Hi Experts,
I am trying to consume a WSDL but getting below error.As i know little bit,it’s certificate issue
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I am bit confused whether our certificates should there in the provider sytem or we should have their certificates in trust store
Thanks
Sai
Hi Sai,
Please read webservice developers guide. It has complete detail about implementing security in web services.
I have di it very quickly and one more issue is forgot password of keystore…not sure how to proceed further
Thanks
Sai
You’ll have to recreate the keystore.
Can you try recreate it?
Thanks for the reply,
I recreated keystore and placed the certificate in Keystore & TrustStore(Just to make sure) ,created alias & Cleared Cache
Still get same error
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Did you check or make sure the path is valid as it is complaining about?
Please check this Empower KB #: 1735714 and here is the resolution info on the same error:
Resolution:
Import the CA certificate into the trusted CA store of the JVM
Following are the steps to do that:
Type the following command from command prompt:
keytool -import -trustcacerts -file c:\temp\sagca.crt -alias “softwareag demo” -keystore Software AG_directory\jvm\jvm160_32\jre\lib\security\cacerts
Note: If you are running on a 64-bit operating system, change jvm160_32 to jvm160_64.
To read more about this, refer to the MWS admin guide page 34 from topic “Using My webMethods Server as an HTTPS Client”.
HTH,
RMG
Hi RMG,
I tried to run those commands but any of them didn’t worked for me.
for immediate resolution,we have downloaded all the XSD & WSDL from browser.Placed them in root drive of IS
Edited the WSDL in such way that can load schema’s from local box.Created web service descriptor(Consumer)
web service consumer got created.Asked the vendor to test web service.I am hoping positive response
one question,how can we browse the knowledge base article in empower?I didn’t find it
Thanks
Sai
OK.
After you login to the Empower site look for the section Knowledge Center link and then click on this link “Search the Knowledge Center by product, article type, and other options” and use the keyword search functionality to browse the KC articles.
HTH,
RMG
Hi All,
Issue fixed
Root cause of the issue is certificates are not imported to designer
As RMG Suggested,above command worked.
Note:it will prompt for keystore password,it’s not wm keystore password.
In internet password given is “changeit” for windows 2008 r2 server
Thanks
Sai.
Awesome…thanks for trying!
Hi,
Now i am trying to import certificate alias in QA,but getting follwing error
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching serviceapplicationqa.jdl.com found
serviceapplicationqa.jdl.com is the servername,but above commands worked in dev?
Thanks
Sai
it seems to be issue with CA certificate
They are using custom CA Certificate and it was imported to desginer for web service consumer
Finally,it working for dev and not for QA.Is this problem related certificate or source system.Please try to get some debug steps
Another question is can deployer can be used to deploy web services consumer or we have import from WSDL?