Not able to invoke web service

Question

I'm trying to call a web service for which I send xml data with a POST AND I get a response back.

The production web service requires a certificate for which I was given. I have imported this certificate to my keystore and have used it in my client code but I keep getting timed out errors.

Do you know what can be causing this issue?

17:30:15,214 ERROR [stderr] (DefaultQuartzScheduler_Worker-6) java.net.ConnectException: Operation timed out
17:30:15,214 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at java.net.PlainSocketImpl.socketConnect(Native Method)
17:30:15,215 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
17:30:15,215 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
17:30:15,215 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
17:30:15,216 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
17:30:15,216 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at java.net.Socket.connect(Socket.java:579)
17:30:15,216 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:618)
17:30:15,216 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at sun.security.ssl.SSLSocketImpl.<init>(SSLSocketImpl.java:407)
17:30:15,217 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at sun.security.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:88)
17:30:15,217 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at hot.com.mhd.erp.action.client.PushStatusClient.pushXML(PushStatusClient.java:478)
17:30:15,217 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at main.com.mhd.erp.sched.StatusPushJob.execute(StatusPushJob.java:73)
17:30:15,218 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
17:30:15,218 ERROR [stderr] (DefaultQuartzScheduler_Worker-6)   at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:525)

The company has whitelisted the ip address and not running behind a firewall, can this connectivity issue be related to the certificates not being used properly? I have imported them to my keystore but do I need to do something else in my code or with JBoss (which is hosting the application)

I have also done this to set the keystore, password, type etc.

System.setProperty("https.protocols", "SSLv3");
    System.setProperty("javax.net.ssl.trustStore", ERPGetProperty.erpGetProperty("pathToKeyStore"));
    System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
    System.setProperty("javax.net.ssl.trustStoreType", "JKS");
    System.setProperty("javax.net.ssl.keyStore", ERPGetProperty.erpGetProperty("pathToKeyStore"));
    System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
    System.setProperty("javax.net.ssl.keyStoreType", "JKS"); 

URL url = new URL(address);
    HttpsURLConnection con  = (HttpsURLConnection) url.openConnection();

    con.setConnectTimeout(10000);
    SSLSocketFactory sslSocketFactory  = (SSLSocketFactory) SSLSocketFactory.getDefault();


    con.setSSLSocketFactory(sslSocketFactory);

    con.setRequestMethod("POST");
    con.setUseCaches(true);
    con.setRequestProperty("Content-type", "text/xml");
    con.setRequestProperty("Host", "pwspg.newcorp.com");
    con.setRequestProperty("Content-Length", Integer.toString(xml.length()));
    con.setRequestProperty("SOAPAction", address);
    con.setDoOutput(true);
    con.setDoInput(true);

    userPass = username + ":" + password;
    byte[] encodeBytes = Base64.encodeBase64(userPass.getBytes());
    String encode = new String(encodeBytes);
    con.setRequestProperty("Authorization", "Basic " + encode);

    out = con.getOutputStream();

    out.write(b);

UPDATE: I have been confirmed by the web service owners again that my IP address has been whitelisted. I used telnet to test the host and the connection times out. If I ping it, I do receive packets. What else can be causing the issue of not being able to connect to the web service?

I have been told that it doesn't have to do with the certificates but I can't seem to find what's the problem. Is this a problem on my end?

don't you need something like SSLContext ctx = SSLContext.getInstance("TLS"); ? and SSLContext.setDefault(ctx);? — Leo, Oct 29 '14 at 22:44
I get java.lang.IllegalStateException: SSLContextImpl is not initialized — Gabriel Ok, Oct 30 '14 at 03:47
I already tried setting up different procotols as JVM arguments and I still get the same exception. Could this be another issue? — Gabriel Ok, Oct 30 '14 at 14:15

score 0 · Accepted Answer · answered Oct 30 '14 at 00:10

0

I don't think that it has to do with the certificate.

Did you try to connect with telnet from your host to the service's host?

$ telnet google.com 443
Trying 173.194.44.133...
Connected to google.com.
Escape character is '^]'.

Connected immediately.

$ telnet pwspg.newcorp.com 443
Trying 38.176.90.103...

Waits forever. Can it happen that the whitelisting wasn't successful?

The address from

URL url = new URL(address);

contains the 'httpS' and the port number explicitly?

answered Oct 30 '14 at 00:10

porgemorge

16

the address is the full url to the web service. I will contact the owner of the web server and ask if IP's are whitelisted. If the IP address is whitelisted though, do you know another issue that can be causing this? Like maybe I have to be running JBoss on an ssl port? – Gabriel Ok Oct 30 '14 at 14:09
IP addresses have been whitelisted successfully, I've been trying to figure out this problem since friday last week and can't seem to find what's the problem. If it's not a problem on the server's end, what can be the issue on my end? Not running behind a firewall, internet is fast. – Gabriel Ok Oct 30 '14 at 18:58
Here http://stackoverflow.com/questions/16895762/httpsurlconnection-connection-timed-out-error almost the same issue was faced. Maybe you can find some resolution in it. – porgemorge Nov 02 '14 at 08:43
Maybe you can test your connection and the service with the SoapUI application (www.soapui.org). To setup the ssl client authentication: http://geekswithblogs.net/gvdmaaden/archive/2011/02/24/how-to-configure-soapui-with-client-certificate-authentication.aspx . However the application must be run from the IP address (host) from where you want to access the service – porgemorge Nov 02 '14 at 08:55
Thank you for the help! I don't have the web service's wsdl. Can I still use SOAPUI if I don't have the wsdl? – Gabriel Ok Nov 03 '14 at 15:30
I ran nmap and saw both 80 and 443 ports are filtered. Does this mean my IP address hasn't been whitelisted successfully from the host server? – Gabriel Ok Nov 03 '14 at 16:51
If you see it filtered, then it could happen that the whitelisting wasn't successful. Check: 1. you gave the proper IP address, that one on which your client runs 2. the service provider sees that IP address – porgemorge Nov 04 '14 at 00:04
The wsdl can be fetched from the server by adding the **?wsdl** parameter to the end of the service url. This should be a simple GET method. With SoapUI: 'New SOAP project' -> 'Initial WSDL': ://:/?wsdl . If you resolved the connection timout problem and you setup the ssl in SoapUI you will be able to test the service from SoapUI too (from the whitelisted host) – porgemorge Nov 04 '14 at 00:13

Not able to invoke web service

1 Answers1