Providing Certificate while generating a SSL client from wcf

Hello,
I am trying to generate a client from a wcf service which has an https endpoint which requires a certificate for authentication, when a try to connect to a web service from flash builder4 by providing the wsdl URI it give me the following error:
There was an error during service introspection.
WSDLException: faultCode=OTHER_ERROR: Unable to resolve imported document at 'https://hassanraza-pc/Service/UserManagerService.svc?wsdl'.: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Can some body help me....
I need to know that how can i tell the flash builder about the certificate or if there is ny other way ....
Thanks in anticipation:

Hi, i'm facing the same issue .

Similar Messages

A fatal error occurred while creating an SSL client credential. The internal error state is 10013.

Hi All
I am seeing the below event appearing in the system log on all our Exchange 2013 servers regularly. I am not seeing any connectivity issues between any clients and the servers and no other issues have been reported at this stage.
Log Name:      System
Source:        Schannel
Date:          10/04/2015 9:21:17 AM
Event ID:      36871
Task Category: None
Level:         Error
Keywords:
User:          SYSTEM
Computer:
Description:
A fatal error occurred while creating an SSL client credential. The internal error state is 10013.
I am not sure if its related to the public certificate we are using or if its related to the one provided from the local CA.I have searched and found other links that suggest it could be related to SSL versions being disabled etc.
All servers are running Windows 2012 R2 Datacenter. The Exchange CAS servers do also sit behind a pair of F5 BIG IP Load Balancers
Any suggestions on where to look?
Thanks

Hi,
According to the event log, the issue is related to Schannel instead of Exchange.
Please try the following steps:
1.In Control Panel, click Administrative Tools, and then double-click Local Security Policy.
2.In Local Security Settings, expand Local Policies, and then click Security Options.
3.Under Policy in the right pane, double-click System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing, and then click Enabled.
4. Ran gpupdate /force
If it doesn’t work, please go to C:\ProgramData\Microsoft\Crypto\RSA and grant "Network Services" Read permission to "MachineKeys" folder. Then restart server to have a try.
Here is a similar thread for your reference:
https://social.technet.microsoft.com/Forums/lync/en-US/e70a8dbc-6f48-4fde-a93b-783554344822/a-fatal-error-occurred-when-attempting-to-access-the-ssl-client-credential-private-key?forum=ocscertificates
Regards,
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Winnie Liang
TechNet Community Support

A fatal error occurred while creating an SSL client credential. The internal error state is 10011.

Need help. I have my pilot lync 2013 pool up (in coexistence with 2010 production environment) and can log into Lync 2013 environment with a lync 2010 client but am not able to with a lync 2013 client. It just prompts for password but will not
take it. I'm sseeing this on my front end server multiple times:
A fatal error occurred while creating an SSL client credential. The internal error state is 10011.
Came across this http://www.logicspot.net/index.php?id=50 and tried disabling TLS 1.2, which I did and verified but yet the issue still exists.
All my certs are good coming from internal CA. My signin logs show below but keep in mind, this works just fine if using a 2010 lync client to my lync 2013 servers. Issue only occurs when trying to connect using a lync 2013 client.
1 Login: FAIL (hr = 0x1)
this request needs authentication, trying webticket from: https://domain.com/WebTicket/WebTicketService.svc
1.1 Get-NewWebTicket: FAIL (hr = 0x1)
CLogonCredentialManager::QueryForSpecificCreds() Credential user 0x069B64A0 id=15 querying for specific credentials, credSuccess=2, targetName=Microsoft_OC1:[email protected]:specific:LAD:1
1.1.1 ExecuteWithMetadataInternal: FAIL (hr = 0x3d0000)
Executing wws method with windows auth auth, asyncContext=0A4FC348,
context: WebRequest context@ :173931816
MethodType:4
ExecutionComplete? :1
Callback@ :0A5A1864
AsyncHResult:80f10041
TargetUri:https://domain.com/WebTicket/WebTicketService.svc
OperationName:http://tempuri.org/:IWebTicketService
Error:
There was an error communicating with the endpoint at 'https://domain.com/WebTicket/WebTicketService.svc'.
The server returned HTTP status code '401 (0x191)' with text 'Unauthorized'.
The requested resource requires user authentication.
1.1.2 ExecuteWithWindowsOrNoAuthInternal: PASS
1.1.3 ExecuteWithWindowsOrNoAuthInternal: FAIL (hr = 0x3d0000)
Executing wws method with windows auth auth, asyncContext=0A4FC348,
context: WebRequest context@ :173931816
MethodType:4
ExecutionComplete? :1
Callback@ :0A5A1864
AsyncHResult:80f10041
TargetUri:https://domain.com/WebTicket/WebTicketService.svc
OperationName:http://tempuri.org/:IWebTicketService
Error:
There was an error communicating with the endpoint at 'https://domain.com/WebTicket/WebTicketService.svc'.
The server returned HTTP status code '401 (0x191)' with text 'Unauthorized'.
The requested resource requires user authentication.
1.1.4 ExecuteWithWindowsOrNoAuthInternal: FAIL (hr = 0x3d0000)
Discovery task(0A4FF830) sent to URL http://domain.com completed with hr=0x80f10045
1.1.5 ExecuteWithWindowsOrNoAuthInternal: FAIL (hr = 0x3d0000)
Executing wws method with windows auth auth, asyncContext=0A4FC348,
context: WebRequest context@ :173931816
MethodType:4
ExecutionComplete? :1
Callback@ :0A5A1864
AsyncHResult:80f10041
TargetUri:https://domain.com/WebTicket/WebTicketService.svc
OperationName:http://tempuri.org/:IWebTicketService
Error:
There was an error communicating with the endpoint at 'https://domain.com/WebTicket/WebTicketService.svc'.
The server returned HTTP status code '401 (0x191)' with text 'Unauthorized'.
The requested resource requires user authentication.
1.1.6 ExecuteWithWindowsOrNoAuthInternal: FAIL (hr = 0x3d0000)
CLogonCredentialManager::QueryForSpecificCreds() Credential user 0x069B64A0 id=15 querying for specific credentials, credSuccess=2, targetName=Microsoft_OC1:[email protected]:specific:LAD:1
Rich

Hi,
Please check the server role and Web Services for Internet Information Services (IIS) are set correctly.
For the detailed IIS configuration, please check:
http://technet.microsoft.com/en-us/library/gg412871.aspx
As Lync client 2013 attempt to query in order to perform autodiscover of the Lync registration server. First
lyncdiscoverinternal.<sipdomain> Host (A) record and then
lyncdiscover.<sipdomain> Host (A) record. If neither of these records are resolvable then the legacy DNS SRV and A record fall-back process is used. So make sure you have add the two A record in DNS server.
More details:
http://blog.schertz.name/2012/12/lync-2013-client-autodiscover/
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
sure that you completely understand the risk before retrieving any suggestions from the above link.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support

Error while generating new proxy-client

Hi,
I'm trying to generate a proxy-client from the following WSDL file: https://www.anlagenkataster.de/opencms/services/ZuesService?wsdl=1.1
Unfortunately the generation aborts everytime I try saying:
"Exception occurred in library handler
Incorrect value: Unknown Namespace http://schemas.xmlsoap.org/soap/encoding/"
I also tried the WSDL using SoapUI and it works fine...
Has anyone an idea how I will get ABAP to generate the client?
Thanks,
Dennis

Change encoding name space
<import namespace="http://schemas.xmlsoap.org/soap/encoding/"/>
to
<import namespace="http://schemas.xmlsoap.org/soap/encoding/" schemaLocation="http://schemas.xmlsoap.org/soap/encoding/"/>
After that also you will get error communication framework error then use below thread
Error in HTTP Framework: 404conn failed

ClassNotFoundException while invoking jax-ws client from OIM 10g

Hi,
As part of integrating FoxT with OIM, I've generated stub classes from FoxT wsdl using wsimport of jax-ws RI. While trying to invoke any webservice method from the process task I am getting below error -
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpFOXTCREATEUSER.FOXTCREATEUSER(adpFOXTCREATEUSER.java:161)
        at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpFOXTCREATEUSER.implementation(adpFOXTCREATEUSER.java:106)
        at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
        at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
        at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
        at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
        at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
        at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
        at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.addProcessTaskInstance(Unknown Source)
        at com.thortech.xl.ejb.beans.tcProvisioningOperationsSession.addProcessTaskInstance(Unknown Source)
        at com.thortech.xl.ejb.beans.tcProvisioningOperations_b03yxm_EOImpl.addProcessTaskInstance(tcProvisioningOperations_b03yxm_EOImpl.java:1518)
        at Thor.API.Operations.tcProvisioningOperationsClient.addProcessTaskInstance(Unknown Source)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(Unknown Source)
        at weblogic.security.Security.runAs(Security.java:41)
        at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
        at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
        at $Proxy61.addProcessTaskInstance(Unknown Source)
        at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.addTask(Unknown Source)
        at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.dispatchConfirmation(Unknown Source)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
        at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
        at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
        at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
        at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
        at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
        at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
        at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
        at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
        at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
        at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
        at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
        at com.thortech.xl.webclient.security.CSRFFilter.doFilter(Unknown Source)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
        at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(Unknown Source)
        at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
        at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
        at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: java.lang.NoClassDefFoundError: Lcom/foxt/mds/ws/generated/AddUserxRolePars;
        at java.lang.Class.getDeclaredFields0(Native Method)
        at java.lang.Class.privateGetDeclaredFields(Class.java:2291)
        at java.lang.Class.getDeclaredFields(Class.java:1743)
        at com.sun.xml.bind.v2.model.nav.ReflectionNavigator.getDeclaredFields(ReflectionNavigator.java:249)
        at com.sun.xml.bind.v2.model.nav.ReflectionNavigator.getDeclaredFields(ReflectionNavigator.java:58)
        at com.sun.xml.bind.v2.model.impl.ClassInfoImpl.findFieldProperties(ClassInfoImpl.java:362)
        at com.sun.xml.bind.v2.model.impl.ClassInfoImpl.getProperties(ClassInfoImpl.java:296)
        at com.sun.xml.bind.v2.model.impl.RuntimeClassInfoImpl.getProperties(RuntimeClassInfoImpl.java:176)
        at com.sun.xml.bind.v2.model.impl.ModelBuilder.getClassInfo(ModelBuilder.java:243)
        at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:98)
        at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:79)
        at com.sun.xml.bind.v2.model.impl.ModelBuilder.getClassInfo(ModelBuilder.java:209)
        at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:93)
        at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:79)
        at com.sun.xml.bind.v2.model.impl.ModelBuilder.getTypeInfo(ModelBuilder.java:315)
        at com.sun.xml.bind.v2.model.impl.RegistryInfoImpl.<init>(RegistryInfoImpl.java:99)
        at com.sun.xml.bind.v2.model.impl.ModelBuilder.addRegistry(ModelBuilder.java:357)
        at com.sun.xml.bind.v2.model.impl.ModelBuilder.getTypeInfo(ModelBuilder.java:327)
        at com.sun.xml.bind.v2.runtime.JAXBContextImpl.getTypeInfoSet(JAXBContextImpl.java:432)
        at com.sun.xml.bind.v2.runtime.JAXBContextImpl.<init>(JAXBContextImpl.java:286)
        at com.sun.xml.bind.v2.ContextFactory.createContext(ContextFactory.java:139)
        at com.sun.xml.bind.api.JAXBRIContext.newInstance(JAXBRIContext.java:105)
        at com.sun.xml.ws.model.AbstractSEIModelImpl$1.run(AbstractSEIModelImpl.java:153)
        at com.sun.xml.ws.model.AbstractSEIModelImpl$1.run(AbstractSEIModelImpl.java:148)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sun.xml.ws.model.AbstractSEIModelImpl.createJAXBContext(AbstractSEIModelImpl.java:148)
        at com.sun.xml.ws.model.AbstractSEIModelImpl.postProcess(AbstractSEIModelImpl.java:87)
        at com.sun.xml.ws.model.RuntimeModeler.buildRuntimeModel(RuntimeModeler.java:264)
        at com.sun.xml.ws.client.WSServiceDelegate.buildRuntimeModel(WSServiceDelegate.java:660)
        at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.buildRuntimeModel(WLSProvider.java:407)
        at com.sun.xml.ws.client.WSServiceDelegate.addSEI(WSServiceDelegate.java:648)
        at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:330)
        at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.getPort(WLSProvider.java:389)
        at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:313)
        at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:306)
        at javax.xml.ws.Service.getPort(Service.java:92)
        at com.foxt.mds.ws.generated.MDSImplService.getMDSImplPort(MDSImplService.java:68)
        at com.centurylink.identity.adapter.processtask.FoxTUserOperations.CreateUser(FoxTUserOperations.java:351)
        ... 60 more
Caused by: java.lang.ClassNotFoundException: com.foxt.mds.ws.generated.AddUserxRolePars
        at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:283)
        at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:256)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
        at weblogic.utils.classloaders.GenericClassLoader.loadClass(GenericClassLoader.java:176)
        ... 98 more
com.thortech.xl.dataobj.util.tcAdapterTaskException: Lcom/foxt/mds/ws/generated/AddUserxRolePars;
        at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpFOXTCREATEUSER.FOXTCREATEUSER(adpFOXTCREATEUSER.java:167)
        at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpFOXTCREATEUSER.implementation(adpFOXTCREATEUSER.java:106)
        at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
        at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
        at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
        at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
        at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
        at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
        at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.addProcessTaskInstance(Unknown Source)
        at com.thortech.xl.ejb.beans.tcProvisioningOperationsSession.addProcessTaskInstance(Unknown Source)
        at com.thortech.xl.ejb.beans.tcProvisioningOperations_b03yxm_EOImpl.addProcessTaskInstance(tcProvisioningOperations_b03yxm_EOImpl.java:1518)
        at Thor.API.Operations.tcProvisioningOperationsClient.addProcessTaskInstance(Unknown Source)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(Unknown Source)
        at weblogic.security.Security.runAs(Security.java:41)
        at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
        at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
        at $Proxy61.addProcessTaskInstance(Unknown Source)
        at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.addTask(Unknown Source)
        at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.dispatchConfirmation(Unknown Source)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
        at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
        at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
        at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
        at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
        at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
        at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
        at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
        at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
        at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
        at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
        at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
        at com.thortech.xl.webclient.security.CSRFFilter.doFilter(Unknown Source)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
        at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(Unknown Source)
        at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
        at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
        at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
The class file its complaining about AddUserxRolePars exists in FoxTWS.jar (generated from wsimport) in ThirdParty, ext and JavaTasks directory on the server and still it complains for the same.
I tried running the same class from the command prompt on the same server and it's working fine. Thinking this could be classpath issue, I tried updating the classpath (System.setProperty("java.class.path","<jar file path>+<existing classpath>")) from with in the adapter class file and it still does not help.
Any thoughts on how to resolve this ??
Thanks in Advance.

You can use below policy for 2-way SSL
Wssp1.2-Https-ClientCertReq.xml
Two way SSL. The recipient checks for the initiator's public certificate. Note that the client certificate can be used for authentication.
http://docs.oracle.com/cd/E14571_01/web.1111/e13713/message.htm#i243732
Please follow below link to invoke standalone client using SSLSocketFactory for 2-way SSL
http://docs.oracle.com/cd/E14571_01/web.1111/e13713/transport.htm#CIHICEHH
HTH
Regards,
Sunil

Running ssl client from multiple applications fails in Sap j2ee engine

There are two applications making ssl connections to third party.
At a time only one application is able to make connection while other
throws error message <b>"No trusted certificate found".</b>
Currently we have two j2ee applications running in SAP j2ee server. Both applications makes ssl connection to third party servers. Lets call first application as A1 and second application as A2.
A1 is an internet shopping application . It makes ssl connection to third party services at two places . One is while fetching the shipping charges from UPS site.
Code Snippet:
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.getProperties().put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
String lo_url = new URL("https://wwwcie.ups.com/ups.app/xml/Rate");
lo_connection = (URLConnection) lo_url.openConnection();
At other place A1 connects to cybersource service using webservice +ssl for credit card authentication using cybersource API. It uses certificate in p12 format.
Code Snippet:
com.cybersource.ws.client.axis.soap.RequestMessage lo_requestMessage = new com.cybersource.ws.client.axis.soap.RequestMessage();
Properties lo_cybsProperties = new Properties();
lo_cybsProperties.setProperty("merchantId","arvato");
lo_cybsProperties.setProperty("merchantRefCode","1234")
lo_requestMessage.setMerchantID( "arvato");
lo_requestMessage.setMerchantReferenceCode( "1234" );
lo_cybsProperties.setProperty("cybersourceURL","https://ics2wstest.ic3.com/commerce/1.x/transactionProcessor");
lo_cybsProperties.setProperty("keysDir", "./WEB-INF/config");
lo_requestMessage.setBillTo(setBillToAddress(po_mdsBillingAddress) );
// add ship to address
lo_requestMessage.setShipTo(setShipToAddress(po_mdsShiToAddress));
lo_requestMessage.setPurchaseTotals( setPurchaseTotal() );
//set cc details
lo_requestMessage.setCard( setCardDetails(po_mdsCreditCard) );
Set Items and total tax calculation
lo_replyMessage = com.cybersource.ws.client.axis.soap.Client.runTransaction( lo_requestMessage, lo_cybsProperties );
A2 Application
This application connects to Motorola secured web service to fetch details of mobile hand set. It uses keystore to create ssl connection with Motorola webservice.
Code Snippet
try {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
          return new java.security.cert.X509Certificate[0];
     public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (Exception e) {
e.printStackTrace();
System.setProperty("javax.net.ssl.trustStore","SapWSM.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","xxxx");
System.setProperty("javax.net.ssl.keyStore","SapWSM.keystore");
System.setProperty("javax.net.ssl.keyStorePassword","xxxx");
Problem Cases :
Case 1
Step 1 : Server starts
Step 2 : User access A1 first
Step3: A1 Connects to UPS using https (It is able to connect)
Step4: A1 connects to cybersource using webservice+ssl (It is able to connect)
Step 5: Another user access A2
Step6: A2 tries connection to Motorola webservice over ssl
Result connectivity fails with description "No trusted certificate found".
Case2
Step 1 : Server starts
Step 2 : User access A2 first
Step3: A2 tries connection to Motorola webservice over ssl (It is able to connect)
Step 5: Another user access A1
Step6: A1 connects to cybersource using webservice+ssl
Result connectivity fails with description "No trusted certificate found".
Case3
Step 1 : Server starts
Step 2 : User access A2 first
Step3: A2 tries connection to Motorola webservice over ssl (It is able to connect)
Step 5: Another user access A1
Step6: A1 connects to UPS using ssl
Result connectivity fails with description "No trusted certificate found".

Hi Please answer my query it is really <b>
urgen
t</b> and we are not able to run both the applications in same server

Error while generating ABAP proxy client

Hi,
I want to consume a webservice.
webservice URL is http://www.w3schools.com/webservices/tempconvert.asmx?WSDL
I can import WSDL in soapUI and get the response.
But while generating proxy in SAP, ( SE80 -> Enterprise Service ->service consumer -> URL/HTTP Destination -> URL -> local object -> complete ) it throws the following error:
Exception occurred in communication framework:Error in HTTP
Framework:404conn failedhttp://www.w3schools.com/webservices/tempconvert
.asmx?WSDL
Thanks in advance,
Rajkamal

Hi,
I've implemented this proxy without problem and it's working fine in my case (I didn't have to store WSDL file localy and do any changes in it - Netweaver 7.2). If it's not SAP issue as Brad proposed then maybe network admins have set filters that are blocking communication with this service
Best regards
Marcin Cholewczuk

Error while generating an XML Document from XML Schema with JAXB

Hi,
I am following this OTN tutorial to generate the XML document from Java classes got from the XSD document.
http://www.oracle.com/technology/pub/notes/technote_jaxb.html
I am able to generate all the Java classes but getting error on compiling the XMLConstructor.java class which is use for generating the XML document :
I am using JDK 1.5 and
Oracle 10g XML Developer's Kit (XDK) Production for Java. xdk_nt_10_1_0_2_0_production
(though these are warnings I am not able to run it.)
Error
C:\Prototype\classes\jaxbderived\catalog>javac -Xlint XMLConstructor.java
warning: [path] bad path element "%CLASSPATH%": no such file or directory
XMLConstructor.java:42: warning: [unchecked] unchecked call to add(E) as a member of the raw type java.util.List
journalList.add(journal);
^
XMLConstructor.java:46: warning: [unchecked] unchecked call to add(E) as a membe
r of the raw type java.util.List
articleList.add(article);
Thanks
Sanjeev ([email protected])

Use JDK 1.4.

Error while generating a flat file from oracle database

i have imported three knowledge modules for the interafce.
LKM SQL to SQL
IKM SQL to FILE Append
CKM oracle
I have tried executing the interface in following ways
1. checked the staging area different from target and choosed SUNOPSIS_MEMORY_ENGINE. three boxes appeared in the flow but i could not see any of the knowledge modules in the flow and i could not select form the drop down also.
all the three boxes were showing the error.
2. checked the staging area different from target and choosed a oracle logical schema. my flow has two boxes.
For the source i have given LKM SQL to SQL and for target i have given IKM SQL to FILE append
But the interface is erroring out while creating the load table... the error message is missing parameter
IS there anything i have to do apart from this

if your file ouput file has Date field,Numeric field then there is a chance for failure. Try making all the output fields as Varchar2.
-app

Column heading is not coming while generating a .csv file from .sql file

Hi all,
Now since I am able to generate a .csv file by executing my .sql file, the column heading is missing in that. Please advise. I have used the following parameters in my query:
set linesize 1000
set colsep ','
set echo off
set feedback off
set pagesize 0
set trimspool on
spool /path/file.csv
select ...... from .... where .....;
spool off
exit

set pagesize 0 <-- your problem
you must set it into a high value (max value 50000)
see:
SQL> select * from dual;
D
X
SQL> set pagesize 0
SQL> select * from dual;
X
SQL> set pagesize 50000
SQL> select * from dual;
D
X

Unknown SSL connection from servers

We have four Windows 2008 R2 servers hosting Exchange 2010 CAS/HUB Transport roles combined on each, we are having an issue where these hosts are trying to connect to a front-end pool IP address in the DMZ every few seconds using HTTPS. I would like
to know if there is a way to trace which application could be generating this SSL traffic from within those hosts, as it is Exchange doesn't seem to be the culprit but not 100% sure. We run some websites behind this IP address in the DMZ, but
nothing related to Exchange; therefore perhaps something on the system side, but haven't been able to locate any entries on the logs that could point us to an application. Any suggestions are appreciated.
FLaidman

Hi,
I think NetMon helps with this situation.
You can also run “netstat –on” on one of these hosts, notice the connection with foreign port 443. Check task manager
if there is a process with the same PID. Since the connection status is unknown, if this connection cannot be see in netstat, you will have to capture packets.
Hope this helps.

Weblogic 8.1 :: Getting error while generating Client java class from WSDL

Hi,
For SOAP webservice, I am using ant script to generate java client from WSDL but getting below error. Please inform if any suggestion to resolve this.
Also let me know if any other alternative to generate client java code.
Ant script:
===========
<project name="project" default="generateClientJar">
     <property file="build.property">
     </property>
     <taskdef name="clientgen" classname="weblogic.ant.taskdefs.webservices.clientgen.ClientGenTask">
          <classpath>
               <fileset dir="${build_lib.dir}" includes="*.jar" />
          </classpath>
     </taskdef>
     <path id="compile_path">
          <pathelement location="C:/jar/wls-api.jar" />
          <pathelement location="${build_lib.dir}/weblogic.jar" />
          <pathelement location="C:/jar/webserviceclient+ssl.jar" />
          <pathelement location="D:/Java_Src_10.1.0/nextgen_arch/wlpatch/webservices.jar" />
     </path>
     <target name="generateClientJar" depends="generate.client">
<clientgen wsdl="${wsdl.file}" classpathref="compile_path"
serviceName="${service.name}"
packageName= "${client.pkg}"
clientJar="${ws.client.name}" />
     </target>
     <target name="generate.client" description="Generate web-services client">
          <property name="wsdl.file" value="${sms.wsdl.file}"/>
          <property name="client.pkg" value="${sms.client.pkg}"/>
          <property name="ws.client.name" value="${ws.sms.name}"/>
          <property name="service.name" value="${sms.service.name}"/>
     </target>
</project>
build.property file
===========
base=C:/SMS
lib=E:/jar_path
sms.wsdl.file=${base}/SMS.wsdl
sms.client.pkg=com.db.dbdi.gtbportal.sms.client
ws.sms.name=${lib}/ws_SmsService_client.jar
sms.service.name=SMSService
build_lib.dir = E:/jar_path
Error log:
================
Buildfile: D:\Java_Src_10.1.0\ant\build_weblogic8.xml
generate.client:
generateClientJar:
[clientgen] Generating client jar for C:/SMS/SMS.wsdl ...
[clientgen] C:\Documents and Settings\amitkumar.patel\Local Settings\Temp\ws_SmsService_client.jar699419996\com\db\dbdi\gtbportal\sms\client\SMSPort.java:15: parameters is already defined in sendSMS(com.db.portal.webservices.sms.SendSMS,com.db.portal.webservices.sms.holders.SendSMSResponseHolder)
[clientgen] public void sendSMS(com.db.portal.webservices.sms.SendSMS parameters, com.db.portal.webservices.sms.holders.SendSMSResponseHolder parameters)
[clientgen] ^
[clientgen] C:\Documents and Settings\amitkumar.patel\Local Settings\Temp\ws_SmsService_client.jar699419996\com\db\dbdi\gtbportal\sms\client\SMSPort.java:21: parameters is already defined in getStatus(com.db.portal.webservices.sms.GetStatus,com.db.portal.webservices.sms.holders.GetStatusResponseHolder)
[clientgen] public void getStatus(com.db.portal.webservices.sms.GetStatus parameters, com.db.portal.webservices.sms.holders.GetStatusResponseHolder parameters)
[clientgen] ^
[clientgen] C:\Documents and Settings\amitkumar.patel\Local Settings\Temp\ws_SmsService_client.jar699419996\com\db\dbdi\gtbportal\sms\client\SMSPort_Stub.java:20: parameters is already defined in sendSMS(com.db.portal.webservices.sms.SendSMS,com.db.portal.webservices.sms.holders.SendSMSResponseHolder)
[clientgen] public void sendSMS(com.db.portal.webservices.sms.SendSMS parameters, com.db.portal.webservices.sms.holders.SendSMSResponseHolder parameters)
[clientgen] ^
[clientgen] C:\Documents and Settings\amitkumar.patel\Local Settings\Temp\ws_SmsService_client.jar699419996\com\db\dbdi\gtbportal\sms\client\SMSPort_Stub.java:39: parameters is already defined in getStatus(com.db.portal.webservices.sms.GetStatus,com.db.portal.webservices.sms.holders.GetStatusResponseHolder)
[clientgen] public void getStatus(com.db.portal.webservices.sms.GetStatus parameters, com.db.portal.webservices.sms.holders.GetStatusResponseHolder parameters)
[clientgen] ^
[clientgen] Note: C:\Documents and Settings\amitkumar.patel\Local Settings\Temp\ws_SmsService_client.jar699419996\com\db\dbdi\gtbportal\sms\client\SMSService.java uses or overrides a deprecated API.
[clientgen] Note: Recompile with -deprecation for details.
[clientgen] 4 errors
*[*clientgen] java.io.IOException: Compiler failed executable.exec**
[clientgen] at weblogic.utils.compiler.CompilerInvoker.compileMaybeExit(CompilerInvoker.java:470)
[clientgen] at weblogic.utils.compiler.CompilerInvoker.compile(CompilerInvoker.java:328)
[clientgen] at weblogic.utils.compiler.CompilerInvoker.compile(CompilerInvoker.java:336)
[clientgen] at weblogic.webservice.tools.build.internal.CompilerHelper.compileFiles(CompilerHelper.java:80)
[clientgen] at weblogic.webservice.tools.build.internal.ClientGenImpl.compileStubs(ClientGenImpl.java:627)
[clientgen] at weblogic.webservice.tools.build.internal.ClientGenImpl.generateStub(ClientGenImpl.java:572)
[clientgen] at weblogic.webservice.tools.build.internal.ClientGenImpl.doClientGenFromWsdl(ClientGenImpl.java:409)
[clientgen] at weblogic.webservice.tools.build.internal.ClientGenImpl.run(ClientGenImpl.java:340)
[clientgen] at weblogic.ant.taskdefs.webservices.clientgen.ClientGenTask.doClientGen(ClientGenTask.java:351)
[clientgen] at weblogic.ant.taskdefs.webservices.clientgen.ClientGenTask.execute(ClientGenTask.java:208)
[clientgen] at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
[clientgen] at org.apache.tools.ant.Task.perform(Task.java:364)
[clientgen] at org.apache.tools.ant.Target.execute(Target.java:341)
[clientgen] at org.apache.tools.ant.Target.performTasks(Target.java:369)
[clientgen] at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
[clientgen] at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
[clientgen] at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:40)
[clientgen] at org.eclipse.ant.internal.ui.antsupport.EclipseDefaultExecutor.executeTargets(EclipseDefaultExecutor.java:32)
[clientgen] at org.apache.tools.ant.Project.executeTargets(Project.java:1068)
[clientgen] at org.eclipse.ant.internal.ui.antsupport.InternalAntRunner.run(InternalAntRunner.java:423)
[clientgen] at org.eclipse.ant.internal.ui.antsupport.InternalAntRunner.main(InternalAntRunner.java:137)
BUILD FAILED
D:\Java_Src_10.1.0\ant\build_weblogic8.xml:34: weblogic.webservice.tools.build.WSBuildException: Compiler failed executable.exec - with nested exception:
[java.io.IOException: Compiler failed executable.exec]
Total time: 1 minute 12 seconds

Hi,
Can u Please post the WSDL..here. I remember long back i resolved this kind of issue...when i was getting "*parameters is already defined in - - -*" while using ClientGen.
Once i will get the WSDL may be i can recall it...
If u have any problem in Posting the WSDL..in Forums .. then let me know I will send my E-Mail Address...
As far as i remember ..it usually happens when we Run ClientGen task of WLS81 ON the WebService/WSDL generated by WebLogic 9.x or Above. Please let me know if this is the Case with you as well... . I remember there is a Patch for it...for WLS8 ClientGen task...I dont remember the Patch Number Exactly.
Just For testing:
Just Use WLS9.x ClientGen task On the Same WSDL
<taskdef name="clientgen" classname="weblogic.wsee.tools.anttasks.ClientGenTask" />
I am sure you will not see this issue... because the issue is there only with WLS8 Clientgen...
Thanks
Jay SenSharma
http://jaysensharma.wordpress.com (WebLogic Wonders Are Here)
Edited by: Jay SenSharma on Jan 8, 2010 4:32 PM
Edited by: Jay SenSharma on Jan 8, 2010 4:34 PM

Error while generating java client code from wsdl file

I am trying to generate a java client code from WSDL file um_workflowSaveCreateProfile.wsdl which includes um_workflowSaveCreateProfile_interface.wsdl file, so I am keeping both the files in the same folder and trying to generate the client code but it is showing me the below error highlighted .
um_workflowSaveCreateProfile.wsdl
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:xsd="E:/DIPPWF/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:oblix="http://www.oblix.com/" xmlns:obinterface="http://www.oblix.com/wsdl/um_workflowSaveCreateProfile_interface" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:tns="http://www.oblix.com/wsdl/um_workflowSaveCreateProfile" targetNamespace="http://www.oblix.com/wsdl/um_workflowSaveCreateProfile">
     <import namespace="D:/DIPP/WSDL/um_workflowSaveCreateProfile_interface" location="um_workflowSaveCreateProfile_interface.wsdl"/>
     <service name="OblixIDXML_um_workflowSaveCreateProfile_Service">
          <port name="OblixIDXML_um_workflowSaveCreateProfile_Port" binding="obinterface:OblixIDXML_um_workflowSaveCreateProfile_Binding">
               <soap:address location="http://localhost:7777/identity/oblix/apps/userservcenter/bin/userservcenter.cgi"/>
          </port>
     </service>
</definitions>
um_workflowSaveCreateProfile_interface.wsdl
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:oblix="http://www.oblix.com/" xmlns:oblixxmllocalschema="http://www.oblix.com/OblixXMLLocalSchema" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:tns="http://www.oblix.com/wsdl/um_workflowSaveCreateProfile_interface" targetNamespace="http://www.oblix.com/wsdl/um_workflowSaveCreateProfile_interface">
     <types>
          <xsd:schema targetNamespace="http://www.oblix.com/" elementFormDefault="qualified"
               xmlns="http://www.oblix.com/"
               xmlns:xsd="http://www.w3.org/2001/XMLSchema">
                    <xsd:include schemaLocation="../XMLSchema/common_parameters.xsd" />
                    <xsd:include schemaLocation="../XMLSchema/common_authentication.xsd" />
                    <xsd:include schemaLocation="../XMLSchema/workflowSaveCreateProfile.xsd" />
          </xsd:schema>
          <xsd:schema targetNamespace="http://www.oblix.com/OblixXMLLocalSchema" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
               <xsd:element name="request">
                    <xsd:complexType>
                         <xsd:sequence>
                              <xsd:element name="params">
                                   <xsd:complexType>
                                        <xsd:sequence>
                                             <xsd:element ref="oblix:ObWorkflowName"/>
                                             <xsd:element ref="oblix:ObDomainName"/>
                                             <xsd:element ref="oblix:ObWfComment" minOccurs="0"/>
                                             <xsd:element ref="oblix:noOfFields"/>
                                             <xsd:element ref="oblix:AttributeParams"/>
                                        </xsd:sequence>
                                   </xsd:complexType>
                              </xsd:element>
                         </xsd:sequence>
                         <xsd:attribute name="version" type="xsd:string" use="optional"/>
                         <xsd:attribute name="application" type="xsd:string" use="required" />
                         <xsd:attribute name="function" type="xsd:string" use="required" />
                         <xsd:attribute name="mode" type="xsd:string" use="optional"/>
                    </xsd:complexType>
               </xsd:element>
          </xsd:schema>
     </types>
     <message name="OblixIDXMLInput">
          <part name="authentication" element="oblix:authentication"/>
          <part name="request" element="oblixxmllocalschema:request"/>
     </message>
     <message name="OblixIDXMLOutput">
          <part name="body" element="oblix:Oblix"/>
     </message>
     <portType name="OblixIDXMLPortType">
          <operation name="OblixIDXML_um_workflowSaveCreateProfile">
               <input message="tns:OblixIDXMLInput"/>
               <output message="tns:OblixIDXMLOutput"/>
          </operation>
     </portType>
     <binding name="OblixIDXML_um_workflowSaveCreateProfile_Binding" type="tns:OblixIDXMLPortType">
          <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
          <operation name="OblixIDXML_um_workflowSaveCreateProfile">
               <soap:operation soapAction="http://www.oblix.com/"/>
               <input>
                    <soap:body use="literal"/>
               </input>
               <output>
                    <soap:body use="literal"/>
               </output>
          </operation>
     </binding>
</definitions>
I am using WSDL2 Java for generating the client code .
Please suggest where am I wrong .
E:\axis2-1.4\bin>WSDL2Java -uri E:\DIPPWF\um_workflowSaveCreateProfile.wsdl -p R
ND -d adb -s -o build\client--http-proxy-host 10.74.93.35 --http-proxy-port 80
Using AXIS2_HOME: E:\axis2-1.4
Using JAVA_HOME: C:\Program Files\Java\jdk1.6.0_02
Retrieving document at 'E:\DIPPWF\um_workflowSaveCreateProfile.wsdl'.
Retrieving document at 'um_workflowSaveCreateProfile_interface.wsdl', relative t
o 'file:/E:/DIPPWF/um_workflowSaveCreateProfile.wsdl'.
Retrieving schema at 'E:/DIPPWF/XMLSchema/common_parameters.xsd', relative to 'f
ile:/E:/DIPPWF/um_workflowSaveCreateProfile_interface.wsdl'.
Retrieving schema at 'E:/DIPPWF/XMLSchema/common_authentication.xsd', relative t
o 'file:/E:/DIPPWF/um_workflowSaveCreateProfile_interface.wsdl'.
Retrieving schema at 'E:/DIPPWF/XMLSchema/workflowSaveCreateProfile.xsd', relati
ve to 'file:/E:/DIPPWF/um_workflowSaveCreateProfile_interface.wsdl'.
Retrieving schema at 'navbar.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/workfl
owSaveCreateProfile.xsd'.
Retrieving schema at 'searchform.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/wo
rkflowSaveCreateProfile.xsd'.
Retrieving schema at 'component_basic.xsd', relative to 'file:/E:/DIPPWF/XMLSche
ma/workflowSaveCreateProfile.xsd'.
Retrieving schema at 'displaytype.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/c
omponent_basic.xsd'.
Retrieving schema at 'error.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/compone
nt_basic.xsd'.
Retrieving schema at 'component_workflowTicket.xsd', relative to 'file:/E:/DIPPW
F/XMLSchema/workflowSaveCreateProfile.xsd'.
Retrieving document at 'E:\DIPPWF\um_workflowSaveCreateProfile.wsdl'.
Retrieving document at 'um_workflowSaveCreateProfile_interface.wsdl', relative t
o 'file:/E:/DIPPWF/um_workflowSaveCreateProfile.wsdl'.
Retrieving schema at 'E:/DIPPWF/XMLSchema/common_parameters.xsd', relative to 'f
ile:/E:/DIPPWF/um_workflowSaveCreateProfile_interface.wsdl'.
Retrieving schema at 'E:/DIPPWF/XMLSchema/common_authentication.xsd', relative t
o 'file:/E:/DIPPWF/um_workflowSaveCreateProfile_interface.wsdl'.
Retrieving schema at 'E:/DIPPWF/XMLSchema/workflowSaveCreateProfile.xsd', relati
ve to 'file:/E:/DIPPWF/um_workflowSaveCreateProfile_interface.wsdl'.
Retrieving schema at 'navbar.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/workfl
owSaveCreateProfile.xsd'.
Retrieving schema at 'searchform.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/wo
rkflowSaveCreateProfile.xsd'.
Retrieving schema at 'component_basic.xsd', relative to 'file:/E:/DIPPWF/XMLSche
ma/workflowSaveCreateProfile.xsd'.
Retrieving schema at 'displaytype.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/c
omponent_basic.xsd'.
Retrieving schema at 'error.xsd', relative to 'file:/E:/DIPPWF/XMLSchema/compone
nt_basic.xsd'.
Retrieving schema at 'component_workflowTicket.xsd', relative to 'file:/E:/DIPPW
F/XMLSchema/workflowSaveCreateProfile.xsd'.
*[ERROR] More than one part for message OblixIDXMLInput*
org.apache.axis2.description.WSDL11ToAxisServiceBuilder$WSDLProcessingException:
More than one part for message OblixIDXMLInput
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.addQNameRefer
ence(WSDL11ToAxisServiceBuilder.java:1162)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.addQNameRefer
ence(WSDL11ToAxisServiceBuilder.java:1085)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateBindi
ng(WSDL11ToAxisServiceBuilder.java:686)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateEndpo
int(WSDL11ToAxisServiceBuilder.java:538)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateEndpo
ints(WSDL11ToAxisServiceBuilder.java:489)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateServi
ce(WSDL11ToAxisServiceBuilder.java:363)
at org.apache.axis2.description.WSDL11ToAllAxisServicesBuilder.populateA
llServices(WSDL11ToAllAxisServicesBuilder.java:107)
at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerat
ionEngine.java:147)
at org.apache.axis2.wsdl.WSDL2Code.main(WSDL2Code.java:35)
at org.apache.axis2.wsdl.WSDL2Java.main(WSDL2Java.java:24)
Exception in thread "main" org.apache.axis2.wsdl.codegen.CodeGenerationException
: Error parsing WSDL
at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerat
ionEngine.java:153)
at org.apache.axis2.wsdl.WSDL2Code.main(WSDL2Code.java:35)
at org.apache.axis2.wsdl.WSDL2Java.main(WSDL2Java.java:24)
Caused by: org.apache.axis2.AxisFault: More than one part for message OblixIDXML
Input
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateServi
ce(WSDL11ToAxisServiceBuilder.java:397)
at org.apache.axis2.description.WSDL11ToAllAxisServicesBuilder.populateA
llServices(WSDL11ToAllAxisServicesBuilder.java:107)
at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerat
ionEngine.java:147)
... 2 more
Caused by: org.apache.axis2.description.WSDL11ToAxisServiceBuilder$WSDLProcessin
gException: More than one part for message OblixIDXMLInput
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.addQNameRefer
ence(WSDL11ToAxisServiceBuilder.java:1162)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.addQNameRefer
ence(WSDL11ToAxisServiceBuilder.java:1085)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateBindi
ng(WSDL11ToAxisServiceBuilder.java:686)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateEndpo
int(WSDL11ToAxisServiceBuilder.java:538)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateEndpo
ints(WSDL11ToAxisServiceBuilder.java:489)
at org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populateServi
ce(WSDL11ToAxisServiceBuilder.java:363).
Thanks in advance.
akshay

Hello,
Were you able to resolve this issue ?
I am seeing the same issue and at my wits end.
regards
Amit

