1 Reply Latest reply on Apr 30, 2014 4:40 AM by jeevankumart

SSL configuration do not work with http:endpoint in Fuse Enterprise

jeevankumart Apr 29, 2014 12:31 PM

Hi,

I have a legacy http:endpoint (provider) which was working in older FUSE esb versions. When i installed the endpoint in fuse-esb-7.1.0.fuse-047, it starts successfully. But i am getting SSL HandShake error, during my testing. It seems SSL information provided with the endpoint configuration is not recognized properly.

When i imported the same ssl certificates in jre/lib/security/cacerts, i could see the successful communication.

Thanks In Advance,

Jeevan

Endpoint Configuration:

=================

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:ctx="http://www.springframework.org/schema/context"
       xmlns:osgi="http://camel.apache.org/schema/osgi"
       xmlns:osgix="http://www.springframework.org/schema/osgi-compendium"
       xmlns:http="http://servicemix.apache.org/http/1.0"
       xmlns:camel="http://camel.apache.org/schema/osgi"
       xmlns:wsdl="http://webservices.service.com/"
       xsi:schemaLocation="
           http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
           http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
           http://camel.apache.org/schema/osgi http://camel.apache.org/schema/osgi/camel-osgi.xsd
           http://www.springframework.org/schema/osgi-compendium http://www.springframework.org/schema/osgi-compendium/spring-osgi-compendium.xsd
           http://servicemix.apache.org/http/1.0 http://servicemix.apache.org/schema/servicemix-http-3.2.3.xsd">

    <http:endpoint service="wsdl:ServiceBridge-Out"
                   endpoint="ServiceBridgeIFPort-Out"
                   role="provider"
                   wsdlResource="classpath:wsdl/ServiceBridge-Out.wsdl"
                   locationURI="https://my.hostname:443//xxxxx"
                   defaultMep="http://www.w3.org/2004/08/wsdl/in-out"
                   soap="true">
        <http:basicAuthentication>
            <http:basicAuthCredentials username="user" password="pass12#"></http:basicAuthCredentials>
        </http:basicAuthentication>
        
        <http:ssl>
            <http:sslParameters keyStore="./etc/keystores/my-keystore.jks" keyStorePassword="Password"></http:sslParameters>
        </http:ssl>
        
    </http:endpoint>
    <bean class="org.apache.servicemix.common.osgi.EndpointExporter"></bean>

</beans>

Exception

========

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)[:1.6.0_17]
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)[:1.6.0_17]
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)[:1.6.0_17]

1. Re: SSL configuration do not work with http:endpoint in Fuse Enterprise

jeevankumart Apr 30, 2014 4:40 AM (in response to jeevankumart)
Never mind. I got the issue resolved by configuring the "truststore".
trustStore="./etc/keystores/my-truststore.jks" trustStorePassword="PassWord"

Thanks
Actions