Invoking Web Service Over SSL
Hi,
1) Used clientgen utility to create stub classes based on wsdl file
application is build using following ant task
2) Created a java application which acts as a client for invoking generated stubs (in step 1) for comunicating with webservice over HTTPS protocol.
3) Able to comunicate with required webservice through normal java client.
4) Integrate the above created java application in weblogic workflows. All the required jar (stubs and application) files are available in APP-INF/lib directory ofworrkflow application.
5) While invoking java application from work flow (to communicate with webservice) we get the following error
SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: The server at https://www.3pv.
net/3PVWebServices/3PVWebServices.asmx returned a 403 error code (Forbidden). P
lease ensure that your URL is correct and that the correct protocol is in use.
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webse
rvice/fault/1.0.0">weblogic.webservice.util.AccessException: The server at https
://www.3pv.net/3PVWebServices/3PVWebServices.asmx returned a 403 error code (For
bidden). Please ensure that your URL is correct and that the correct protocol i
s in use.
at weblogic.webservice.binding.soap.HttpClientBinding.handleErrorRespons
e(HttpClientBinding.java:371)
at weblogic.webservice.binding.soap.HttpClientBinding.receive(HttpClient
Binding.java:233)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientH
Thanks
Sandip Mehta
Hey exact problem i am facing
1. Can access webservice through my thin java client using the stubs generated by clientgen.
2. But get 403 error when running inside weblogic.
8.1 SP2
Also saw in SP4 release notes....
CR185228:
The WebService SSL client failed to connect the service when "weblogic.webservice.client.ssl.strictcertchecking" was not set to false. WebLogic Server now connects to the service with this property set to either true or false."
Does this mean if i set
weblogic.webservice.client.ssl.strictcertchecking =false in SP2 my call from within weblogic will work
I appreciate immediate feedback.
Sachin
Similar Messages
-
Error while invoking web service over SSL
While making a SSL Connections to web service i am getting the below mentioned error in spite of configuring the certificate provided by the client onto WLS.
I tried adding the certificate to the default DemoTrust and DemoIdentity Keystores. The error still persisted.
I also tried importing the certificate(into cacerts keystore) as Java Standard Trust as well as tried pointing it to the custom keystores. None of it worked :(
Could somebody please give a solution to resolve this error ASAP.
The error is:
Message:exception occured, due to org.apache.axis2.AxisFault: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
org.apache.axis2.AxisFault: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:83)
at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:84)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:542)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:76)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:400)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:225)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at com.intel.services.warrantyservice.Get_Warranty_Details_OutServiceStub.get_Warranty_Details_Out(Get_Warranty_Details_OutServiceStub.java:184)
at com.intel.www.PortalServices.PortalServicesSOAPImpl.getWarrantyDetails(PortalServicesSOAPImpl.java:1865)
at com.intel.www.PortalServices.PortalServicesSOAPSkeleton.getWarrantyDetails(PortalServicesSOAPSkeleton.java:213)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3590)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: javax.xml.stream.XMLStreamException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at weblogic.xml.stax.XMLWriterBase.flush(XMLWriterBase.java:504)
at org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.java:168)
at org.apache.axis2.databinding.utils.writer.MTOMAwareXMLSerializer.flush(MTOMAwareXMLSerializer.java:79)
at org.apache.axis2.databinding.ADBDataSource.serialize(ADBDataSource.java:94)
at org.apache.axiom.om.impl.llom.OMSourcedElementImpl.internalSerializeAndConsume(OMSourcedElementImpl.java:738)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:966)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerializeAndConsume(OMElementImpl.java:995)
at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.serializeInternally(SOAPEnvelopeImpl.java:254)
at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:242)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerializeAndConsume(OMElementImpl.java:995)
at org.apache.axiom.om.impl.llom.OMNodeImpl.serializeAndConsume(OMNodeImpl.java:486)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:79)
... 48 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStream.java:191)
at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
at java.io.BufferedWriter.flush(BufferedWriter.java:236)
at weblogic.xml.stax.XMLWriterBase.flush(XMLWriterBase.java:502)
... 59 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
... 74 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 80 moreWhich version/platform are you using?
The thing you need to consider here is that the JDev proxy settings do not affect the BPEL server.
So if the BPEL server cannot connect to your webservice, it will not be because of any Jdev setting.
Check the proxy settings on your BPEL server (on 10.1.2 developer install it will be in obsetenv.bat, on 10.1.3 it will be a commandline property of the JVM - see AS Control administration page for the JVM) -
BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6
We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
<Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
tboundMessageContext.java:310)
at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Truncated. see log file for complete stacktrace
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
Truncated. see log file for complete stacktrace
This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
Thanks.
Matt
Edited by: user6946981 on Sep 17, 2009 7:58 AMAre you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way. -
Web service client behind a proxy server connecting to web service over SSL
Hi Friends,
A web service is exposed by an external system over SSL. We are behind a proxy server and are trying to get connected to web service over SSL. <p>
We are getting the following error on the test browser of workshop<p><p>
External Service Failure: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.<p><p>
the whole trace is <p>
<p>JDIProxy attached
<Sep 24, 2005 9:27:25 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl:salesExpertServiceControl; Method=creditcheckcontr
ol.SalesExpertServiceControl.doCreditVerification(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
Code:javax.net.ssl.SSLHandshakeException
String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
Detail:
END SERVICE FAULT>
<Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl; Method=creditcheckcontrol.CreditCheck.testCreditC
heck(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
Code:javax.net.ssl.SSLHandshakeException
String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
Detail:
END SERVICE FAULT [ServiceException]>
<Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=top-level; Method=processes.CreditCheck_wf.$__clientRequest(); Fai
lure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled process exception [ServiceException]>
<Sep 24, 2005 9:27:26 AM EDT> <Error> <WLW> <000000> <Failure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled pr
ocess exception [ServiceException]><p>
I am not able to make out what could be possibly wrong. Please let me know if you guys have any ideas about how to resolve it.
Thanks
Sridhardid you resolve this problem. I am looking at the same issue. If you did I would really appreciate your response.
Thanks. -
Web Service over SSL failing in BEA Workshop
I have deployed a web service on weblogic 9.2
I have enabled one-way ssl on it. got a trial ssl certificate from verisign. installed them on the keystore/truststore on the server as well as the jre (cacerts and jssecacerts truststores) being used by the client. the client is on different machine than the server.
i have developed the service through 'bea weblogic workshop 9.2' now when i try to test the service through the 'web services explorer' within bea weblogic workshop i receive the following error:
IWAB0135E An unexpected error has occurred.
