Solution:
From the browser
1. Export public key of the cert to base64 .cer
2. Export intermediate root CA's certificate e.g. SDN base64.cer file
3. Export root CA certificate to Base64 .cer
4. Import all of the above .cer files into the trust store (both in the server and client if mutual authentication is used.)
Feb 17, 2009 4:47:06 PM [com.sun.xml.ws.policy.jaxws.PolicyConfigParser] parse
INFO: WSP1049: Loaded WSIT configuration from file: file:/C:/PHIN-SRM/container/webapps/WSRM_Client/WEB-INF/classes/META-INF/wsit-client.xml
Feb 17, 2009 4:47:16 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler$X509CertificateValidatorImpl validate
SEVERE: WSS1518: Failed to validate certificate
java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:195)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:250)
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler$X509CertificateValidatorImpl.validate(DefaultCallbackHandler.java:1572)
at com.sun.xml.wss.impl.callback.CertificateValidationCallback.getResult(CertificateValidationCallback.java:80)
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.validateCertificate(DefaultSecurityEnvironmentImpl.java:700)
at com.sun.xml.ws.security.opt.impl.incoming.X509BinarySecurityToken.validate(X509BinarySecurityToken.java:186)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:400)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:280)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:222)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verifyInboundMessage(SecurityTubeBase.java:438)
at com.sun.xml.wss.jaxws.impl.SecurityServerTube.processRequest(SecurityServerTube.java:206)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
at com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doGet(WSServletDelegate.java:129)
at com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doPost(WSServletDelegate.java:160)
at com.sun.xml.ws.transport.http.servlet.WSServlet.doPost(WSServlet.java:75)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Feb 17, 2009 4:47:17 PM [com.sun.xml.ws.rm.runtime.ClientSession] processOutgoingPacket
WARNING: WSRM1106: Attempt to initiate RM session failed with an exception
javax.xml.ws.soap.SOAPFaultException: Path does not chain with any of the trust anchors
at com.sun.xml.ws.security.secconv.WSSCPlugin.sendRequest(WSSCPlugin.java:431)
at com.sun.xml.ws.security.secconv.WSSCPlugin.process(WSSCPlugin.java:260)
at com.sun.xml.ws.security.secconv.impl.client.SCTokenProviderImpl.issue(SCTokenProviderImpl.java:129)
at com.sun.xml.ws.api.security.trust.client.IssuedTokenManager.getIssuedToken(IssuedTokenManager.java:79)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.startSecureConversation(SecurityClientTube.java:460)
at com.sun.xml.ws.rm.runtime.ProtocolCommunicator.tryStartSecureConversation(ProtocolCommunicator.java:103)
at com.sun.xml.ws.rm.runtime.ClientSession.initializeIfNecessary(ClientSession.java:255)
at com.sun.xml.ws.rm.runtime.ClientSession.processOutgoingPacket(ClientSession.java:157)
at com.sun.xml.ws.rm.runtime.RmClientTube.processRequest(RmClientTube.java:123)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
at com.sun.xml.ws.client.Stub.process(Stub.java:222)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:135)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
at $Proxy74.receiveMessage(Unknown Source)
at gov.cdc.wsigrid.wsrm.WsrmClientServlet.processRequest(WsrmClientServlet.java:215)
at gov.cdc.wsigrid.wsrm.WsrmClientServlet.doPost(WsrmClientServlet.java:277)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Feb 17, 2009 4:47:17 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler$X509CertificateValidatorImpl validate
SEVERE: WSS1518: Failed to validate certificate
java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:195)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:250)
at com.sun.xml.wss.impl
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment