I am trying to post to an https soap endpoint, but I am getting the below exception.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I have tried the below commands to add the certificate to cacerts
keytool -genkey -alias notification-adapter_private -keyalg RSA -keystore notification-adapter.jks -keysize 1024
keytool -certreq -keyalg RSA -alias notification-adapter_private -file notification-adapter.csr -keystore notification-adapter.jks
keytool -exportcert -alias notification-adapter_private -keystore notification-adapter.jks -file notification-adapter.cer
keytool -import -alias notification-adapter_private -keystore "C:\Program Files\Java\jdk1.8.0_181\jre\lib\security\cacerts" -file notification-adapter.cer
package com.nokia.dpa.ChangeDeviceTrigger.post;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import java.io.File;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.URL;
public class PostSoapHttps {
private static String request = "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:chan=\"http://dpa.nokia.com/ChangeDeviceTrigger/\">\n" +
" <soapenv:Header/>\n" +
" <soapenv:Body>\n" +
" <chan:ChangeDeviceTrigger>\n" +
" <SRVChangeDeviceTrigger>\n" +
" </SRVChangeDeviceTrigger>\n" +
" </chan:ChangeDeviceTrigger>\n" +
" </soapenv:Body>\n" +
"</soapenv:Envelope>";
private static final String FILE_NAME = "notification-adapter.jks";
public static void main(String[] args) {
//System.out.println(request);
try {
URL resource = Thread.currentThread().getContextClassLoader().getResource(FILE_NAME);
File file = new File(resource.getFile());
String keyPath = file.getAbsoluteFile().toString();
System.out.println(keyPath);
String keyPass = "vodafoneit123";
String keyType = "JKS";
//path to SSL keystore
System.setProperty("javax.net.ssl.keyStore", keyPath);
System.setProperty("javax.net.ssl.keyStorePassword", keyPass);
System.setProperty("javax.net.ssl.keyStoreType", keyType);
//post XML over HTTPS
URL url = new URL("https: url"); //replace
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
connection.setRequestMethod("POST");
connection.setDoOutput( true );
connection.setRequestProperty( "Content-Type", "text/xml" );
connection.setRequestProperty( "SOAPAction", "" );
connection.setHostnameVerifier(new HostnameVerifier()
{
public boolean verify(String hostname, SSLSession session)
{
return true;
}
});
connection.connect();
//tell the web server what we are sending
OutputStreamWriter writer = new OutputStreamWriter(connection.getOutputStream());
writer.write(request);
writer.flush();
writer.close();
// reading the response
InputStreamReader reader = new InputStreamReader(connection.getInputStream());
StringBuilder buf = new StringBuilder();
char[] cbuf = new char[ 2048 ];
int num;
while ( -1 != (num=reader.read( cbuf )))
{
buf.append( cbuf, 0, num );
}
String result = buf.toString();
System.out.println(result);
} catch (Exception e) {
e.printStackTrace();
}
}
}
"C:\Program Files\Java\jdk1.8.0_181\bin\java.exe" "-javaagent:C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2018.1.7\lib\idea_rt.jar=53820:C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2018.1.7\bin" -Dfile.encoding=UTF-8 -classpath "C:\Program Files\Java\jdk1.8.0_181\jre\lib\charsets.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\deploy.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\access-bridge-64.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\cldrdata.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\dnsns.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\jaccess.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\jfxrt.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\localedata.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\nashorn.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\sunec.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\sunjce_provider.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\sunmscapi.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\sunpkcs11.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\ext\zipfs.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\javaws.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\jce.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\jfr.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\jfxswt.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\jsse.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\management-agent.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\plugin.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\resources.jar;C:\Program Files\Java\jdk1.8.0_181\jre\lib\rt.jar;C:\Users\manjosh\Documents\Process\New_Project\DECCMVODVFDMCDCDP18A\NotificationAdapter\notification-adapter\target\classes;C:\opt\maven_repo\axis\axis\1.3\axis-1.3.jar;C:\opt\maven_repo\axis\axis-jaxrpc\1.3\axis-jaxrpc-1.3.jar;C:\opt\maven_repo\axis\axis-saaj\1.3\axis-saaj-1.3.jar;C:\opt\maven_repo\wsdl4j\wsdl4j\1.5.1\wsdl4j-1.5.1.jar;C:\opt\maven_repo\commons-logging\commons-logging\1.0.4\commons-logging-1.0.4.jar;C:\opt\maven_repo\commons-discovery\commons-discovery\0.2\commons-discovery-0.2.jar;C:\opt\maven_repo\javax\mail\mail\1.4.1\mail-1.4.1.jar;C:\opt\maven_repo\org\apache\logging\log4j\log4j-core\2.11.0\log4j-core-2.11.0.jar;C:\opt\maven_repo\org\apache\logging\log4j\log4j-api\2.11.0\log4j-api-2.11.0.jar;C:\opt\maven_repo\org\apache\logging\log4j\log4j-slf4j-impl\2.11.0\log4j-slf4j-impl-2.11.0.jar;C:\opt\maven_repo\org\slf4j\slf4j-api\1.8.0-alpha2\slf4j-api-1.8.0-alpha2.jar;C:\opt\maven_repo\javax\activation\activation\1.1\activation-1.1.jar" com.nokia.dpa.ChangeDeviceTrigger.post.PostSoapHttps
C:\Users\manjosh\Documents\Process\New_Project\DECCMVODVFDMCDCDP18A\NotificationAdapter\notification-adapter\target\classes\notification-adapter.jks
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:162)
at com.nokia.dpa.ChangeDeviceTrigger.post.PostSoapHttps.main(PostSoapHttps.java:91)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)
... 11 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
... 17 more
Process finished with exit code 0
