1

I'm developing a Springboot application that will communicate with a server having SOAP Web service. Mutual authentication or 2-Way SSL authentication is used for the communication. I have looked the suggestions given here and here and have set the following: -

In application.properties

server.ssl.key-alias=testclient
server.ssl.key-password=password
server.ssl.key-store=classpath:testclientselfsigned
server.ssl.key-store-password=password
server.ssl.key-store-type=JKS
server.ssl.trust-store=classpath:myTruststore
server.ssl.trust-store-type=JKS
server.ssl.trust-store-password=password

In my code calling the web service

    static {

            URL urlTruststore = ClassLoader.getSystemResource("myTruststore");
            URL urlKeystore = ClassLoader.getSystemResource("testclientselfsigned");
            if (urlTruststore != null) {
                logger.info("URL TRUST STORE:\t" + urlTruststore.getFile());
                System.setProperty("javax.net.ssl.trustStore", urlTruststore.getFile());
                System.setProperty("javax.net.ssl.trustStorePassword","password");
            }

            if (urlKeystore != null) {
                logger.info("URL KEY STORE:\t" + urlKeystore.getFile());
                System.setProperty("javax.net.ssl.keyStore",urlKeystore.getFile());
                System.setProperty("javax.net.ssl.keyStorePassword","password");
            }

String WS_URL = "https://uatexample.testserv.com/uat/ssl/custService";
                URL url = new URL(WS_URL);
                QName qname = new QName("http://www.sampleserv.com/services", "custService");
                Service service = Service.create(url, qname);
                CustService client = service.getPort(CustService.class);

It is at this point CustService client = service.getPort(CustService.class); that I'm getting the following exception

com.sun.xml.internal.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException.

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Please note that myTruststore.jks contains the certificate sent to me by the server** and testclientselfsigned.jks contains the client certificate.

I have tried all the suggestions I found here to add a Keystore and Truststore in my code, but nothing worked. However, I have tried the same in Soap-UI and it worked.

Auro
  • 1,578
  • 3
  • 31
  • 62
  • you can see many useful info with ssllabs.com It shows server cipersuites and supported protocols, and also validate certificate chain and name. It your case server is wrongly configured, and has certificate for `cc.sedoparking.com` instead of `uatexample.testserv.com` You should disable certificate name validation if you want tot connect to this server. – user1516873 Jun 06 '17 at 12:34
  • can you add the debug option (-Djavax.net.debug=ssl,handshake) as recommended on the link you sent and post the output? – Carlos Jun 06 '17 at 12:39
  • you can use -Djavax.net.debug=all too http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/ReadDebug.html – Carlos Jun 06 '17 at 12:43
  • @Carlos Could you please tell me where to add the debug option? I'm quite new to this and have no idea where to plug that in. Is it in my code? – Auro Jun 06 '17 at 20:47
  • @Auro you can pass it as an argument in your app startup or if not set it, have you tried `System.setProperty("javax.net.debug”,”all”);` ? – Carlos Jun 07 '17 at 05:19

0 Answers0