PKIX path building failed” and “unable to find valid certification path to requested target

Hi,

My application is written in java (apache axis-1.4) and the service provider application is written in .Net webservices which is exposed through https endpoint URL.

By using below mentioned stand alone program I am able to connect with third party .Net web services and getting response. But when I implemented the same code in application and deploy on glassfish 2.1.1 server i am getting an exception as "PKIX path building failed” and “unable to find valid certification path to requested target".

please let us know how to make it work when deployed on glassfish server. do i need any additional configuration changes need to be done on Glassfish to consume the .Net webservices.

Stand alone Program:
===============

String endpoint = "https://thirdparty:8443/Orderservice.svc";

System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty("javax.net.ssl.keyStore","security_com.p12");
System.setProperty("javax.net.ssl.keyStorePassword", "sec2014!!");
System.setProperty("javax.net.debug", "ssl");


/*System.setProperty("javax.net.ssl.trustStore","sec.keystore");
System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.ssl.trustStorePassword", "importkey");*/

try {
Service service = new Service();
Call call = (Call) service.createCall();
call.setTargetEndpointAddress(new java.net.URL(endpoint));
QName qname = new QName(endpoint + "/", "OrderAction");
call.setOperationName(qname);
call.addParameter("Order", org.apache.axis.Constants.XSD_STRING,
javax.xml.rpc.ParameterMode.IN);
call.setReturnType(org.apache.axis.Constants.XSD_INT);
call.setSOAPActionURI("urn:BMWLabelOrderIntf-IBMWLabelOrder#OrderAction");
Object[] arg1 = new Object[] { "abc" };
Object result1 = call.invoke(arg1);
System.out.println("result1 --> " + result1);
} catch (MalformedURLException urlException) {
urlException.printStackTrace();
} catch (ServiceException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (AxisFault e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RemoteException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

Welcome to the Ranch. See the last entry in the https://coderanch.com/how-to/java/SecurityFaq.

As an aside, you should upgrade to a current version of Axis - 1.4 is from 2006!

Thanks for the reply. Due to some reasons on PROD environment i can't add keystore / trust store to $JAVA_HOME/jre/lib/security directory. Generating those to some other directory and using the same path in the code. Still running in to same issue. Please assist me to resolve the same.

The server may be able to use another keystore (e.g., for Tomcat you would configure this in server.xml). Consult the GlassFish documentation whether that's possible. It's probably easier to use the standard way, though - talk to the sys admin about that.