IOException
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
on server:
<Jul 13, 2009 6:45:44 PM EDT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from yunus.l1id.local - 10.10.2.72. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
if i try to access the web service (over ssl) through the browser (ie/firefox), it works fine. i have generated a proxy class to access this web service through the same bea workshop and that works fine too. certificates are identified and all. i also created a small .net (c#) application that calls this secure web service over ssl from another machine and it works fine too!
of course non-secure url for the web service is working fine in every case.
what can be the reason for this failing only in 'web services explorer' in bea workshop?
cross posted at: http://www.coderanch.com/t/453879/Web-Services/java/Web-Service-over-SSL-failing
thanks.Hello,
I used this example, when I made my experiments with SSL and Glassfish (GF):
http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
If you have problems with GF I suggest to post a message here:
http://forums.java.net/jive/forum.jspa?forumID=56
e.g. here is one thread:
http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
Miro. -
Web Service over SSL exception
Hi,
Using NetBeans 6.5 (updated), I have created a web service like this:
package test.webservice;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import javax.ejb.Stateless;
@WebService()
@Stateless()
public class TestWebService {
@WebMethod(operationName = "testOperation")
public String testOperation(@WebParam(name = "firstParameter") String firstParameter) {
//TODO write your implementation code here:
return "This method has executed " + (firstParameter == null ? "no strings attached." : firstParameter);
}I've deployed and tested it on a local Glassfish server. Some additional information:
- Sun GlassFish Enterprise Server v2.1 (9.1.1) (build b60e-fcs)
- jdk1.6.0_13
It worked fine when accessing it through 'http://localhost:8080/TestWebServiceService/TestWebService?Tester', however, when accessing it through the SSL port (using this link: 'https://localhost:8181/TestWebServiceService/TestWebService?Tester'), it has produced an exception with the following stack trace:
Exceptions details : null
java.lang.NullPointerException at java.io.File.(File.java:222) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.initializePort(WebServiceTesterServlet.java:524) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.doGet(WebServiceTesterServlet.java:184) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.invoke(WebServiceTesterServlet.java:119) at com.sun.enterprise.webservice.EjbWebServiceServlet.service(EjbWebServiceServlet.java:142) at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) at com.sun.enterprise.web.AdHocContextValve.invoke(AdHocContextValve.java:114) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:87) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:222) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1096) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:166) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1096) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:288) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:647) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:579) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:831) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.process(SSLReadTask.java:440) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.doTask(SSLReadTask.java:228) at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
Question 1: Why isn't the tester working when using the SSL port? A reason or a bug (possibly fixed in later releases)?
Question 2: Will the Web Service itself also not work when invoked through the SSL port? Is it possible to invoke a simple web service over the simple SSL port?
Question 3: When accessing the WSDL description through the SSL port it produces a blank (empty) response - a blank page. Why so?
Thank you very much in advance!
Best regards
MatejHello,
I used this example, when I made my experiments with SSL and Glassfish (GF):
http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
If you have problems with GF I suggest to post a message here:
http://forums.java.net/jive/forum.jspa?forumID=56
e.g. here is one thread:
http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
Miro. -
Web Service over SSL hangs if sent data size exceeds around 12Kb
Hi,
I have a Web Service running on a WebLogic Server 10.3. One of its purposes is to send and receive documents over a one-way SSL connection. The service runs fine if the documents are smaller than around 12Kb, however if its larger than that, the service simply hangs. From SSL debug information it looks like some data is sent but afterwards it simply stops. When testing the Web Service without SSL it works fine, which points to an SSL issue. Also, surprisingly, when it receives documents over the SSL, it also works fine. I assumed there is a parameter that limits the size of the POST message sent over SSL, however all the parameters that I found, that could do that, were already set to unlimited.We ended up resolving this issue. It turned out to be something really simple. The client that was sending the soap traffic did not have the proper SSL certificate installed on the server that was generating the soap traffic.
-
Getting error when trying to invoke web service - disable SSL
Hi
Please advise me how to disable the SSL for bpel.
The problem which am facing is as below
I am trying to invoke web service in another site, its showing me error as
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExpiredException:
Now i would like to disable the SSL for this handshake, so that it wont look for certificates and invokes the web service directly, right.
So please advise how to disable to SSL in bpel (10.1.2) now.
Thanks
Suneel JakkaThe SSL handshake works differently to a browser as it is making the connections automatically.
The browser asks every time if you want to trust an expired certificate, and it also recommends not to. Its impractical to manually check every service call to say do you trust the certificate so the functionality doesn't exist. I doubt any integration product does this. Therefore there isn't a option to ignore the certificate if it has expired.
This makes sence as the certificate is untrustworthy. The whole idea around SSL is trusting the site you are communicating with, all parties need to be trusted. This stops hackers from replicating their site and intercepting data.
If the administrator of the remote site is not willing to renew the certificate, are they really interested in SSL. I suggest they expose a non SSL service.
