• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

The server sent HTTP status code -1

 
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ranch,

I am creating a client for https third party web service with METRO 2.0,

i converted the certificate .CRT to .JKS which they gave me and used on my code like below



now when i try to run the code it throws me the following error :



I have not seen HTTP error codes with 1 digit , is it sent from the server? what does the error mean actually?

Help me to sort it out.

Thanks in advance
 
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi. Never heard of http status -1. Anyway, if you are able to use Netbeans to develop your web service client, then The secure/SSL part is all configured. I don't think you need to write all this code. The following tutorials may be of help:

a) http://netbeans.org/kb/docs/websvc/wsit.html
b) http://www.roseindia.net/webservices/netbeans/SecurityinWebService.shtml
c) http://dlc.sun.com.edgesuite.net/javaee5/screencasts/metro-nb6/ (screen cast audio + video)

All the best.
 
Ranch Hand
Posts: 959
Eclipse IDE Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


i converted the certificate .CRT to .JKS which they gave me and used on my code like below


How did you convert .CRT to .JKS? Did you mean you imported the cert file into your keystore (JKS)?
 
Imran Akbar
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Srini,

I tried to create a client by giving the URL in netbeans which doesn't worked same happen on SOAP UI also, it worked on browser(after installing a certificate), so i saved the wsdl from browser and generated a client locally with wsdl file.

and the External service Document says it needs "Client Certificate" and "HTTP Basic Authorization" to handle. i believe i'm missing on "HTTP Basic Authorization" part, any idea on this?

i have the credentials, i am not pretty sure how it's going to be passed. and even i can find that on header part of SOAP-UI request.

Could you please let me know how can we handle "HTTP Basic Authorization"?


@Freddy,

i imported .CRT to .JKS using java keytool.
 
R Srini
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Imran, you must have figured it out by now. Anyway, please see here for Basic Authentication. Hope it helps
 
Imran Akbar
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Srini,

Still i was not figured out the Solution ,

I'm using the following code to achieve Basic authentication as my development is not web related,



But still the issue is same, i believe its hitting the webservice server and returning negative result.

any Idea?
 
R Srini
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Imran, There is good information here on setting up SSL with Authentication, and also how to code the client. Please see if it helps.
 
Imran Akbar
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Srini,

I followed as given on link, still the error persist,

tried creating client using different ways, on JAX-RPC it gave like below,



Using SAAJ:



on all the Responses i am getting -1 as the response , as i don't have access to server, i have raised a clarification for the error with external server.
 
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I suspect the request is never being sent at all and that minus 1 is a default value not being replaced by an actual HTTP response code.

Bill
 
Imran Akbar
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Just like to give a brief on this,

please let me know am i missing something.

  • #1 I have 2 certificates .p12 and .CRT, with the .p12 contains private and public keys, and .CRT contains public key
  • #2 Imported .CRT to key-store and used on my program, i have not used .p12(and i am not sure whether its the certificate i need to use, if yes, how can i convert it to .jks with private key, or can i use .p12 directly on my code), its the first time i'm working with certificates on WS.
  • #3 I was able to see the WSDL on browser after installing those certificates. i saved those wsdl on my local and started creating client.
  • #4 was not able to test on SOAP UI, it throws handshake exception when i try to send a request(i tried giving both certificates on SOAP UI)
  • #5 created client with local wsdl on netbeans and used basic authentication and ininitialized the jks(which has no private key inside) and connecting and it gives the error.


  • --do i need to use the certificate with private key to get connected?
    --if yes, how can i use that certificate on my code or import as .JKS

    Give me a shout. if still any info needed.
     
    R Srini
    Ranch Hand
    Posts: 215
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    If you can see the WSDL from a browser after installing the certificates, then the service side must be fine. In that case, the issue seems to be with the certificates. Per step 1 of the earlier link:

    1. Create a server key and have it trusted by the SOAP client
    -->1.1 Create a server key
    -->1.2 import the server's public key into the web service client's truststore
    ----->1.2.1 Export the certificate from the server keystore into a file
    ----->1.2.2 Then import the certificate into the SOAP client's truststore
    2. Activate the SSL port on the JEE Server
    3. Add users and a new role to the application server
    4. Update the web.xml to require SSL and basic authentication
    5. Update the soap:address in the WSDL's service section to use the https protocol and port
    6. Redeploy the web service
    7. Update the SOAP client to provide the basic auth username and password

    Assuming that step 1.1, 2, 4, 5, and 6 are setup correctly on the server, and step 7 is the client which should be fine I think because its simple enough. Some questions:
    a) What method are you using to verify that step 1.2.1 and 1.2.2 are done correctly as required? You could try using something like this: keytool -list -keystore client.jks -storepass ClientJKS (client.jks is the file from step 1.2.2)
    b) Can you confirm that on the server side, the userid/password are setup as required, e.g. the tomcat example in the link where an entry is added in server.xml?
    c) In the link, the updated client code has this line "System.out.println("Using URL: " + urlUsed);". Please post the URL used, including the secure port#. Does this match the WSDL URL you enter in the browser?
    d) What technologies are used on the server? I mean like Metro/Glassfish/Axis, etc.
    e) Regarding

    #5 created client with local wsdl on netbeans


    the local WSDL does have the complete remote WSDL URL, right? Just want to confirm.
    f) are you generating this client in Netbeans based on the wsdl? if yes, then how are you specifying the truststore? And how are you executing it? Take a look at this Secure Calculator tutorial in Netbeans. See if you develop your client in the same way?
    g) Regarding

    System.setProperty("javax.net.ssl.trustStore", "...\key.jks");

    maybe you can turn on logging and see if it is actually finding your truststore. Try running your client program using -Djavax.net.debug=all. See here for what I mean. This might provide you clues as to the problem.
    How are you importing your .crt to .jks? Please see Import a root or intermediate CA certificate to an existing Java keystore for an example. As William Brogden mentioned earlier, maybe the request is not even sent? Or maybe it can't find the keystore?

    If you still have problems after looking into and trying all of the above then please post more details about your server and client environments, your client code (the minimum necessary), etc. and I can try to duplicate it.
    Whatever it is, kindly post your solution here once you have it - I am sure it will be soon.
    Best of luck!
     
    Imran Akbar
    Ranch Hand
    Posts: 63
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    please find my answers

    a) What method are you using to verify that step 1.2.1 and 1.2.2 are done correctly as required? You could try using something like this: keytool -list -keystore client.jks -storepass ClientJKS (client.jks is the file from step 1.2.2)

    ---- i have created using keytool with import to a jks, when i listed it using keytool list command it listed the certificate details from keystore, so i hope the certificate is properly imported on keystore.

    b) Can you confirm that on the server side, the userid/password are setup as required, e.g. the tomcat example in the link where an entry is added in server.xml?

    ---- with the documentation i have received from the server end, they have provided me the username and password(on my development it will be a standalone jar, which will be invoked from a legacy system written on C, so there will be no web.xml or web related on client side)

    c) In the link, the updated client code has this line "System.out.println("Using URL: " + urlUsed);". Please post the URL used, including the secure port#. Does this match the WSDL URL you enter in the browser?

    --- from program : Using URL: https://webservices-ext.orange.com.do/ebanking-test/
    from Browser : https://webservices-ext.orange.com.do/ebanking-test?wsdl

    d) What technologies are used on the server? I mean like Metro/Glassfish/Axis, etc.

    --- i don't have access on server side, so i'm not pretty sure on which stack its running.
    e) Regarding the local WSDL does have the complete remote WSDL URL, right? Just want to confirm.

    --- yes, its a copy of the remote wsdl.

    f) are you generating this client in Netbeans based on the wsdl? if yes, then how are you specifying the truststore?

    --- i'm specifying the local wsdl, and i specify the truststore using the below code.



    when i remove the above code it shoots : HTTP transport error: javax.net.ssl.SSLHandshakeException

    g) Regarding maybe you can turn on logging and see if it is actually finding your truststore. Try running your client program using -Djavax.net.debug=all. See here for what I mean. This might provide you clues as to the problem.

    --- i turned on the log

    find the output log, i believe its picking up the key store and negotiating with server. hope the log will give some idea to dig.









    Here is the Response sent by server:



    and ends with this error:




    Thanks in advance!!!
     
    Imran Akbar
    Ranch Hand
    Posts: 63
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    i have some more info,

    The server guys gave me a code on how the connection could be made, but its on .NET

    My apologies for posting .net code on java forum, but to get a solution i need to be.


    from the above code i can see they are using .p12 certificate for connection the web service, here on my java side i'm using only the keystore with public key to connect will this be a issue

    My Java Code:





     
    R Srini
    Ranch Hand
    Posts: 215
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Hi. So from the debug logs, we can see that it is an SSLHandshakeException and incorrect setup of certificates can be a cause of this.

    Question: Have you had a chance to work through the SecureCalculator example using Netbeans? This part is important, if you ask me. If you can do that, then you will understand how to code the client.

    You can find an example of reading a p12 certificate here - search for "extract the public key". And here in Section 6.2 is an example of how to use the X509Certificate if this is how you want to do it.

    If you still have trouble, I can try this out over the weekend. Let us know how it goes. All the best!
     
    R Srini
    Ranch Hand
    Posts: 215
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    And here is a post in stackoverflow with pointers to real code.

    But I think that if you can get the Netbeans SecureCalculator tutorial working, then use that client as the basis for your development, it will get done quicker that way.
     
    Imran Akbar
    Ranch Hand
    Posts: 63
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Hi Srini,

    Atlast it worked

    I just updated the Code like below....

    I created two keys, a key with Public key and another one contains public+private.






    but really i'm unsure how it worked, let me look on it.

    Thank you so much for your prompt responses, it really helped me out to get the solution

    Thanks a lot.
     
    R Srini
    Ranch Hand
    Posts: 215
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Wow! Very nice Thanks for sharing the solution, Imran!
     
    I promise I will be the best, most loyal friend ever! All for this tiny ad:
    a bit of art, as a gift, that will fit in a stocking
    https://gardener-gift.com
    reply
      Bookmark Topic Watch Topic
    • New Topic