Error 403.7 - Forbidden: SSL client certificate is required

Hi people!
I�m developing a java client to a WebService (developed in .NET). The communication protocol is HTTPS to the URL where the Web Service is located (something like https://10.200.140.117/dirNotes/serviceName.asmx.). I�ve been reading many posts but I could'nt find the solution to the problem wich has the following message: Error 403.7 - Forbidden: SSL client certificate is required".
I�m using JDK 1.5 and developing and testing on Windows Plataform. I'm able to access the URL specified above directly from the browser, I installed the client certificate (the same that �ve put into the ,jks keystore. I�ve also imported the whole certificate chain of the server to the cacerts.
I�ll paste the code and the console trace below. I�d be very grateful if you can help me. Thanks a lot.
_THE CODE_
package principal;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.Security;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;
import entidade.Certificado;
public class SSLClient {
private static final int PORT_NUMBER = 443;
private static final String HTTPS_ADDRESS = "10.200.140.117";
private static String strCabecalhoMsg = "";
private static String strDadosMsg = "";
public static void main(String[] args) throws Exception {
System.setProperty("javax.net.ssl.keyStore", Certificado.getStrNomeArquivoJKSServidor());
System.setProperty("javax.net.ssl.keyStorePassword", "senha");
System.setProperty("javax.net.ssl.trustStore", "Certificados/cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.debug","ssl,handshake,record");
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(new FileInputStream(Certificado.getStrNomeArquivoJKSServidor()),
Certificado.getArranjoCharSenhaCertificadoServidor());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, Certificado.getArranjoCharSenhaCertificadoServidor());
KeyStore ksT = KeyStore.getInstance(KeyStore.getDefaultType());
ksT.load(new FileInputStream("C:/Arquivos de programas/Java/jre1.5.0_05/lib/security/cacerts"), "changeit".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ksT);
SSLContext sc = SSLContext.getInstance("SSLv3");
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new java.security.SecureRandom());
SSLSocketFactory factory = sc.getSocketFactory();
try{
// method to load the values of the strings strCabecalhoMsg and strDadosMsg
carregarXMLCabecalhoDados();
SSLSocket socket =(SSLSocket)factory.createSocket(HTTPS_ADDRESS, PORT_NUMBER);
socket.startHandshake();
String [] arr = socket.getEnabledProtocols();
URL url = new URL("https://10.200.140.117/dirNotes");
HttpsURLConnection.setDefaultSSLSocketFactory(factory);
HttpsURLConnection urlc = (HttpsURLConnection) url.openConnection();
urlc.setDoInput(true);
urlc.setUseCaches(false);
Object[] params = {strCabecalhoMsg, strDadosMsg};
Service service = new Service();
Call call = (Call) service.createCall();
call.setTargetEndpointAddress(url);
call.setOperationName("serviceName");
String ret = (String) call.invoke(params);
System.out.println("Result: " + ret);
catch (UnknownHostException uhe) {
uhe.printStackTrace();
System.err.println(uhe);
catch (Exception uhe) {
uhe.printStackTrace();
System.err.println(uhe);
private static void carregarXMLCabecalhoDados()
try
BufferedReader input = new BufferedReader( new FileReader("notas/cabecalho.xml"));
String str;
while((str=input.readLine()) != null)
strCabecalhoMsg += str ;
System.out.println("Cabe�a: " + strCabecalhoMsg);
input = new BufferedReader( new FileReader("notas/nota.xml"));
while((str=input.readLine()) != null)
strDadosMsg += str ;
System.out.println("Nota: " + strDadosMsg);
catch (FileNotFoundException e)
// TODO Auto-generated catch block
e.printStackTrace();
catch (IOException e)
// TODO Auto-generated catch block
e.printStackTrace();
_THE TRACE_
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 21:19:54 BRT 1999 until Tue Jun 25 21:19:54 BRT 2019
*others trusted certs*
trigger seeding of SecureRandom
done seeding SecureRandom
export control - checking the cipher suites
export control - no cached value available...
export control - storing legal entry into cache...
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1198158630 bytes = { 48, 135, 53, 24, 112, 72, 104, 220, 27, 114, 37, 42, 25, 77, 224, 32, 12, 58, 90, 217, 232, 3, 104, 251, 93, 82, 40, 91 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 3953
*** ServerHello, TLSv1
RandomCookie: GMT: 1198158523 bytes = { 56, 166, 181, 215, 86, 245, 8, 55, 214, 108, 128, 50, 8, 11, 0, 209, 38, 62, 187, 185, 240, 231, 56, 161, 212, 111, 194, 79 }
Session ID: {222, 2, 0, 0, 147, 179, 182, 212, 18, 34, 199, 100, 168, 167, 48, 116, 140, 186, 151, 153, 226, 168, 163, 174, 24, 83, 208, 73, 179, 57, 86, 137}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
*many chains and related data*
Found trusted certificate:
Version: V3
Subject:
*many trusted certificates and related data*
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
Random Secret: { 3, 1, 117, 112, 233, 166, 240, 9, 226, 67, 53, 111, 194, 84, 124, 103, 197, 28, 17, 36, 32, 48, 145, 166, 161, 61, 30, 63, 153, 214, 137, 113, 222, 204, 138, 77, 212, 75, 65, 192, 159, 215, 69, 156, 47, 188, 179, 219 }
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 75 70 E9 A6 F0 09 E2 43 35 6F C2 54 7C 67 ..up.....C5o.T.g
0010: C5 1C 11 24 20 30 91 A6 A1 3D 1E 3F 99 D6 89 71 ...$ 0...=.?...q
0020: DE CC 8A 4D D4 4B 41 C0 9F D7 45 9C 2F BC B3 DB ...M.KA...E./...
CONNECTION KEYGEN:
Client Nonce:
0000: 47 6A 73 26 30 87 35 18 70 48 68 DC 1B 72 25 2A Gjs&0.5.pHh..r%*
0010: 19 4D E0 20 0C 3A 5A D9 E8 03 68 FB 5D 52 28 5B .M. .:Z...h.]R([
Server Nonce:
0000: 47 6A 73 BB 38 A6 B5 D7 56 F5 08 37 D6 6C 80 32 Gjs.8...V..7.l.2
0010: 08 0B 00 D1 26 3E BB B9 F0 E7 38 A1 D4 6F C2 4F ....&>....8..o.O
Master Secret:
0000: 0B 3A 71 F8 BB 79 5E 07 78 C2 5F 13 4F 92 9D 87 .:q..y^.x._.O...
0010: CF 69 0D 07 78 D2 59 46 1E C3 C1 5B A2 DB 04 B9 .i..x.YF...[....
0020: 42 60 92 48 59 8E FD FD C3 5B BD 00 9C 54 7A 7E B`.HY....[...Tz.
Client MAC write Secret:
0000: 33 7C 19 C4 75 D2 CE 82 39 98 37 E5 7D 20 CB B1 3...u...9.7.. ..
Server MAC write Secret:
0000: 1E 1E 48 C7 D4 77 23 E4 22 26 8B 98 2E 92 5C 95 ..H..w#."&....\.
Client write key:
0000: EE 05 39 76 B2 85 63 6C F7 70 30 CB 6D 08 07 54 ..9v..cl.p0.m..T
Server write key:
0000: 5C 2E 3B 5E DC D9 EC C5 04 C4 D5 B5 12 11 B9 08 \.;^............
... no IV for cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 143, 115, 243, 131, 242, 244, 12, 44, 191, 172, 205, 122 }
main, WRITE: TLSv1 Handshake, length = 32
main, READ: TLSv1 Change Cipher Spec, length = 1
main, READ: TLSv1 Handshake, length = 32
*** Finished
verify_data: { 231, 215, 37, 250, 177, 121, 111, 192, 11, 41, 1, 165 }
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is : Certificados/certificadoSondaMonitor.jks
keyStore type is : JKS
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: Certificados\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 21:19:54 BRT 1999 until Tue Jun 25 21:19:54 BRT 2019
adding as trusted cert:
* many certificates*
init context
trigger seeding of SecureRandom
done seeding SecureRandom
instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
export control - checking the cipher suites
export control - found legal entry in cache...
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1198158632 bytes = { 93, 1, 41, 236, 165, 146, 251, 117, 129, 195, 129, 72, 245, 181, 43, 48, 80, 251, 244, 198, 223, 85, 82, 101, 20, 159, 17, 26 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 3953
*** ServerHello, TLSv1
RandomCookie: GMT: 1198158525 bytes = { 109, 114, 234, 1, 130, 97, 251, 9, 61, 105, 56, 246, 239, 222, 97, 143, 22, 254, 65, 213, 10, 204, 153, 67, 237, 133, 223, 48 }
Session ID: {23, 30, 0, 0, 26, 129, 168, 21, 252, 107, 124, 183, 171, 228, 138, 227, 94, 17, 195, 213, 216, 233, 205, 2, 117, 16, 21, 65, 123, 119, 171, 109}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
many chains again
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
Random Secret: { 3, 1, 116, 247, 155, 227, 25, 25, 231, 129, 199, 76, 134, 222, 98, 69, 149, 224, 75, 6, 60, 121, 115, 216, 244, 246, 102, 92, 188, 64, 113, 56, 190, 43, 32, 51, 90, 254, 141, 184, 71, 48, 41, 29, 173, 180, 46, 116 }
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 74 F7 9B E3 19 19 E7 81 C7 4C 86 DE 62 45 ..t........L..bE
0010: 95 E0 4B 06 3C 79 73 D8 F4 F6 66 5C BC 40 71 38 ..K.<ys...f\.@q8
0020: BE 2B 20 33 5A FE 8D B8 47 30 29 1D AD B4 2E 74 .+ 3Z...G0)....t
CONNECTION KEYGEN:
Client Nonce:
0000: 47 6A 73 28 5D 01 29 EC A5 92 FB 75 81 C3 81 48 Gjs(].)....u...H
0010: F5 B5 2B 30 50 FB F4 C6 DF 55 52 65 14 9F 11 1A ..+0P....URe....
Server Nonce:
0000: 47 6A 73 BD 6D 72 EA 01 82 61 FB 09 3D 69 38 F6 Gjs.mr...a..=i8.
0010: EF DE 61 8F 16 FE 41 D5 0A CC 99 43 ED 85 DF 30 ..a...A....C...0
Master Secret:
0000: FC C9 75 A4 2B F1 8A D8 AD 16 27 70 B7 E4 64 6C ..u.+.....'p..dl
0010: 05 D7 33 4A 53 91 2F 51 1E 32 D3 3B 2E 18 2E BC ..3JS./Q.2.;....
0020: E4 16 EE 2F 01 A1 08 48 19 09 32 68 CE 69 8F B1 .../...H..2h.i..
Client MAC write Secret:
0000: F1 95 3B CE 06 5B 8A 9B EC DE 1C 8F B4 AB D9 36 ..;..[.........6
Server MAC write Secret:
0000: BF 52 36 48 63 24 FE 74 22 BE 00 99 BE F0 6E E5 .R6Hc$.t".....n.
Client write key:
0000: 9F 08 0A 6E 8F 54 A3 66 1C BC C7 6B AE 88 67 E0 ...n.T.f...k..g.
Server write key:
0000: 06 A1 0B 4F 69 DE 5F AF 0E 6B B5 04 ED E8 EA F5 ...Oi._..k......
... no IV for cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 148, 93, 105, 42, 110, 212, 55, 2, 150, 191, 13, 111 }
main, WRITE: TLSv1 Handshake, length = 32
main, READ: TLSv1 Change Cipher Spec, length = 1
main, READ: TLSv1 Handshake, length = 32
*** Finished
verify_data: { 171, 150, 45, 10, 99, 35, 67, 174, 35, 52, 23, 192 }
%% Cached client session: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
main, setSoTimeout(600000) called
main, WRITE: TLSv1 Application Data, length = 282
main, WRITE: TLSv1 Application Data, length = 8208
main, WRITE: TLSv1 Application Data, length = 1102
main, READ: TLSv1 Application Data, length = 1830
main, received EOFException: ignored
main, called closeInternal(false)
main, SEND TLSv1 ALERT: warning, description = close_notify
main, WRITE: TLSv1 Alert, length = 18
main, called close()
main, called closeInternal(true)
AxisFault
faultCode: {http://xml.apache.org/axis/}HTTP
faultSubcode:
faultString: (404)Not Found
faultActor:
faultNode:
faultDetail:
     {}:return code: 404
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>
<h1>The page cannot be found</h1>
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
<hr>
<p>Please try the following:</p>
<ul>
<li>Make sure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.</li>
<li>If you reached this page by clicking a link, contact
the Web site administrator to alert them that the link is incorrectly formatted.
</li>
<li>Click the <a href="javascript:history.back(1)">Back</a> button to try another link.</li>
</ul>
<h2>HTTP Error 404 - File or directory not found.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>404</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>Web Site Setup</b>, <b>Common Administrative Tasks</b>, and <b>About Custom Error Messages</b>.</li>
</ul>
</TD></TR></TABLE></BODY></HTML>
     {http://xml.apache.org/axis/}HttpErrorCode:404
(404)Not Found
     at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:744)
     at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
     at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
     at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
     at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
     at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
     at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
     at org.apache.axis.client.Call.invoke(Call.java:2767)
     at org.apache.axis.client.Call.invoke(Call.java:2443)
     at org.apache.axis.client.Call.invoke(Call.java:2366)
     at org.apache.axis.client.Call.invoke(Call.java:1812)
     at principal.SSLClient.main(SSLClient.java:86)
(404)Not Found
-----

I'm having the same problem with the same URL. I try many configuration and nothing works. My code is:
public class NFeClient {
     static{
          Security.addProvider(new BouncyCastleProvider());
     public static void main(final String[] args) throws Exception {
          final String path = "https://homologacao.nfe.sefaz.rs.gov.br/ws/nfeconsulta/nfeconsulta.asmx";
          final String keyStoreProvider = "BC";
          final String keyStoreType = "PKCS12";
          final String keyStore = "/home/mendes/certificados/cert.p12";
          final String keyStorePassword = "xxxx";
          System.setProperty("javax.net.ssl.keyStoreProvider",keyStoreProvider);
          System.setProperty("javax.net.ssl.keyStoreType",keyStoreType);
          System.setProperty("javax.net.ssl.keyStore",keyStore);
          System.setProperty("javax.net.ssl.keyStorePassword",keyStorePassword);
          System.setProperty("javax.net.ssl.trustStore","/home/mendes/workspace/NFE/jssecacerts");
          final SSLContext context = SSLContext.getInstance("TLS");
          final KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
          final KeyStore ks = KeyStore.getInstance(keyStoreType);
          ks.load(new FileInputStream(keyStore), keyStorePassword.toCharArray());
          kmf.init(ks, keyStorePassword.toCharArray());
          context.init(kmf.getKeyManagers(), null, null);
          final URL url = new URL(path);
          final HttpsURLConnection httpsConnection = (HttpsURLConnection) url.openConnection();
          httpsConnection.setDoInput(true);
          httpsConnection.setRequestMethod("GET");
          httpsConnection.setRequestProperty("Host", "iis-server");
          httpsConnection.setRequestProperty("UserAgent", "Mozilla/4.0");
          httpsConnection.setSSLSocketFactory(context.getSocketFactory());
          try{
               final InputStream is = httpsConnection.getInputStream();
               final byte[] buff = new byte[1024];
               int readed;
               while((readed = is.read(buff)) > 0)
                    System.out.write(buff,0,readed);
          }catch(final IOException ioe){
               ioe.printStackTrace();
}and the response of the server is always the same:
java.io.IOException: Server returned HTTP response code: 403 for URL: https://homologacao.nfe.sefaz.rs.gov.br/ws/nfeconsulta/nfeconsulta.asmx
     at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1241)
     at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
     at br.com.esales.nfe.signer.client.NFeClient.main(NFeClient.java:60)Edited by: mendes on Apr 25, 2008 9:56 AM

