How to fix SSLHandshakeException

Introduction

I have received this message when accessing a web service as a client in this URL

The WSDL document could not be parsed.The following error occured while parsing the WSDL location - WSDLException: faultCode=PARSER_ERROR: Failed to read wsdl file at: "https:/xxx?WSDL", caused by: javax.net.ssl.SSLHandshakeException. : javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

In StackOverflow is the solution 

The CA-ROOT certificate must be included in the cacert file in java-home/lib/security/cacerts


Getting the CAcert certificate

Use Firefox and click in the padlock


Click in this symbol


Get more info


Show certificate


Click on the URL to download de CA certificate



and the CA certificate is downloaded as ACCOMP.crt in this case.


Importing the certificate into the java keystore

Now the certificate can be imported using this command

JAVA_HOME/bin/keytool -import -alias CA-FNMT -file ACCOMP.crt -keystore $JAVA_HOME/jre/lib/security/cacerts

where CA-FNMT is the alias I give to the certificate and ACCOMP.crt is the certificate I have downloaded.


This process can be done using the tool KeyStore Explorer. Open the cacerts keystore and import the downladed certificate


Now the error has disappeared. (Take care that you must trust this CA certificate!)




Comments

Post a Comment

Popular posts from this blog

ORVE WS (Dynamic) (4) Jackson XML mapper

0. Introduction I love Jackson parser as it is easy to use and can be used to with some data formats such as CSV ,  JSON , YAML and XML . Just define a wrapper and a class for marshalling/unmarshalling. Although JAXB is a standard, in the Java ecosystem exists many solutions. And my decision is to use Jackson. 1. Defining MAVEN dependencies To use Jackson XML it is required this dependency in Maven. Note that  ${jackson.version} represents a variable that contains preferably the latest Jackson version. 1 2 3 4 5 <dependency> <groupId> com.fasterxml.jackson.dataformat </groupId> <artifactId> jackson-dataformat-xml </artifactId> <version> ${jackson.version} </version> </dependency> But if you want to use CSV, JSON or YAML in the project, it is as easy as including these dependencies 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 <!-- Jackson for CSV --> <de...
Read more

ENI (1) ENI Document OR the Spanish Electronic Administration Mafia

Image
0.Introduction. Getting the "xsd" schemas 1. Obtaining the afirma.xsd 2. Managing the "xsd" schemas. Changing  schemalocation  property from the  xsd  tag 3. Generating classes from xsd schema 4. Modifying the classes to solve operational problems 0. Old version 1. Generating the classes 0.Introduction. Getting the "xsd" schemas To obtain the correct URLs of the schemas: 1.For the document: https://administracionelectronica.gob.es/ENI/XSD/v1.0/documento-e in this URL it is shown these schemas (click on the link and download the schemas): http://administracionelectronica.gob.es/ENI/XSD/v1.0/documento-e/documentoEni.xsd http://administracionelectronica.gob.es/ENI/XSD/v1.0/documento-e/metadatos/metadatosDocumentoEni.xsd http://administracionelectronica.gob.es/ENI/XSD/v1.0/documento-e/contenido/contenidoDocumentoEni.xsd http://administracionelectronica.gob.es/ENI/XSD/v1.0/firma/firmasEni.xsd 2. For the file (expediente) https://administracionelectronica.gob.es...
Read more

ORVE WS (Dynamic) (12) Defiining the control tables

0. Introduction Our goals are: Retrieving the INPUT records (Received from other administrations) Retrieving the OUTPUT records (Sent to other administrations) To retrieve any record the WS requires at least these parameters   1. State (Estado). For INPUT these are the available states: RPC : Received but confirmation pending RR : Received and rejected RC : Received and confirmed RREEN : Received and resent      For OUTPUT : PE : Pending delivery EPC : Sent but confirmation is pending ER : Sent but rejected EC : Sent and confirmed 2. Date from in " YYYY-MM-DD HH:MM:SS " format 3. Date to in the same format. The system knows who is our administration (Oficina or Office) 1. Additional tables or entities We need to have control of: "Ids" that can identify the records and if the records have been saved and passed to the Gexflow application (an application that controls our records). To get the "Ids", the WS operation...
Read more