Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Newcomers » Newcomers » Eclipse Mars SSL connection issue : javax.net.ssl.SSLHandshakeException: sun.security.validator.Vali
Eclipse Mars SSL connection issue : javax.net.ssl.SSLHandshakeException: sun.security.validator.Vali [message #1728654] Wed, 06 April 2016 09:45 Go to next message
Awanthika Senarath is currently offline Awanthika SenarathFriend
Messages: 8
Registered: November 2014
Junior Member
Hi all,

We have a eclipse plugin which performs a connection request to a remote server.

This plugin is working fine in Eclipse Luna.

We migrated the same source code to Eclipse Mars, (no changes in code level) and when we try to perform the connection we get a runtime exception with the following stack trace :[1] . Is this some


[1] org.apache.axis2.AxisFault: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:78)
at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:84)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:630)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)

................................
at org.eclipse.swt.widgets.TypedListener.handleEvent(TypedListener.java:248)
at org.eclipse.swt.widgets.EventTable.sendEvent(EventTable.java:84)
at org.eclipse.swt.widgets.Display.sendEvent(Display.java:4481)
at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1329)
at org.eclipse.swt.widgets.Display.runDeferredEvents(Display.java:3819)
at org.eclipse.swt.widgets.Display.readAndDispatch(Display.java:3430)
at org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine$4.run(PartRenderingEngine.java:1127)
at org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:337)
at org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine.run(PartRenderingEngine.java:1018)
at org.eclipse.e4.ui.internal.workbench.E4Workbench.createAndRunUI(E4Workbench.java:156)
at org.eclipse.ui.internal.Workbench$5.run(Workbench.java:694)
at org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:337)
at org.eclipse.ui.internal.Workbench.createAndRunWorkbench(Workbench.java:606)
at org.eclipse.ui.PlatformUI.createAndRunWorkbench(PlatformUI.java:150)
at org.eclipse.ui.internal.ide.application.IDEApplication.start(IDEApplication.java:139)
at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:196)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:134)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:104)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:380)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:235)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:669)
at org.eclipse.equinox.launcher.Main.basicRun(Main.java:608)
at org.eclipse.equinox.launcher.Main.run(Main.java:1515)
at org.eclipse.equinox.launcher.Main.main(Main.java:1488)
Caused by: com.ctc.wstx.exc.WstxIOException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.ctc.wstx.sw.BaseStreamWriter._finishDocument(BaseStreamWriter.java:1406)
at com.ctc.wstx.sw.BaseStreamWriter.close(BaseStreamWriter.java:247)
at org.apache.axiom.om.impl.MTOMXMLStreamWriter.close(MTOMXMLStreamWriter.java:188)
at org.apache.axiom.om.impl.llom.OMSerializableImpl.serializeAndConsume(OMSerializableImpl.java:197)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:74)
... 48 more
Caused by: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1541)
at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1553)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStream.java:191)
at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:103)
at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:225)
at com.ctc.wstx.sw.BufferingXmlWriter.close(BufferingXmlWriter.java:198)
at com.ctc.wstx.sw.BaseStreamWriter._finishDocument(BaseStreamWriter.java:1404)
... 52 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStream.java:191)
at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:103)
at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:225)
at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:259)
at org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.java:198)
at org.apache.axis2.databinding.ADBDataSource.serialize(ADBDataSource.java:91)
at org.apache.axiom.om.impl.llom.OMSourcedElementImpl.internalSerialize(OMSourcedElementImpl.java:691)
at org.apache.axiom.om.impl.util.OMSerializerUtil.serializeChildren(OMSerializerUtil.java:562)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:875)
at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.serializeInternally(SOAPEnvelopeImpl.java:283)
at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:245)
at org.apache.axiom.om.impl.llom.OMSerializableImpl.serializeAndConsume(OMSerializableImpl.java:193)
... 49 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
... 70 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:146)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 76 more

Report message to a moderator

Re: Eclipse Mars SSL connection issue : javax.net.ssl.SSLHandshakeException: sun.security.validator. [message #1728666 is a reply to message #1728654] Wed, 06 April 2016 11:28 Go to previous messageGo to next message
Tauno Voipio is currently offline Tauno VoipioFriend
Messages: 742
Registered: August 2014
Senior Member
There are not enough details, but an educated guess is that you're attempting to connect to a HTTPS (SSL/HTTP) server, and the new installation does not have required certificates or root certificate path properly installed.

