0

I am trying to call soap API in JAVA with SSL (I tried in soapui it is working fine) same thing I need to achieve in java. Can any one guide me to achieve this in java

System.setProperty("javax.net.ssl.trustStore", "C:\\java\\java6u45\\jre\\lib\\security\\x");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");

System.setProperty("javax.net.ssl.keyStore", "C:\\Users\\user\\Desktop\\SoapUI (1)\\SoapUI\\x.p12");
System.setProperty("javax.net.ssl.keyStorePassword", "passX!");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
System.setProperty("https.protocols", "TLSv1");



URL u = null;
try {
    u = new URL("https://x1/x2WS/x3?wsdl");
} catch(Exception ex) {
    ex.printStackTrace();
}
JobInput2Service service = new JobInput2Service(u);
JobInput2 job = service.getJobInput2Port();
try {
    HelloRequestParm parm = new HelloRequestParm();
    parm.setMessage("value");
    HelloResponseData res = job.sayHello(parm);
    System.out.print("\n res: "+res.getMessage());
} catch (Exception ex) {
    ex.printStackTrace();
}

I am geting: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

 sayHello has thrown exception, unwinding now
    org.apache.cxf.interceptor.Fault: Could not send Message.
        at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
9)
        at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
        at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
        at com.sun.proxy.$Proxy31.sayHello(Unknown Source)
        at program.Wsdl2Java6_32bit.main(Wsdl2Java6_32bit.java:85)
    Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https:.....JobInput2: Received fatal alert: handshake_failure
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
        at o    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
        ... 9 more
    Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:820)
        at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75))
        at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:641)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1218)
        at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
        at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.getResponseCode(URLConnectionHTTPConduit.java:248)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1517)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1490)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1309)
        ... 12 more
    Wed Feb 27 17:23:56 CET 2019javax.xml.ws.WebServiceException: Could not send Message.

On the serer i get:

SSL Library Error: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate -- No CAs known to server for verification?
Ivan Gavlik
  • 59
  • 7
  • hey, we miss some code there HelloRequest* classes. Actually it does not tell us which method you uses to handle SSL handshake ? you could use an API to habdle the whole thing for you (CXF works fine.) And also you do not give us what exception you actually get. – Zzirconium Feb 27 '19 at 07:37
  • I am geting javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure – Ivan Gavlik Feb 27 '19 at 11:14
  • You will need to be more specific with at least the full stack trace (SSL exceptions are often stacked, i.e. with many "Caused By") and the missing code HelloRequest* – Zzirconium Feb 27 '19 at 16:21
  • Hi with java 1.7 works but with 1.6 does not work – Ivan Gavlik Feb 27 '19 at 16:28
  • have a look at that answer : https://stackoverflow.com/a/6353956/2143734 – Zzirconium Feb 27 '19 at 16:48
  • why with java 1.7 works but with 1.6 does not work ? – Ivan Gavlik Feb 27 '19 at 17:57
  • might be a difference between the default TLS handling between 6 and 7. have a look there : https://coderanch.com/t/637177/engineering/Disabling-handshake-message-Java – Zzirconium Feb 27 '19 at 23:39
  • I set System.setProperty("https.protocols", "TLSv1"); still not working,it can not establish a ssl connection – Ivan Gavlik Feb 28 '19 at 07:25
  • and on the server I get SL Library Error: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate -- No CAs known to server for verification? – Ivan Gavlik Feb 28 '19 at 07:42
  • could it be you changed your trustore (cacert) and/or keystore in jre/lib/security for your jdk7 and not your jdk6 ? – Zzirconium Feb 28 '19 at 11:52
  • can i import java cacert or keystore from java 1.7 to java 1.6 – Ivan Gavlik Feb 28 '19 at 13:38
  • that could be a test. copy your existing files in java 6 and paste java 7 ones. but I strongly recommend you consider using an API to perform your call. CXF for example, will handle the SSL part for you – Zzirconium Feb 28 '19 at 17:16
  • can you give me example of this api CXF ? Can I with CXF send certificate and make ssl conection(handshake) – Ivan Gavlik Feb 28 '19 at 17:47
  • the apache doc is pretty straitghforward : http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html, in your case you just define a cxf.xml as explained with a http conduit with a name matching your server name. i did not understand if your client has a private key, put a keystore in conduit only on that case. – Zzirconium Mar 01 '19 at 06:56
  • when I copy files from java 1.7 to java 1.6 (jre/lib/securiry) i get same exception, maybe there are not compatabile, how can i import .crt into java keystore – Ivan Gavlik Mar 01 '19 at 13:12
  • keytool -trustcacerts -import -file certificateFile.cer -alias myCer -keystore jre\lib\security\cacert – Zzirconium Mar 01 '19 at 15:23

0 Answers0