Https query from web application like JSON to the site that needs to add certification exception (the trust) manually. When the user use their own browser to launch a https query to a web site that its certificate is not supported by the standard authorities, the user will be prompted for a permission to accept the certificate as an exception.
For web application server to launch the query, there is no way to prompt the web application to accept the exception, and the default is to reject the untrusted certificate. The web server will complain that the certificate is not found from the keystore for the requested target.
javax.xml.ws.soap.SOAPFaultException
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Now, we have to tell the web server to trust the certificate from the target.
1> Query the target URL by web browser.
2> Download and save the certificate <xxx.pem> from the target.
3> Append the certificate to the keystore
1. cd /usr/java/jdk1.6.0_33/jre/lib/security
2. /usr/java/jdk1.6.0_33/bin/keytool -import -v -trustcacerts -alias <Create your own> -file <filepath/xxx.pem> -keypass
changeit -keystore ./cacerts -storepass changeit
No comments:
Post a Comment