3 Replies Latest reply on Aug 25, 2008 5:10 PM by stepmarti

    Keystore problems... using metro

    preston
    preston Aug 25, 2008 1:44 PM

      I'm new to all this, so if pieces of my post don't make sense please ask me to explain further.

      I've used metro to consume a wsdl and create the source files. Now I'm trying to use those files from within JBoss.

      The test server has a cert that I needed to add to my keystore. I've done this using keytool. The problem I seem to be having is that I don't think JBoss is using the keystore because I get the following error

      "javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorEx
      ception: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: una
      ble to find valid certification path to requested target "

      I've made the following changes to my startJBoss.bat
      SET JAVA_OPTS = %JAVA_OPTS% -Djavax.net.ssl.keyStore=mykeystore
      SET JAVA_OPTS = %JAVA_OPTS% -Djavax.net.ssl.keyStorePassword=password

      Any ideas?

      • 1343 Views
      • Tags:
        • 1. Re: Keystore problems... using metro
          stepmarti
          stepmarti Aug 25, 2008 2:31 PM (in response to preston)

          I preston.
          Please specify the Web Service that you need to consume, for example, Does it use WS-Security?, if so, you have to configure the ws-security-client flie to reference the keystore and trustore.

          Peraphs by your post the error messages relates to public key in trutstore file. Rmemeber that you have to add the cert to keystore and trsutore file.

            • Actions
          • 2. Re: Keystore problems... using metro
            preston
            preston Aug 25, 2008 2:56 PM (in response to preston)

            It's an internal web service so I can't post the url. How would I know if it uses WS-Security.

            Are you saying I have to add the cert to BOTH the keystore and truststore? If so is the truststore just another keystore?

              • Actions
            • 3. Re: Keystore problems... using metro
              stepmarti
              stepmarti Aug 25, 2008 5:10 PM (in response to preston)

              Hi,

              I am no asking you for URL Web Service, I am asking you for security configuration.

              "How would I know if it uses WS-Security"
              Re: If the Web Service is implemented using metro you can see it in security service configuration file.

              Respect to keystore, really, you only have to add the cert to truststore because there is where java looks for trust certificates that comes with messages (server sends a message and signs and/or encrypts it whit a cert).

                • Actions