The connection is shutdown because the secure connection cannot be established.

--

Tauno Voipio

Report message to a moderator

Re: Eclipse Mars SSL connection issue : javax.net.ssl.SSLHandshakeException: sun.security.validator. [message #1728669 is a reply to message #1728666] Wed, 06 April 2016 11:36 Go to previous messageGo to next message
Awanthika Senarath is currently offline Awanthika SenarathFriend
Messages: 8
Registered: November 2014
Junior Member
Thanks for the reply,


There are not enough details, but an educated guess is that you're attempting to connect to a HTTPS (SSL/HTTP) server, and the new installation does not have required certificates or root certificate path properly installed.

Yes , your guess is correct.


The problem is the same code works perfectly in eclipse Luna, but fails in Eclipse mars. Do we need to do anything more than what we do in Luna to have " required certificates or root certificate path properly installed" ?

Report message to a moderator

Re: Eclipse Mars SSL connection issue : javax.net.ssl.SSLHandshakeException: sun.security.validator. [message #1728692 is a reply to message #1728669] Wed, 06 April 2016 13:21 Go to previous messageGo to next message
Tauno Voipio is currently offline Tauno VoipioFriend
Messages: 742
Registered: August 2014
Senior Member
Awanthika Senarath wrote on Wed, 06 April 2016 14:36
Thanks for the reply,


There are not enough details, but an educated guess is that you're attempting to connect to a HTTPS (SSL/HTTP) server, and the new installation does not have required certificates or root certificate path properly installed.

Yes , your guess is correct.

The problem is the same code works perfectly in Eclipse Luna, but fails in Eclipse Mars. Do we need to do anything more than what we do in Luna to have " required certificates or root certificate path properly installed" ?


Again, there are not enough details, but firstly, you should learn about SSL setup.

Some of the questions are:

- Is the server in a publicly-known certifying chain?
- Does the server need client identification (certificate)?
- How is the Luna setup and the server matched together?

You did not tell the plugin, but a guess is Apache Axis2. Go and check its documentation, and access Apache support if there is no success that way.

--

Tauno Voipio

Report message to a moderator

Re: Eclipse Mars SSL connection issue : javax.net.ssl.SSLHandshakeException: sun.security.validator. [message #1728693 is a reply to message #1728692] Wed, 06 April 2016 13:25 Go to previous messageGo to next message
Awanthika Senarath is currently offline Awanthika SenarathFriend
Messages: 8
Registered: November 2014
Junior Member
No Message Body

Report message to a moderator

Re: Eclipse Mars SSL connection issue : javax.net.ssl.SSLHandshakeException: sun.security.validator. [message #1728697 is a reply to message #1728693] Wed, 06 April 2016 13:35 Go to previous message
Awanthika Senarath is currently offline Awanthika SenarathFriend
Messages: 8
Registered: November 2014
Junior Member
Hello,

We debugged and figured out that the issue is with the scope of the system properties that are being set in our code are not visible to other JVMs which creates the SSL connection to the remote server.

We have set the following system properties in the code :

-Djavax.net.ssl.trustStoreType=JKS
-Djavax.net.ssl.trustStore=/home/awanthika/WSO2/wso2-products/wso2esb-4.9.0/repository/resources/security/wso2carbon.jks
-Djavax.net.ssl.trustStorePassword=wso2carbon

from code :
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStore", "/home/awanthika/WSO2/wso2-products/wso2esb-4.9.0/repository/resources/security/wso2carbon.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");

which caused the SSL error.

But when I gave them as run configuration argument parameters in Eclipse self host Run Configurations it works perfectly.

Regards
Awanthika

Report message to a moderator

Previous Topic:Embedded Jetty - Adding Context after starting Jetty Server
Next Topic:External terminal
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Apr 26 05:52:44 GMT 2024

Powered by FUDForum. Page generated in 0.08284 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly