Passing on error log from Provet IT

Submitted by Ben_Charlton on Wed, 30/04/2014 - 09:51

General developer's discussion

Provet are attempting to update the ESCI server interface they created for openvpms

Looking at the error log it seems that its failing to load the certificate for the https service.

based on discussion at

http://stackoverflow.com/questions/4062307/pkix-path-building-failed-una...

Error Log:

C:\Users\VethubTest\Desktop\OpenVPMS\bin>inbox.bat -r https://vethub.provet.com.

au/openvpms/RegistryService.svc?wsdl -u **** -p ******** -l


Exception in thread "main" javax.xml.ws.WebServiceException: Failed to access th

e WSDL at: https://vethub.provet.com.au/openvpms/RegistryService.svc?wsdl. It fa

iled with:

        sun.security.validator.ValidatorException: PKIX path building failed: su

n.security.provider.certpath.SunCertPathBuilderException: unable to find valid c

ertification path to requested target.

        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLPa

rser.java:162)

        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.

java:144)

        at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.j

ava:265)

        at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java

:228)

        at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java

:176)

        at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.ja

va:104)

        at javax.xml.ws.Service.<init>(Unknown Source)

        at javax.xml.ws.Service.create(Unknown Source)

        at org.springframework.remoting.jaxws.LocalJaxWsServiceFactory.createJax

WsService(LocalJaxWsServiceFactory.java:125)

        at org.openvpms.esci.service.client.DefaultServiceLocator.createJaxWsSer

vice(DefaultServiceLocator.java:186)

        at org.springframework.remoting.jaxws.JaxWsPortClientInterceptor.prepare

(JaxWsPortClientInterceptor.java:334)

        at org.springframework.remoting.jaxws.JaxWsPortClientInterceptor.afterPr

opertiesSet(JaxWsPortClientInterceptor.java:316)

        at org.springframework.remoting.jaxws.JaxWsPortProxyFactoryBean.afterPro

pertiesSet(JaxWsPortProxyFactoryBean.java:42)

        at org.openvpms.esci.service.client.DefaultServiceLocator.getService(Def

aultServiceLocator.java:119)

        at org.openvpms.esci.example.client.InboxServiceClient.<init>(InboxServi

ceClient.java:88)

        at org.openvpms.esci.example.client.InboxServiceClient.main(InboxService

Client.java:166)

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.Validator

Exception: PKIX path building failed: sun.security.provider.certpath.SunCertPath

BuilderException: unable to find valid certification path to requested target

        at sun.security.ssl.Alerts.getSSLException(Unknown Source)

        at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

        at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

        at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

        at sun.security.ssl.Handshaker.processLoop(Unknown Source)

        at sun.security.ssl.Handshaker.process_record(Unknown Source)

        at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source

)

        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

        at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)

        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect

(Unknown Source)

        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown So

urce)

        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unkn

own Source)

        at java.net.URL.openStream(Unknown Source)

        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDL

Parser.java:804)

        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLP

arser.java:262)

        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.

java:129)

        ... 14 more

Caused by: sun.security.validator.ValidatorException: PKIX path building failed:

sun.security.provider.certpath.SunCertPathBuilderException: unable to find vali

d certification path to requested target

        at sun.security.validator.PKIXValidator.doBuild(Unknown Source)

        at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)

        at sun.security.validator.Validator.validate(Unknown Source)

        at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)

        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)

        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Sour

ce)

        ... 30 more

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to

find valid certification path to requested target

        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown

Source)

        at java.security.cert.CertPathBuilder.build(Unknown Source)

        ... 36 more

Re: Passing on error log from Provet IT

Submitted by tanderson on Wed, 30/04/2014 - 10:29.

The inbox.bat script is configured to use a self signed certificate for testing purposes, as per section 2.2 of the ESCI documentation.This is done within the setenv.bat script.

I suspect you can just comment out the following line:

set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.trustStore=../conf/tomcat.jks -Djavax.net.ssl.keyStore=../conf/tomcat.jks -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStorePassword=changeit

OpenVPMS

Passing on error log from Provet IT

Comment viewing options

Re: Passing on error log from Provet IT