0

I'm in a Spring boot service, that will be within a microservice, attempting to connect to an external SOAP Web Service, that requires a cert that was created by that service and a password. This is being written in Windows, but will need to be run on Unix. Right now, I've hardcoded some things for Windows. This is what I have coded for my side, but I'm getting an error on httpConn.getInputStream():

"sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target".

Can someone help me understand what I'm missing?

public String getSoapData(String contentType) throws IOException, NoSuchAlgorithmException, KeyManagementException, CertificateException, KeyStoreException {
    StringBuilder retVal = new StringBuilder();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

    // get user password and file input stream
    char[] password = "MYPass".toCharArray();

    java.io.FileInputStream fis = null;
    //X509Certificate caCert = null;
    //CertificateFactory cf = CertificateFactory.getInstance("X.509");

    try {
        fis = new java.io.FileInputStream("C:\\MyCerts\\dev_HubExplorer1.pfx");
        ks.load(fis, password);
        //caCert = (X509Certificate)cf.generateCertificate(fis);
        //ks.setCertificateEntry("caCert", caCert);
    } catch (Exception e) {
        Common.screenPrint("Exception while importing certificate:%s%s", Common.CRLF, e.getMessage());
    } finally {
        if (fis != null) {
            fis.close();
        }
    }       

    tmf.init(ks);

    //TODO (GWL) Need to get this from a configuration file/db.
    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
    sslContext.init(null, tmf.getTrustManagers(), new java.security.SecureRandom());

    URL url = new URL(_publicRecordURL);
    HttpsURLConnection httpConn = (HttpsURLConnection) url.openConnection();
    httpConn.setSSLSocketFactory(sslContext.getSocketFactory());
    byte[] bytes = _requestTemplate.getBytes();

    // Set the appropriate HTTP parameters.
    httpConn.setRequestProperty("Content-Length", String.valueOf( bytes.length ) );
    httpConn.setRequestProperty("Content-Type","text/xml; charset=utf-8");
    httpConn.setRequestProperty("SOAPAction",_soapAction);
    httpConn.setRequestProperty("Accept","text/xml");
    httpConn.setRequestMethod( "POST" );
    httpConn.setDoOutput(true);
    httpConn.setDoInput(true);

    //Everything's set up; send the XML that was read in to b.
    OutputStreamWriter writer = new OutputStreamWriter(httpConn.getOutputStream());
    writer.write(_requestTemplate);
    writer.flush();

    //Read the response and write it to standard out.
    InputStreamReader isr = new InputStreamReader(httpConn.getInputStream());
    BufferedReader in = new BufferedReader(isr);

    String inputLine;

    while ((inputLine = in.readLine()) != null) {
        retVal.append(inputLine + Common.CRLF);
        System.out.println(inputLine);
    }

    in.close();

    return retVal.toString();
}
Chizl
  • 2,004
  • 17
  • 32

1 Answers1

0

you can follow this stackoverflow answer to get the solution of this problem :

https://stackoverflow.com/a/12146838/7801800

Anshul Sharma
  • 3,432
  • 1
  • 12
  • 17
  • Tried that already and can't seem to get it to accept the cert.. I know the cert works with the password as I'm using it within .NET to connect to the same services with no issue. keytool -import -alias example -keystore C:\Program Files (x86)\Java\jre1.8.0_131\lib\security\cacerts -file dev_HubExplorer1.pfx – Chizl Jul 10 '17 at 16:38
  • I obviously can search, but their solutions are not working, and after 4 hours, I'm looking for help. – Chizl Jul 10 '17 at 16:47
  • keytool error: java.lang.Exception: Input not an X.509 certificate – Chizl Jul 10 '17 at 16:57