    sun.security.validator.ValidatorException: 
PKIX path building failed: 
    sun.security.provider.certpath.SunCertPathBuilderException:
     unable to find valid certification path to requested target

The certificates are valid as I am using same certs over HTTPS client for the same host. Also, I was able to see successful curl request to using the same certs. Actually, I am not sure how to write Axis2 soap Java client over https using self signed server certificate. Can anyone point me to step by step example.

like image 703
pracky Avatar asked Jan 18 '26 01:01

pracky

1 Answers

On the client side, you do not need the certificate private key to trust the server. Since you wrote in your question that you imported the certificate and key in keystore.ImportKey I think that they have been imported as a PrivateKeyEntry (you can verify with keytool the type of entries in the keystore).

However if you want to use the certificate as a trust anchor you should import the certificate as a TrustedCertificateEntry. It can be achieved with keytool:

keytool -importcert -trustcacerts -alias myTrustAnchor -file /path/to/cert.crt -keystore /path/to/keystore

Then you can configure the truststore in your application:

System.setProperty("javax.net.ssl.trustStore","/path/to/keystore");
like image 84
Jcs Avatar answered Jan 19 '26 19:01

Jcs
Sign in to Comment

Related questions

How do I force HTTPS on a single file? (PHP)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!