cheers
James -
Problema with web services over ssl
I'm trying to consume a web service that require ssql. i enabled ssl debug, but i can't understand what's wrong. :-(
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Arquivos de programas\Java\jdk1.6.0_06\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Algorithm: RSA; Serial number: 0x20000000000d678b79405
Valid from Tue Sep 01 09:00:00 GMT-03:00 1998 until Tue Jan 28 09:00:00 GMT-03:00 2014
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:44:50 GMT-03:00 2000 until Sat May 30 07:44:50 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
Algorithm: RSA; Serial number: 0x10a
Valid from Wed Feb 14 14:58:31 GMT-03:00 2007 until Mon Feb 13 14:58:31 GMT-03:00 2012
adding as trusted cert:
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a5
Valid from Wed Aug 12 21:29:00 GMT-03:00 1998 until Mon Aug 13 20:59:00 GMT-03:00 2018
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000b9
Valid from Fri May 12 15:46:00 GMT-03:00 2000 until Mon May 12 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389ef6e4
Valid from Mon Feb 07 13:16:40 GMT-03:00 2000 until Fri Feb 07 13:46:40 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000bf
Valid from Wed May 17 11:01:00 GMT-03:00 2000 until Sat May 17 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
Valid from Thu Mar 23 11:10:23 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x374ad243
Valid from Tue May 25 13:09:40 GMT-03:00 1999 until Sat May 25 13:39:40 GMT-03:00 2019
adding as trusted cert:
Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
Valid from Wed Mar 22 12:54:28 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x380391ee
Valid from Tue Oct 12 16:24:30 GMT-03:00 1999 until Sat Oct 12 16:54:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 21:19:54 GMT-03:00 1999 until Tue Jun 25 21:19:54 GMT-03:00 2019
adding as trusted cert:
Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:38:31 GMT-03:00 2000 until Sat May 30 07:38:31 GMT-03:00 2020
adding as trusted cert:
Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:48:38 GMT-03:00 2000 until Sat May 30 07:48:38 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x35def4cf
Valid from Sat Aug 22 13:41:51 GMT-03:00 1998 until Wed Aug 22 13:41:51 GMT-03:00 2018
adding as trusted cert:
Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:39:16 GMT-03:00 2004 until Thu Jun 29 14:39:16 GMT-03:00 2034
adding as trusted cert:
Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x4
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Algorithm: RSA; Serial number: 0x1
Valid from Wed Dec 31 21:00:00 GMT-03:00 2003 until Sun Dec 31 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Algorithm: RSA; Serial number: 0x3770cfb5
Valid from Wed Jun 23 09:14:45 GMT-03:00 1999 until Sun Jun 23 09:14:45 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Algorithm: RSA; Serial number: 0x400000000010f8626e60d
Valid from Fri Dec 15 05:00:00 GMT-03:00 2006 until Wed Dec 15 05:00:00 GMT-03:00 2021
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389b113c
Valid from Fri Feb 04 14:20:00 GMT-03:00 2000 until Tue Feb 04 14:50:00 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Algorithm: RSA; Serial number: 0x2ad667e4e45fe5e576f3c98195eddc0
Valid from Tue Nov 08 21:00:00 GMT-03:00 1994 until Thu Jan 07 20:59:59 GMT-03:00 2010
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x23456
Valid from Tue May 21 01:00:00 GMT-03:00 2002 until Sat May 21 01:00:00 GMT-03:00 2022
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x24
Valid from Fri Apr 06 07:49:13 GMT-03:00 2001 until Tue Apr 06 07:49:13 GMT-03:00 2021
adding as trusted cert:
Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:06:20 GMT-03:00 2004 until Thu Jun 29 14:06:20 GMT-03:00 2034
adding as trusted cert:
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
Valid from Fri Jul 09 15:10:42 GMT-03:00 1999 until Tue Jul 09 15:19:22 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
Valid from Fri Jul 09 14:28:50 GMT-03:00 1999 until Tue Jul 09 14:36:58 GMT-03:00 2019
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 03:00:00 GMT-03:00 2002 until Thu Nov 19 17:43:00 GMT-03:00 2037
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863b966
Valid from Fri Dec 24 14:50:51 GMT-03:00 1999 until Tue Dec 24 15:20:51 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 11:50:00 GMT-03:00 1998 until Wed Aug 14 20:59:00 GMT-03:00 2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Fri Jul 09 15:31:20 GMT-03:00 1999 until Tue Jul 09 15:40:36 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Thu Jun 24 15:57:21 GMT-03:00 1999 until Mon Jun 24 16:06:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 04:29:40 GMT-03:00 2001 until Tue Apr 06 04:29:40 GMT-03:00 2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 11:38:43 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1213102186 bytes = { 150, 70, 222, 91, 1, 159, 135, 122, 245, 66, 221, 50, 113, 8, 128, 154, 68, 232, 127, 215, 140, 215, 148, 147, 58, 93, 236, 23 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 10761
*** ServerHello, TLSv1
RandomCookie: GMT: 1213102414 bytes = { 186, 36, 22, 99, 140, 117, 31, 5, 231, 216, 148, 205, 190, 127, 202, 37, 111, 176, 39, 77, 137, 208, 110, 239, 167, 210, 211, 160 }
Session ID: {72, 78, 121, 78, 23, 96, 172, 97, 143, 196, 65, 95, 90, 198, 182, 217, 85, 189, 237, 255, 214, 174, 250, 18, 138, 100, 13, 130, 185, 47, 30, 194}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=homolog.sefaz.go.gov.br, OU=Equipamento A1, OU=SEFAZ, OU=Autoridade Certificadora SERPROACF, O=ICP-Brasil, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 121822830792857140980544413730208327423965418338836769494531514391506636002202311770038004646445375567736723855328246700773881808368957013969090425291780159678803518407365187798936095103086486699406270894225547100200566740997780387564247231686362223169873014182514927324634241630443664842180597672619260289963
public exponent: 65537
Validity: [From: Mon Aug 20 15:22:15 GMT-03:00 2007,
To: Tue Aug 19 15:22:15 GMT-03:00 2008]
Issuer: CN=Autoridade Certificadora do SERPRO Final v1, OU=CSPB-1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
SerialNumber: [ 32303037 30383230 31373434 35343032]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 32 38 96 C7 EE 44 64 E9 9A AA 15 5D E0 08 B4 8D 28...Dd....]....
0010: 89 47 51 A2 .GQ.
[2]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://ccd.serpro.gov.br/lcr/serproacfv1.crl]
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.4
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.2
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.3
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.7
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.8
RFC822Name: [email protected]
[4]: ObjectId: 2.5.29.37 Criticality=true
ExtendedKeyUsages [
serverAuth
clientAuth
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.76.1.2.1.16]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 39 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .9https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 73 65 72 70 rpro.gov.br/serp
0020: 72 6F 61 63 66 2F 64 6F 63 73 2F 64 70 63 73 65 roacf/docs/dpcse
0030: 72 70 72 6F 61 63 66 2E 70 64 66 rproacf.pdf
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
[7]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 5B 3B 86 9B 76 9A 9E 5A 21 53 38 A2 38 F8 53 00 [;..v..Z!S8.8.S.
0010: DA 12 46 B4 18 77 7E 12 8F A8 BE 36 DC C8 FB 50 ..F..w.....6...P
0020: 75 AA 4B 53 62 68 8A 5E 89 BB A5 96 54 75 4B DE u.KSbh.^....TuK.
0030: A5 C8 B8 85 5F 37 D5 A9 AC 9D 06 9E 31 B3 E0 E7 ...._7......1...
0040: BF AC B5 87 9F 24 AB 9D B5 C1 20 6B 63 B4 77 7E .....$.... kc.w.
0050: 83 1D 59 2F 81 B7 3D 02 45 D3 26 C4 A8 09 6E 3A ..Y/..=.E.&...n:
0060: 16 A3 0B 35 EE 06 4E 98 20 BD B3 92 90 50 C1 ED ...5..N. ....P..
0070: 2D 00 66 2D D0 C7 7D 7A 54 2B 1F 7D 68 11 C9 D8 -.f-...zT+..h...
0080: D4 45 5A 7D C4 C3 55 E6 0F 6D A1 5C D4 69 AC 04 .EZ...U..m.\.i..
0090: DB 0F FC 02 DF 63 17 17 A2 DD 9D 3E C6 6A 1E F2 .....c.....>.j..
00A0: 9B 6B 27 48 B2 52 75 8A B1 8B 6B 05 0D 7A 83 7E .k'H.Ru...k..z..
00B0: 3B 4D 5F 13 4D 69 7D 98 BF D0 29 86 43 01 1F F0 ;M_.Mi....).C...
00C0: DD D9 4D 41 D2 27 82 B3 D6 48 3B A6 CA 7B 18 21 ..MA.'...H;....!
00D0: E0 8A D0 07 EF 1F 4F 6D DA 74 BC AC 64 99 9C 80 ......Om.t..d...
00E0: FD EC 89 22 AE 18 D3 1A 1B C8 D4 D8 EC 69 80 99 ...".........i..
00F0: 43 5B 91 1C E3 28 5F 4C 51 71 F4 4D 85 01 71 E7 C[...(_LQq.M..q.
chain [1] = [
Version: V3
Subject: CN=Autoridade Certificadora do SERPRO Final v1, OU=CSPB-1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 23659367425961339986383814473655435770305076360336120846402324294010759604691167341796796450718297422937486485989173997689009435615853573479123246742093161509679795253583183150516996100507241385700603597169864442790237544440295928051568067762067963906038465181975829517141032706152589802921982785603244093509126659971216775796468681697846064212891335993008177024582806600140619329189802486109058177503824508848203446928569492107040513868017002818333597993397664228505910643929070063949422917116775478325433437537593716368812763202859366097841062831999053298446527212103412654663554371896386629504450969081314886684871
public exponent: 58865
Validity: [From: Mon Apr 04 13:26:59 GMT-03:00 2005,
To: Mon Oct 24 20:59:00 GMT-03:00 2011]
Issuer: CN=Autoridade Certificadora do SERPRO v1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
SerialNumber: [ 32303035 30343034 31353530 35363030 3031]
Certificate Extensions: 6
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 32 38 96 C7 EE 44 64 E9 9A AA 15 5D E0 08 B4 8D 28...Dd....]....
0010: 89 47 51 A2 .GQ.
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E2 8B 15 41 DB 75 39 29 BC 1C 54 7B FB 51 3F 14 ...A.u9)..T..Q?.
0010: 09 12 F2 B4 ....
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://ccd.serpro.gov.br/lcr/acserpro.crl]
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.76.1.2.1.16]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 37 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .7https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 61 63 73 65 rpro.gov.br/acse
0020: 72 70 72 6F 2F 64 6F 63 73 2F 64 70 63 61 63 73 rpro/docs/dpcacs
0030: 65 72 70 72 6F 2E 70 64 66 erpro.pdf
[CertificatePolicyId: [2.16.76.1.2.3.13]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 37 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .7https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 61 63 73 65 rpro.gov.br/acse
0020: 72 70 72 6F 2F 64 6F 63 73 2F 64 70 63 61 63 73 rpro/docs/dpcacs
0030: 65 72 70 72 6F 2E 70 64 66 erpro.pdf
[CertificatePolicyId: [2.16.76.1.2.1.17]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 37 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .7https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 61 63 73 65 rpro.gov.br/acse
0020: 72 70 72 6F 2F 64 6F 63 73 2F 64 70 63 61 63 73 rpro/docs/dpcacs
0030: 65 72 70 72 6F 2E 70 64 66 erpro.pdf
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
Algorithm: [SHA1withRSA]
Signature:
0000: 20 D5 4E 17 91 54 10 D5 3C 8C A0 3F F3 5D 23 FB .N..T..<..?.]#.
0010: 03 83 C8 92 59 13 58 E1 DA 37 3E B6 85 00 F2 F5 ....Y.X..7>.....
0020: C2 5E 27 DE C6 DD 30 F1 F8 8D CB DF E0 79 42 52 .^'...0......yBR
0030: E8 8A 9C C0 39 40 67 E2 32 19 05 0F C3 8A 62 7C [email protected].
0040: 44 D8 AB 1C 02 90 BF 4A 0D 85 89 D9 28 3C 19 6A D......i get a new certificate and now i'm getting the following error:
run:
keyStore is : D:\NFe\FiboNFe\Codigo\binarios\Certificados\00647154000250.p12
keyStore type is : PKCS12
keyStore provider is :
init keystore
init keymanager of type SunX509
found key for : ac sefazgo - zema cia de petroleo ltda
chain [0] = [
Version: V3
Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 156165028103689130512128042499152839841454193332056593988973957180679312477722424100906759434445855868490108915782950316422470489371768181578031249674215052225925638629814529894401995141383245975637710610778796528775386241354343792138837300923183596668288077189084522054268656963846045071234921096231142045503
public exponent: 65537
Validity: [From: Wed Feb 14 14:58:31 GMT-03:00 2007,
To: Mon Feb 13 14:58:31 GMT-03:00 2012]
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
SerialNumber: [ 010a]
Certificate Extensions: 8
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 34 16 32 43 65 72 74 69 66 69 63 61 64 6F 20 .4.2Certificado
0010: 63 6C 69 65 6E 74 65 20 70 61 72 61 20 5A 45 4D cliente para ZEM
0020: 41 20 43 49 41 20 44 45 20 50 45 54 52 4F 4C 45 A CIA DE PETROLE
0030: 4F 20 4C 54 44 41 O LTDA
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 98 9E 12 CE 90 93 05 1A D5 22 DA 37 86 DE FA DF .........".7....
0010: 82 DA 3D 76 ..=v
[3]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
S/MIME
Object Signing
[4]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR]
SerialNumber: [ fddca941 482ec9a8]
[5]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: [email protected]
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.4
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.2
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.3
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.7
[6]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://homolog.sefaz.go.gov.br/acsefazgo/acsefazgo.crl]
[7]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
[8]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 5D C2 B6 D0 46 C7 62 75 0B C9 4B 33 6C DC C9 59 ]...F.bu..K3l..Y
0010: 5E 2C C0 DB 5E 4A 1D 92 E7 07 D6 57 A8 42 F3 9C ^,..^J.....W.B..
0020: 20 73 06 2F 85 C3 7F D7 4B 9C 37 01 78 CE F5 D6 s./....K.7.x...
0030: 0A 4E 73 E3 97 D4 91 AB E5 36 FD E1 72 0A 52 81 .Ns......6..r.R.
0040: E4 7C 71 C9 ED 3B 07 CF 5F 92 23 6E BD D1 41 B4 ..q..;.._.#n..A.
0050: 0E 63 98 34 30 58 45 BC F2 8B 79 CC 42 35 C4 9E .c.40XE...y.B5..
0060: 11 60 4A 4D 18 E8 5C 5D E0 DE 00 62 92 3E 5C 3A .`JM..\]...b.>\:
0070: F8 1B 22 F3 25 0D F1 44 19 0F 4D 39 AB 28 2A D9 ..".%..D..M9.(*.
chain [1] = [
Version: V1
Subject: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 127802546146235830576140179493601283095940595321418162651326663347027489542570383903029994774550120601063051515739969496712154341918329211265045381248247800442115925457899222625312701264189136966705127659226917208209098405021110477504756857490937404558470512168426299183317779894163270945711882621802732846421
public exponent: 65537
Validity: [From: Mon Feb 12 21:49:13 GMT-03:00 2007,
To: Thu Feb 09 21:49:13 GMT-03:00 2017]
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
SerialNumber: [ fddca941 482ec9a8]
Algorithm: [SHA1withRSA]
Signature:
0000: 9C FC A1 04 AC D5 EB E6 27 EC B3 F8 5F 77 96 C6 ........'..._w..
0010: 3D 65 8D C7 83 C4 3E 17 E3 AF D2 8C 66 48 C0 38 =e....>.....fH.8
0020: 12 41 41 18 58 92 91 6D 64 E1 8C B5 5A 3C 18 5B .AA.X..md...Z<.[
0030: E6 42 79 97 1B 50 4D 7B 49 C5 55 95 7B 73 EC 42 .By..PM.I.U..s.B
0040: A5 BE E5 A7 4A 2A 00 59 0C B3 0D B9 23 F6 D5 70 ....J*.Y....#..p
0050: 1B 9A 2B 75 97 46 25 EF 1C 7C 57 41 43 7B 37 53 ..+u.F%...WAC.7S
0060: E3 D7 BF 04 AE EA 83 26 B7 AF D2 8D 50 4B 04 60 .......&....PK.`
0070: 3A CE 5A A6 4B 0E 27 BA A6 7D 49 02 34 CD EB F6 :.Z.K.'...I.4...
trustStore is: C:\Arquivos de programas\Java\jdk1.6.0_06\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Algorithm: RSA; Serial number: 0x20000000000d678b79405
Valid from Tue Sep 01 09:00:00 GMT-03:00 1998 until Tue Jan 28 09:00:00 GMT-03:00 2014
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:44:50 GMT-03:00 2000 until Sat May 30 07:44:50 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
Algorithm: RSA; Serial number: 0x10a
Valid from Wed Feb 14 14:58:31 GMT-03:00 2007 until Mon Feb 13 14:58:31 GMT-03:00 2012
adding as trusted cert:
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a5
Valid from Wed Aug 12 21:29:00 GMT-03:00 1998 until Mon Aug 13 20:59:00 GMT-03:00 2018
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000b9
Valid from Fri May 12 15:46:00 GMT-03:00 2000 until Mon May 12 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389ef6e4
Valid from Mon Feb 07 13:16:40 GMT-03:00 2000 until Fri Feb 07 13:46:40 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000bf
Valid from Wed May 17 11:01:00 GMT-03:00 2000 until Sat May 17 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
Valid from Thu Mar 23 11:10:23 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x374ad243
Valid from Tue May 25 13:09:40 GMT-03:00 1999 until Sat May 25 13:39:40 GMT-03:00 2019
adding as trusted cert:
Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
Valid from Wed Mar 22 12:54:28 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x380391ee
Valid from Tue Oct 12 16:24:30 GMT-03:00 1999 until Sat Oct 12 16:54:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 21:19:54 GMT-03:00 1999 until Tue Jun 25 21:19:54 GMT-03:00 2019
adding as trusted cert:
Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:38:31 GMT-03:00 2000 until Sat May 30 07:38:31 GMT-03:00 2020
adding as trusted cert:
Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:48:38 GMT-03:00 2000 until Sat May 30 07:48:38 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x35def4cf
Valid from Sat Aug 22 13:41:51 GMT-03:00 1998 until Wed Aug 22 13:41:51 GMT-03:00 2018
adding as trusted cert:
Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:39:16 GMT-03:00 2004 until Thu Jun 29 14:39:16 GMT-03:00 2034
adding as trusted cert:
Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x4
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Algorithm: RSA; Serial number: 0x1
Valid from Wed Dec 31 21:00:00 GMT-03:00 2003 until Sun Dec 31 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Algorithm: RSA; Serial number: 0x3770cfb5
Valid from Wed Jun 23 09:14:45 GMT-03:00 1999 until Sun Jun 23 09:14:45 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Algorithm: RSA; Serial number: 0x400000000010f8626e60d
Valid from Fri Dec 15 05:00:00 GMT-03:00 2006 until Wed Dec 15 05:00:00 GMT-03:00 2021
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389b113c
Valid from Fri Feb 04 14:20:00 GMT-03:00 2000 until Tue Feb 04 14:50:00 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Algorithm: RSA; Serial number: 0x2ad667e4e45fe5e576f3c98195eddc0
Valid from Tue Nov 08 21:00:00 GMT-03:00 1994 until Thu Jan 07 20:59:59 GMT-03:00 2010
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x23456
Valid from Tue May 21 01:00:00 GMT-03:00 2002 until Sat May 21 01:00:00 GMT-03:00 2022
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x24
Valid from Fri Apr 06 07:49:13 GMT-03:00 2001 until Tue Apr 06 07:49:13 GMT-03:00 2021
adding as trusted cert:
Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:06:20 GMT-03:00 2004 until Thu Jun 29 14:06:20 GMT-03:00 2034
adding as trusted cert:
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
Valid from Fri Jul 09 15:10:42 GMT-03:00 1999 until Tue Jul 09 15:19:22 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
Valid from Fri Jul 09 14:28:50 GMT-03:00 1999 until Tue Jul 09 14:36:58 GMT-03:00 2019
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 03:00:00 GMT-03:00 2002 until Thu Nov 19 17:43:00 GMT-03:00 2037
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863b966
Valid from Fri Dec 24 14:50:51 GMT-03:00 1999 until Tue Dec 24 15:20:51 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 11:50:00 GMT-03:00 1998 until Wed Aug 14 20:59:00 GMT-03:00 2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Fri Jul 09 15:31:20 GMT-03:00 1999 until Tue Jul 09 15:40:36 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Thu Jun 24 15:57:21 GMT-03:00 1999 until Mon Jun 24 16:06:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 04:29:40 GMT-03:00 2001 until Tue Apr 06 04:29:40 GMT-03:00 2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 11:38:43 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1213286062 bytes = { 175, 119, 88, 156, 122, 87, 49, 44, 101, 238, 155, 248, 50, 93, 130, 181, 230, 183, 242, 175, 99, 73, 45, 213, 138, 159, 67, 2 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 48 51 47 AE AF 77 58 9C 7A 57 ...E..HQG..wX.zW
0010: 31 2C 65 EE 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 1,e...2]......cI
0020: 2D D5 8A 9F 43 02 00 00 1E 00 04 00 05 00 2F 00 -...C........./.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 48 51 47 AE AF 77 58 9C 7A 57 31 2C 65 EE ..HQG..wX.zW1,e.
0050: 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 2D D5 8A 9F ..2]......cI-...
0060: 43 02 C.
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
0000: 80 62 01 03 01 00 39 00 00 00 20 00 00 04 01 00 .b....9... .....
0010: 80 00 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A ....../..3..2...
0020: 07 00 C0 00 00 16 00 00 13 00 00 09 06 00 40 00 ..............@.
0030: 00 15 00 00 12 00 00 03 02 00 80 00 00 08 00 00 ................
0040: 14 00 00 11 48 51 47 AE AF 77 58 9C 7A 57 31 2C ....HQG..wX.zW1,
0050: 65 EE 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 2D D5 e...2]......cI-.
0060: 8A 9F 43 02 ..C.
[Raw read]: length = 5
0000: 16 03 01 2A 09 ...*.
[Raw read]: length = 1447
0000: 02 00 00 46 03 01 48 51 48 9A E1 59 9B EA B2 68 ...F..HQH..Y...h
0010: 3E 94 C8 47 A5 D6 1B 61 84 A6 09 1D 59 5D 16 1E >..G...a....Y]..
0020: B2 20 9C FF 2C B2 20 48 51 48 9A 01 56 28 85 90 . ..,. HQH..V(..
0030: 5C D9 06 F0 DC B0 A4 7E DB 4C 64 25 0D 3D 4E FF \........Ld%.=N.
0040: B3 89 4D 54 E7 0E AF 00 04 00 0B 00 14 09 00 14 ..MT............
0050: 06 00 05 47 30 82 05 43 30 82 04 2B A0 03 02 01 ...G0..C0..+....
0060: 02 02 10 32 30 30 37 30 38 32 30 31 37 34 34 35 ...2007082017445
0070: 34 30 32 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 4020...*.H......
0080: 05 00 30 81 A6 31 0B 30 09 06 03 55 04 06 13 02 ..0..1.0...U....
0090: 42 52 31 13 30 11 06 03 55 04 0A 13 0A 49 43 50 BR1.0...U....ICP
00A0: 2D 42 72 61 73 69 6C 31 3B 30 39 06 03 55 04 0B -Brasil1;09..U..
00B0: 13 32 53 65 72 76 69 63 6F 20 46 65 64 65 72 61 .2Servico Federa
00C0: 6C 20 64 65 20 50 72 6F 63 65 73 73 61 6D 65 6E l de Processamen
00D0: 74 6F 20 64 65 20 44 61 64 6F 73 20 2D 20 53 45 to de Dados - SE
00E0: 52 50 52 4F 31 0F 30 0D 06 03 55 04 0B 13 06 43 RPRO1.0...U....C
00F0: 53 50 42 2D 31 31 34 30 32 06 03 55 04 03 13 2B SPB-11402..U...+
0100: 41 75 74 6F 72 69 64 61 64 65 20 43 65 72 74 69 Autoridade Certi
0110: 66 69 63 61 64 6F 72 61 20 64 6F 20 53 45 52 50 ficadora do SERP
0120: 52 4F 20 46 69 6E 61 6C 20 76 31 30 1E 17 0D 30 RO Final v10...0
0130: 37 30 38 32 30 31 38 32 32 31 35 5A 17 0D 30 38 70820182215Z..08
0140: 30 38 31 39 31 38 32 32 31 35 5A 30 81 9A 31 0B 0819182215Z0..1.
0150: 30 09 06 03 55 04 06 13 02 42 52 31 13 30 11 06 0...U....BR1.0..
0160: 03 55 04 0A 13 0A 49 43 50 2D 42 72 61 73 69 6C .U....ICP-Brasil
0170: 31 2B 30 29 06 03 55 04 0B 13 22 41 75 74 6F 72 1+0)..U..."Autor
0180 -
Hi,
I have to develope a Web Service proxy client to invoke a web service on SSL. First I'm testing with OC4J 10.1.3.1 and JDEV 10.1.3.1 and did this:
1) Developed a basic PL/SQL Web Service with JDEV and publish on my standalone OC4J.
2) Made a test with a browser, it worked OK
3) Generated a proxy client from JDev 10.1.3.1 to invoke web service, it worked OK
--- Now make it work on SSL----
4) Then, added SSL configuration to oc4j , generated a certificate with keytool (updated server.xml, secure-web-site.xml), and shutting down and starting the OC4j instance.
5) Import the certificate to JAVA_HOME/jre/lib/security/cacerts
6) Test web service from browser on https and worked OK.
7) When tried to modified proxy client (generated in step 3) to make it work on SSL, I realized that just changing the END_POINT to the new url (https) it worked!
Questions----
1.- By default the proxy client generated from JDEV 10.1.3.1 knows how to deal with SSL conections?
2.- If I dont have previously the server certificate to import it into JAVA keystore (cacerts) how could I ,from proxy client code, capture it and import it before the validation occurs... because if the certificate is not in keystore , the program fails.
Thanks in advance
J.Hi,
Could you please provide me with the steps necessary to create a web service proxy client through JDeveloper or any other mechanism when 2 way SSL (requiring client authentication) is enabled.
Thanks a lot in advance
Nilesh -
Error calling external web service over HTTPS
Hi everyone
I'm trying to call an external web service over HTTPS, and continually get the following error:
com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException: Peer sent alert: Alert Fatal: handshake failure
I haven't tried doing this before, so not quite sure where to start. I have a client certificate that must be used to access the remote web service, and I think the problem is associating the client cert with the web service call.
Has anyone else tried this before? Any suggestions of where to look?
I've had a brief look at Key Storage in NWA, but it's not something I'm familiar with - so not sure if it's even the right place to be looking.
Some help on this would be great!
Thanks
StuartThanks Aleksandar
Here's the output from the trace. Unfortunately the SAP forums don't allow attachments, so it may be difficult to read. Please let me know if you see anything that may help.
Thanks
Stuart
Time Severity User Thread Location Message
09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@fa1b67
09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@4c8af
09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@b6981b
09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' are configured '10.|127.|192.168.*'.
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' default value is '10.|127.|192.168.*'.
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Loadin mapping file from location :[c:/mapping.txt]
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Additional file for CTS configuration can not be found [c:\mapping.txt (The system cannot find the file specified)].
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider >>>>>>>>> ERROR: Could not find mapping for service QName=vipSoapInterfaceService, class=class com.verisign._2006._08.vipservice.VipSoapInterfaceService
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Creating client instance with WSDL URL [https://pilot-vipservices-auth.verisign.com:443/prov/soap/val/soap] (vipSoapInterfaceService) <com.verisign._2006._08.vipservice.VipSoapInterfaceService>
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Using SAP JAX-WS Implemetation to create service delegate.
09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@5586b0
09:18:26:687 Path Administrator HTTP Worker [0] ~s.espbase.wsdl.exceptions.WSDLException Exception : Peer sent alert: Alert Fatal: handshake failure
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1230)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:147)
at com.sap.exception.BaseException.<init>(BaseException.java:89)
at com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException.<init>(WSDLException.java:34)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:140)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
at javax.xml.ws.Service.<init>(Service.java:57)
at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
Caused by: org.w3c.www.protocol.http.HttpException: Peer sent alert: Alert Fatal: handshake failure
iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure
at iaik.security.ssl.r.f(Unknown Source)
at iaik.security.ssl.x.b(Unknown Source)
at iaik.security.ssl.x.a(Unknown Source)
at iaik.security.ssl.r.d(Unknown Source)
at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
at iaik.security.ssl.SSLTransport.getOutputStream(Unknown Source)
at iaik.security.ssl.SSLSocket.getOutputStream(Unknown Source)
at org.w3c.www.protocol.http.g.markUsed(Unknown Source)
at org.w3c.www.protocol.http.HttpBasicServer.getConnection(Unknown Source)
at org.w3c.www.protocol.http.HttpBasicServer.runRequest(Unknown Source)
at org.w3c.www.protocol.http.HttpManager.runRequest(Unknown Source)
at org.w3c.www.protocol.http.HttpURLConnection.connect(Unknown Source)
at org.w3c.www.protocol.http.HttpURLConnection.a(Unknown Source)
at org.w3c.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.net.URL.openStream(URL.java:1007)
at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:201)
at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:263)
at com.sap.engine.lib.xml.parser.Parser.parse_DTDValidation(Parser.java:282)
at com.sap.engine.lib.xml.parser.Parser.parse(Parser.java:293)
at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:101)
at com.sap.engine.lib.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:127)
at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:146)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:132)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
at javax.xml.ws.Service.<init>(Service.java:57)
at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@20ba3c
09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@26e3bf
09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@f827f6
09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@a8646a
09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@c449f1
09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ B E G I N ].timerId=15
09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ E N D ].timerId=[id:#15, elapsed: 0 ms.] -
BizTalk WCF service over SSL -WSDL is not working
we are exposed BizTalk Schema as Service and deployed in both IIS servers.BTW IIS cluster working as a loadbalancer.
First Question:
The service is exposed over SSL and shared URL like https://DNSName/abc.svc.When they browse the URL with WSDL nothing is getting (i.e.https://DNSName/abc.svc?wsdl).
Please help me why WSDL is not generating
Second Question:
Exposing service over SSL and in web.config making httpgetenabled=true and endpoint name="HttpMexEndpoint enabled.
Then when we browse URL(i.e.https://DNSName/abc.svc) it displaying like http://ipadress/abc.service?wsdl.
So when we click on http://ipadress/abc.service?wsdl ,the wsdl is generated.
Why when we try http://DNSName/abc.service?wsdl ,wsdl not generated.
Instead of displaying IPAddress to end user, we want to display DNSName.how to do it?
Regards BizTalkWorshipHi,
For the problem of SVC file changing to WSDL when you bowse, this normally happens when "httpsHelpPageEnabled" property (in case of HTTPS as your case otherwise httpHelpPageEnabled) of you service is set to "false"
in service's web.config file. When the help page option is set to "false" in the service's web.config file, this happens. Change it to "true"
<serviceDebug httpHelpPageEnabled="true"
Regards,
M.R.Ashwin Prabhu
If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply. -
Generic Java client to invoke web service
Hi,
1.We have a web service HelloWorld registered in UDDI registry (private) of weblogic.
2.We have written a client that returns the WSDL URL and it is inturn passed to another piece of code where it invokes the the remote method of webservice.
In the above case,our problem is that the client we wrote became specific to the webservice(HelloWorld port, HelloWorld everything specific to HelloWorld webservice).
But our intention os that we have to write a client which should be generic to access any webservice by providing the Service Name and business name.
The UDDI publishing and querying is going well with a code where it returns the WSDL url after this we have to write generic code to access the remote method on webservice.
I appreciate anyone give me a solution to solve.
Thanks
VRhi,
The WSDL is available at
http://www.webservicex.net/stockquote.asmx?WSDL.
This WSDL has multiple ports and bindings.How do I
now which port/binding I should use?Hmm, hard to find a general answer. Each <port> element is linked to a single <binding> element. So, if you want to handle a certain binding, you have to access the corresponding port. Talking about your WSDL example, if you want to access the web service over, let's say, HTTP/GET you must access the <port name="StockQuoteHttpGet"> element. If you want to send a SOAP message, you must access the <port name="StockQuoteSoap"> element, and so on.
So depending on what type of message you want/have to send to the server, you have to access the corresponding <port> element.
In my code I am fetching the list of ports using
service.getPorts().Then I am iterating thru the list
and fetching the last port available in the List.I am
using this port further in my program.Is this the
right way?Can I use any port among the ports
available in the service.Generally spoken no! As I explained above, the actual <port> element of interest depends on the type of service you want/have to call. Very seldom the Web Service provider will offer a HTTP version of a certain operation. Mostly you have to hit a SOAP endpoint to get your response.
When I use the above approach I have a problem with
the Ouput format.When executing the webservice
client,the output format received and the output
format mentioned in the WSDL for that portType are
different.I mean, I get an Output format defined by
some other portType than the portType my program is
binded to.
When parsing the above mentioned WSDL,my program
binds to the last port i.e., StockQuoteHttpPost,and
identifies the output format as "Body" tag.
But when I print the Output from the webservice it is
different.It is looks like thisOk, that looks strange indeed. I can't imagine that the web server would respond with a SOAP message to your HTTP/POST request. However, technically it is possible because everything defined in the corresponding WSDL section says that the response will contain an xsd:string. "Body" is the name of the part, to be able to identify it, and does not need to occur in the response. So, the response is probably ok...
<wsdl:message name="GetQuoteHttpPostOut">
<wsdl:part name="Body" element="tns:string"/>
</wsdl:message>Anyway, I would have expected a list of key-value pairs instead:
Symbol=SBYN
Last=3. 17
Date=6/22/2005
Time=3:59pm
Change=0.00
Open=N/A
High=N/A
Low=N/A
Volume=0
MktCap=2 72.0M
PreviousClose=3.17
PercentageChange=0.00%
AnnRange=2.53 - 4.20
Earns=0.04
P-E=79.25
Name=SEEBEYOND TECH COcheerz, r. -
Invoke Web Service error: WS Client ---Deployable Proxy --WS-https
hi all:
I use Deployable Proxy in NWDS to call Web Service(https-SSL)
working on PI7.0 platform
Scenario is :
WSClient(Stateless EJB) -
>Deployable Proxy ---> WS-https
Deployable Proxy setting:
SSL Service Certification : Ignore Service Certification
Run Result is :
Sometimes it works(Really amazing)
Sometimes it doesn't work.
When it doesn't work:
The http response is : HTTP/1.1 500 Internal Server Error
J2EE engine exception log is : pay attention the Strong msg
[EXCEPTION]
com.sap.engine.services.ejb.exceptions.BaseEJBException: Exception in method getVersion.
at com.sap.ejb.VersionLocalLocalObjectImpl0_0.getVersion(VersionLocalLocalObjectImpl0_0.java:119)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.services.webservices.runtime.EJBImplementationContainer.invokeMethod(EJBImplementationContainer.java:126)
at com.sap.engine.services.webservices.runtime.RuntimeProcessor.process(RuntimeProcessor.java:157)
at com.sap.engine.services.webservices.runtime.RuntimeProcessor.process(RuntimeProcessor.java:79)
at com.sap.engine.services.webservices.runtime.servlet.ServletDispatcherImpl.doPost(ServletDispatcherImpl.java:92)
at SoapServlet.doPost(SoapServlet.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Caused by: javax.xml.rpc.soap.SOAPFaultException: java.lang.NullPointerException
at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.buildFaultException(MimeHttpBinding.java:737)
at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.processRpcFault(MimeHttpBinding.java:771)
at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1470)
at com.sap.ws.VersionSoapBindingStub.getVersion(VersionSoapBindingStub.java:74)
at com.sap.ejb.VersionBean.getVersion(VersionBean.java:44)
at com.sap.ejb.VersionLocalLocalObjectImpl0_0.getVersion(VersionLocalLocalObjectImpl0_0.java:103)
... 25 more
javax.xml.rpc.soap.SOAPFaultException: java.lang.NullPointerException
at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.buildFaultException(MimeHttpBinding.java:737)
at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.processRpcFault(MimeHttpBinding.java:771)
at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1470)
at com.sap.ws.VersionSoapBindingStub.getVersion(VersionSoapBindingStub.java:74)
at com.sap.ejb.VersionBean.getVersion(VersionBean.java:44)
at com.sap.ejb.VersionLocalLocalObjectImpl0_0.getVersion(VersionLocalLocalObjectImpl0_0.java:103)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.services.webservices.runtime.EJBImplementationContainer.invokeMethod(EJBImplementationContainer.java:126)
at com.sap.engine.services.webservices.runtime.RuntimeProcessor.process(RuntimeProcessor.java:157)
at com.sap.engine.services.webservices.runtime.RuntimeProcessor.process(RuntimeProcessor.java:79)
at com.sap.engine.services.webservices.runtime.servlet.ServletDispatcherImpl.doPost(ServletDispatcherImpl.java:92)
at SoapServlet.doPost(SoapServlet.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Edited by: paul yang on Mar 9, 2009 8:41 AMHi Paul,
As it sometimes works & throws error in some cases, I would recommend you to try restarting the application server.
Also, as there is some version related issue, you can also try to re-deploy the webservice (I think you are exposing the EJB as webservice), restart the server, deploy new archive & run the application.
Hope this helps you.
Kind Regards,
Nitin -
How to access/invoke Web Service from BPM Process
The following steps required to attach and invoke web service method from process:
1) Add a module in the catalog for ex WebServiceMO
2) Add WebService Catalog component demoWebService in WebServiceMO
3) Put ur WSDL address in WSDL address field like "http://localhost:8080/test/test?wsdl"
4) Click next to introspect the web service it will import required files and setting from the url to your project
5) Now for invoking webservice just call the method for ex.
@return as String[]
getTestStringList(TestInterfaceService, out @return : @return)
logMessage "web service calll result >>"+length(@return)+">>>"+@return[0]
Here @ return is the return from webservice call.
this way u can access web service from BPM process.
Edited by: Anurag Yadav on Jul 17, 2009 2:19 PMI have a web service which does not return any value but when I introspect the web service, I have an out parameter to it.. Not sure why?
For e.g.
TestServiceListener.addTestNotes(TestNotes : testNotes, out TestNoteResponse : testNoteResponse);
So here I see an out parameter, but my web-service has no out parameter...
Any idea why is this happening?
Maybe you are looking for
-
Content does not play.
-
Weird Error Message - Transaction Terminated....
Hi I am running one job at the background and it has failed twice since morning giving this error message in system job log....I cant make out anything out of this any clues??? 07:51:16 prd0ap02_P01_79 BTC 4 100 ZB_JB F6F TemSe obje
-
ITunes Encountered a problem and needs to close on startup
Hi - I'm running the latest version of iTunes (7.1.1.5) on a desktop computer with Windows XP (SP2) and I've had no problems with it up until today. After using iTunes fine yesterday, I tried to open it up today and I get a Windows error message sayi
-
I have already configured payment method suppliment and also specified to use payment method supplements in the activity Set Up All Company Codes for Payment Transactions. I need to sort the printing of checks based on to be mail, courier and registe
-
Hi ABAP GURU, My question is regarding inbound interface where I have to retrieve the begin date of employee in accordance to interface trigger date. How can I get the begin date (BEGDA) of employee