javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

JIRA | Gareth Woodham | 3 years ago
  1. 0

    I am trying to get TSAM-SYNC working with latest and greatest version of epsos-tsam-sync-7.4.0-SNAPSHOT from develop branch and after changing to the new Central Services CONET endpoint. Here is my settings.properties {noformat} webservice.url=https://ecrtsppt.conet-services.de/webservice/commonTerminologyService2.0 webservice.user=se_synchronizer webservice.password=se_synchronizer #The options are # TRUNCATE to truncate the strings and continue. # PERSIST to indicate that the application should try to persist the string. sync.longstrings=TRUNCATE # YES indicates to the application to run in debug mode. In debug mode the application is more robust and # does not skip records caused by null values. Null values are replaced with a dummy value, so that the # application can continue. # Any other value of this setting indicates that it is not executed in debug mode. sync.isdebug=YES # If a path to a file is specified then statistics are gathered and written to the specified file. sync.statistics.file= # Indicates what options the application have in case of an error occurs when trying to write # the statistics file. # PRINT = Print to std.out. # IGNORE = Do nothing. sync.statistics.onerror=IGNORE # Indicates to the application at which level it should log the statistics. # Se the available logging levels in the Java API (1.4 and above) java.util.logging.Level sync.statistics.log=INFO # Specify the country code that the synchronizer will use to localize the last sync date for. sync.countrycode=pt # If YES indicates to the application to send audit trail to the audit manager. sync.auditmanager.enable=NO # Specifies the facility used when writing event logs to the audit repository. sync.auditmanager.facility=2 # Specifies the severity at which info event logs are written to the audit repository. sync.auditmanager.infoseverity=1 # Specifies the severity at which error event logs are written to the audit repository. sync.auditmanager.errorseverity=1 # Specifies the transaction number used when writing event logs to the audit repository. sync.auditmanager.transactionnumber=epsos-1 {noformat} And here is the result of starting the jar file {noformat} [xxwoodhg@usbeta13 tsam-sync]$ sh sync.sh Sep 4, 2013 1:02:58 PM epsos.ccd.carecom.tsam.synchronizer.ApplicationController unlockApplication INFO: Lock file deleted Sep 4, 2013 1:02:58 PM epsos.ccd.carecom.tsam.synchronizer.ApplicationController lockApplication INFO: Attempting to lock application. Sep 4, 2013 1:02:58 PM epsos.ccd.carecom.tsam.synchronizer.ApplicationController lockApplication INFO: Lock file written. 2013-09-04 13:02:59,898 [main] DEBUG epsos.ccd.gnomon.configmanager.ConfigurationManagerService - GETTING PROPERTY = [pt.tsam.synchronizer.lastsyncdate] = [Jan 01 2013 00:00:00] Exception in thread "main" epsos.ccd.carecom.tsam.synchronizer.webservice.client.InaccessibleWebServiceURLException: The web service could not be reached at the specified URL: https://ecrtsppt.conet-services.de/webservice/commonTerminologyService2.0 at epsos.ccd.carecom.tsam.synchronizer.webservice.client.AuthenticatedCTS2Webservice.<init>(AuthenticatedCTS2Webservice.java:48) at epsos.ccd.carecom.tsam.synchronizer.SubsequentSynchronization.<init>(SubsequentSynchronization.java:35) at epsos.ccd.carecom.tsam.synchronizer.Client.main(Client.java:43) Caused by: com.sun.xml.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:172) at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144) at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:263) at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:226) at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:174) at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104) at javax.xml.ws.Service.<init>(Service.java:76) at epsos.ccd.carecom.tsam.synchronizer.webservice.client.CommonTerminologyService20_Service.<init>(CommonTerminologyService20_Service.java:42) at epsos.ccd.carecom.tsam.synchronizer.webservice.client.AuthenticatedCTS2Webservice.<init>(AuthenticatedCTS2Webservice.java:46) ... 2 more {noformat} So obviously there is some problems with SSL handshake. Does anybody recognise the error and how do I solve this? Maybe I need to add the CONET public cert to a truststore? Perhaps I must upload one of our certs to CONET? thanks in advance..

    JIRA | 3 years ago | Gareth Woodham
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  2. 0

    Web Service and SSL without modifying cacerts

    Oracle Community | 8 years ago | 843833
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  3. 0

    Apache HTTP client code fails with error "unable to find valid certification path to requested target" but node.js code works fine

    Stack Overflow | 1 month ago | Prasad
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    connecting to self signed SSL certificate from Java on Debian/Ubuntu – Chmouel's Blog

    chmouel.com | 1 month ago
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  6. 0

    Cant connect to internet via firewall proxy

    YouTrack | 1 month ago
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. javax.net.ssl.SSLHandshakeException

      sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

      at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex()
    2. JAX-WS RI Runtime Bundle
      ProviderImpl.createServiceDelegate
      1. com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:172)
      2. com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144)
      3. com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:263)
      4. com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:226)
      5. com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:174)
      6. com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104)
      6 frames
    3. Java RT
      Service.<init>
      1. javax.xml.ws.Service.<init>(Service.java:76)
      1 frame
    4. epsos.ccd.carecom
      AuthenticatedCTS2Webservice.<init>
      1. epsos.ccd.carecom.tsam.synchronizer.webservice.client.CommonTerminologyService20_Service.<init>(CommonTerminologyService20_Service.java:42)
      2. epsos.ccd.carecom.tsam.synchronizer.webservice.client.AuthenticatedCTS2Webservice.<init>(AuthenticatedCTS2Webservice.java:46)
      2 frames