SSL Client example from dev2dev

Bruce,
I still have some questions unaswered.
1. Is there any "default" list of trusted CA that is used during handshake?
The SSLClient example does not have any references to trusted CA files. The
weblogic.webservice.client.ssl.trustedcerts property returns null. What
trusted CA is used in the SSLClient example? Considering the plural name of
the property, should it contain only one file name, or it can contain
several file names? Order? Delimiter?
2. I copied the SSL setup code from SSLClient to my own web service client,
but it does not work. My web service is made of stateless session bean, and
wsdl is generated dynamically. Is it possible, that certain wsdl settings
could affect handshake process? Maybe I need to copy certain wsdl tags from
the example?
3. What username/password should I use in IE when "Enter network password"
dialog is presented? The combination used to start weblogic server does not
work. The same combination works for non-SSL client. Why?
Thanks,
Michael J.
"Bruce Stephens" <[email protected]> wrote in message
news:[email protected]...
Hi Michael,
Thanks for the good feedback and this will be incorporated into a revised
example.
Concerning your questions toward the end, to set the list of trusted CA
certificates, you need the CA certificate in a file and you need to setthis
System property to the filename:
weblogic.webservice.client.ssl.trustedcerts
To turn off strict hostname checking during certificate validation, youneed to
set this property to "false":
weblogic.webservice.client.ssl.strictcertchecking
Thanks again,
Bruce
Michael Jouravlev wrote:
Bruce,
here are some issues that I wish you could help me with.
1) package.html from the simpleSSL example is outdated. The links posted
here do not work. Considering "Please pay careful attention" phrase I am
a
little bit worried if I missed something in my SSL configuration.
=== cut here ===
You must first setup and verify your WLS SSL configuration.
1. Set up your development shell as described in Quick Start.
2. Startup the WebLogic Server.
3. Monitor the log file for any errors.
4. Use the console and configure the WebLogic Service security asdescribed
by:
http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1052258
Please pay careful attention to this step, especially concerning theSSL
protocol configuration:
http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1067988
=== cut here ===
I use the following information:
1. http://e-docs.bea.com/wls/docs70/secmanage/ssl.html#1127954 to
configure
server-wide SSL setup
2. http://edocs.bea.com/wls/docs70/webserv/security.html#1052043 to
configure web service-related SSL setup.
2) In "Setup and verify the toUpper WebService" chapter the linksentitled
http://localhost:7001/toUpper/toUpper and
http://localhost:7001/toUpper/toUpper?WSDL are wrong. Not a big deal,
but
maybe you would like to correct this.
3) Now the real issue: in the step (8), the "IMPORTANT STEP", when I tryto
connect to https://localhost:7002/toUpper/toUpper , I receive the
"Security
Alert" dialog (I am using IE5) that there is a problem with security
certificate: name of the certificate does not match the name of thesite. It
is OK, because it is demo certificate. (Should I do "View
Certificate/Install Certificate" to proceed successfully or just to say
"Yes" in the "Security Alert" window?). Anyway, I say "Yes", I do wantto
proceed. In the next window is "Do you want to display nonsecure items?"I
say "yes" and I am brought to the the test page. Now, when I try to testthe
service, I click on "toUpper" link and am presented with sample text and
"Invoke" button.
And when I press "Invoke" I am presented with a dialog window "Enternetwork
password" containing: Site: localhost, Realm: default, User name:
<blank>, Password: <blank>. So, the first serious issue is: what username
and password should I use? I tried username and password that I used to
start the server in set WLS_USER=<username> and set WLS_PW=<password> in
startWebLogic.cmd file. Does not work. "weblogic"/"weblogic" does notwork
either. What should I submit??? I did not change any security setting inmy
WebLogic server aside of SSL settings (all this realm stuff is greek tome.)
>>
After "Enter network password" dialog fails to verify a user, I get apage
with the following text: "Failed to retrieve WSDL from
https://localhost:7002/toUpper/toUpper?WSDL. Please check the URL and
the
protocol: Write Channel Closed, possible SSL handshaking or trustfailure"
>>
Interesting enough, if I try to go directly to the link
https://localhost:7002/toUpper/toUpper?WSDL , I get WSDL without any
problem
and without any password windows. What is happening here?
4) OK, I still want to run the Client. I modified ToUpperPort_Stub.javain
order for it to be compiled. I changed super( _port,ToUpperPort.class );
to super( _port ); I am using WL7.0 GA and I am not sure, is the callthat I
changed comes from the earlier Beta versions or from 7.0.0.1. Anyway,the
original code does not work on 7.0GA. I successfully did run both Mainand
Main2 without username/password and with it. I also usedusername/password
from startWebLogic.cmd file and they worked. Why they do not work when Itry
to call test page from web browser?
5) Finally I compiled and did run the SSLClient. It worked. But the
questions here are:
BEA_HOME environment variable is not defined, and WebLogic SSL
implementation is used. How licence.bea was found while running theclient?
When I tried to build my own client, I got a message that I license fileis
needed. Or is it needed only if the client library webservices+ssl.jaris
used?
The most important question: What trusted CA is used by client and how
client finds it? No certificates are in the SSLClient directory and no
property settings telling where to find it. It is a puzzle for my why it
works here and why my own client does not work when the CA is supplied.
Thank you,
Michael J.

Hi Michael,
I've asked our security folks to help answer your questions. The
weblogic.webservice.client.ssl.trustedcertfile file (located on the client
application computer) contains the certificates of CA (certificate authority).
The CAs are trusted to issue WebLogic Server certificates. The file can also
contain certificates that you trust directly. The file contains a collection of
PEM-encoded certificates. See:
http://e-docs.bea.com/wls/docs70/webserv/security.html#1056434
There shouldn't be any WSDL changes/tags required.
HTHs,
Bruce
Michael Jouravlev wrote:
Bruce,
I still have some questions unaswered.
1. Is there any "default" list of trusted CA that is used during handshake?
The SSLClient example does not have any references to trusted CA files. The
weblogic.webservice.client.ssl.trustedcerts property returns null. What
trusted CA is used in the SSLClient example? Considering the plural name of
the property, should it contain only one file name, or it can contain
several file names? Order? Delimiter?
2. I copied the SSL setup code from SSLClient to my own web service client,
but it does not work. My web service is made of stateless session bean, and
wsdl is generated dynamically. Is it possible, that certain wsdl settings
could affect handshake process? Maybe I need to copy certain wsdl tags from
the example?
3. What username/password should I use in IE when "Enter network password"
dialog is presented? The combination used to start weblogic server does not
work. The same combination works for non-SSL client. Why?
Thanks,
Michael J.
"Bruce Stephens" <[email protected]> wrote in message
news:[email protected]...
Hi Michael,
Thanks for the good feedback and this will be incorporated into a revised
example.
Concerning your questions toward the end, to set the list of trusted CA
certificates, you need the CA certificate in a file and you need to setthis
System property to the filename:
weblogic.webservice.client.ssl.trustedcerts
To turn off strict hostname checking during certificate validation, youneed to
set this property to "false":
weblogic.webservice.client.ssl.strictcertchecking
Thanks again,
Bruce
Michael Jouravlev wrote:
Bruce,
here are some issues that I wish you could help me with.
1) package.html from the simpleSSL example is outdated. The links posted
here do not work. Considering "Please pay careful attention" phrase I am
a
little bit worried if I missed something in my SSL configuration.
=== cut here ===
You must first setup and verify your WLS SSL configuration.
1. Set up your development shell as described in Quick Start.
2. Startup the WebLogic Server.
3. Monitor the log file for any errors.
4. Use the console and configure the WebLogic Service security asdescribed
by:
http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1052258
Please pay careful attention to this step, especially concerning theSSL
protocol configuration:
http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1067988
=== cut here ===
I use the following information:
1. http://e-docs.bea.com/wls/docs70/secmanage/ssl.html#1127954 to
configure
server-wide SSL setup
2. http://edocs.bea.com/wls/docs70/webserv/security.html#1052043 to
configure web service-related SSL setup.
2) In "Setup and verify the toUpper WebService" chapter the linksentitled
http://localhost:7001/toUpper/toUpper and
http://localhost:7001/toUpper/toUpper?WSDL are wrong. Not a big deal,
but
maybe you would like to correct this.
3) Now the real issue: in the step (8), the "IMPORTANT STEP", when I tryto
connect to https://localhost:7002/toUpper/toUpper , I receive the
"Security
Alert" dialog (I am using IE5) that there is a problem with security
certificate: name of the certificate does not match the name of thesite. It
is OK, because it is demo certificate. (Should I do "View
Certificate/Install Certificate" to proceed successfully or just to say
"Yes" in the "Security Alert" window?). Anyway, I say "Yes", I do wantto
proceed. In the next window is "Do you want to display nonsecure items?"I
say "yes" and I am brought to the the test page. Now, when I try to testthe
service, I click on "toUpper" link and am presented with sample text and
"Invoke" button.
And when I press "Invoke" I am presented with a dialog window "Enternetwork
password" containing: Site: localhost, Realm: default, User name:
<blank>, Password: <blank>. So, the first serious issue is: what username
and password should I use? I tried username and password that I used to
start the server in set WLS_USER=<username> and set WLS_PW=<password> in
startWebLogic.cmd file. Does not work. "weblogic"/"weblogic" does notwork
either. What should I submit??? I did not change any security setting inmy
WebLogic server aside of SSL settings (all this realm stuff is greek tome.)
After "Enter network password" dialog fails to verify a user, I get apage
with the following text: "Failed to retrieve WSDL from
https://localhost:7002/toUpper/toUpper?WSDL. Please check the URL and
the
protocol: Write Channel Closed, possible SSL handshaking or trustfailure"
Interesting enough, if I try to go directly to the link
https://localhost:7002/toUpper/toUpper?WSDL , I get WSDL without any
problem
and without any password windows. What is happening here?
4) OK, I still want to run the Client. I modified ToUpperPort_Stub.javain
order for it to be compiled. I changed super( _port,ToUpperPort.class );
to super( _port ); I am using WL7.0 GA and I am not sure, is the callthat I
changed comes from the earlier Beta versions or from 7.0.0.1. Anyway,the
original code does not work on 7.0GA. I successfully did run both Mainand
Main2 without username/password and with it. I also usedusername/password
from startWebLogic.cmd file and they worked. Why they do not work when Itry
to call test page from web browser?
5) Finally I compiled and did run the SSLClient. It worked. But the
questions here are:
BEA_HOME environment variable is not defined, and WebLogic SSL
implementation is used. How licence.bea was found while running theclient?
When I tried to build my own client, I got a message that I license fileis
needed. Or is it needed only if the client library webservices+ssl.jaris
used?
The most important question: What trusted CA is used by client and how
client finds it? No certificates are in the SSLClient directory and no
property settings telling where to find it. It is a puzzle for my why it
works here and why my own client does not work when the CA is supplied.
Thank you,
Michael J.

Providing Certificate while generating a SSL client from wcf

Similar Messages

Maybe you are looking for