Todd Randa wrote:I've been calling a fairly straight forward web service for sometime with success. Recently the owner of the web service made a change and started requiring the client to call the service using an HTTPS protocol and now I cannot get it working.
On my side I'm using:
Tomcat 5
Axis 1.4
Jdk 1.6
Eclipse 3.4 (Generate stubs and supporting classes)
Steps taken to convert from http to https protocol.
1. Turned on SSL in tomcat. Server.xml:
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
keystoreFile="/Library/Tomcat/apache-tomcat-5.5.27/webapps/kubera/.keystore"
keystorePass="changeit"
truststoreFile="/System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts"
truststorePass="changeit"
truststoreType="jks"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="SSLv3" />
2. Created a .keyStore which I didn't think I needed since I'm the client but without it tomcat wouldn't restart properly after turning on SSL.
3. imported the web service certificate into the cacerts truststore and pointed to it in the server.xml/SSL section listed above. I retrieved the sert by going into firefox, clicking on the lock and exporting the file. I read where I may need to import an intermediate cert from godaddy, but was not successful when trying to import the file (gd_intermediate.crt).
4. Used eclipse to generate a new set of stubs and classes using the latest WSDL file with HTTPS protocols to access the endpoints.
5. Restarting tomcat produced no errors.
My code does a two things. During login it does the following to make sure the service is accessible. If not the application let's the user know that the service is down. Perhaps there are better ways of doing this but this is what I have done and it used to work using the http protocol. Note: I have to hide the identity of the service owner so I put question marks in place of letters where needed:
String wsdlURL = "https://???.asmx?WSDL";
String namespace = "http://???.com/RLIS/";
String serviceName = "???";
try {
QName serviceQN = new QName(namespace, serviceName);
WsReceiptsLocator rl = new WsReceiptsLocator(wsdlURL, serviceQN);
if (rl == null)
return false;
else
return true;
} catch (ServiceException e) {
System.out.println("####################### ??? SERVICE UNAVAILABLE ################################");
e.printStackTrace();
System.out.println("##################################################################################");
return false;
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
return false;
}
During the instantiation of the WsReceiptsLocator object I get the following error. This is not the full logging. I'm thinking it should be enough to determine what might be happening. If not, I can provide the full logging:
.
..
...
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, SSLv3
Thread-69, WRITE: SSLv3 Handshake, length = 260
SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 AE 3B 2E 48 38 43 F3 D4 F8 C0 02 8F D3 D7 ...;.H8C........
0010: C3 43 10 DC B2 24 BD 5B CA 64 7B 20 88 B3 3A 32 .C...$.[.d. ..:2
0020: 07 9D BF 6E 08 7B 1F 15 14 AC 2A 17 98 AF 7D 57 ...n......*....W
CONNECTION KEYGEN:
Client Nonce:
0000: 51 D2 74 6C DC E2 30 4C 3B ED 52 96 00 EC 1C 06 Q.tl..0L;.R.....
0010: A9 B3 A7 C4 C1 92 18 1A 5C D3 25 09 C9 9B 35 5D ........\.%...5]
Server Nonce:
0000: 51 D2 74 6C 6F A7 F2 97 DA CE 8C 5B CA 56 07 BC Q.tlo......[.V..
0010: DF 6B D4 37 1E AE 0E 94 11 4A FB AF 0A 95 27 2C .k.7.....J....',
Master Secret:
0000: E5 4A 23 D0 E9 92 39 AF 9B 5A 5F 03 29 01 1D 72 .J#...9..Z_.)..r
0010: 91 11 60 7E 11 D3 DD D3 31 E5 C5 1D 2D BE C8 E9 ..`.....1...-...
0020: 83 5C B7 57 DC 08 D6 32 60 09 57 FA 5B 3F 88 C1 .\.W...2`.W.[?..
Client MAC write Secret:
0000: 00 B7 7E 87 60 B3 6E EC 87 A9 6D 5C E5 D6 19 0C ....`.n...m\....
Server MAC write Secret:
0000: BC 35 D4 7E 1B 73 9C 1C 56 4E 23 3C B7 E0 81 97 .5...s..VN#<....
Client write key:
0000: 63 B8 F2 7D 64 52 76 2D B8 26 17 DA 48 49 81 AC c...dRv-.&..HI..
Server write key:
0000: 0A AF 40 00 02 26 5F E7 48 03 90 45 2F 9F 8C 06 ..@..&_.H..E/...
... no IV used for this cipher
Thread-69, WRITE: SSLv3 Change Cipher Spec, length = 1
*** Finished
verify_data: { 233, 180, 47, 64, 146, 39, 133, 253, 221, 228, 103, 129, 101, 55, 223, 107, 42, 157, 88, 33, 12, 163, 248, 106, 220, 35, 118, 218, 59, 25, 27, 1, 101, 43, 197, 217 }
***
Thread-69, WRITE: SSLv3 Handshake, length = 56
Thread-69, handling exception: java.net.SocketException: Connection reset
Thread-69, SEND SSLv3 ALERT: fatal, description = unexpected_message
Thread-69, WRITE: SSLv3 Alert, length = 18
Thread-69, Exception sending alert: java.net.SocketException: Broken pipe
Thread-69, called closeSocket()
####################### ??? SERVICE UNAVAILABLE ################################
javax.xml.rpc.ServiceException: Error processing WSDL document:
java.net.SocketException: Connection reset
at org.apache.axis.client.Service.initService(Service.java:250)
at org.apache.axis.client.Service.<init>(Service.java:204)
I have to tell you I've been trying to resolve this for a week now and Im pretty frustrated. If anyone can help me I would be willing to pay. I own my own business and this it's critical that I get this resolved.
Thanks in advanced.
Create symphonies in seed and soil. For this tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
|