BC-SOAP et HTTPS

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

BC-SOAP et HTTPS

theirman
Bonjour,

  Je rencontre un souci quand à l'utilisation du BC-SOAP avec le protocole HTTPS.
  Lors de l'invocation de mon service de test, j'obtiens l'erreur SOAP suivante et je ne sais ni ce qui génère cette erreur ni comment la corriger. Avez-vous une idée de la provenance de cette erreur et de la manière d'y remédier ?

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <soapenv:Fault>
         <faultcode>soapenv:Server</faultcode>
         <faultstring>org.apache.axis2.AxisFault: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
	at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
	at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
	at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
	at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
	at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:557)
	at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199)
	at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:76)
	at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:400)
	at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:225)
	at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:438)
	at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
	at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
	at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
	at org.ow2.petals.binding.soap.listener.outgoing.PetalsServiceClient.sendReceive(PetalsServiceClient.java:165)
	at org.ow2.petals.binding.soap.listener.outgoing.SOAPCaller.call(SOAPCaller.java:263)
	at org.ow2.petals.binding.soap.listener.outgoing.JBIListener.onJBIMessage(JBIListener.java:72)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processInOutAsProvider(MessageExchangeProcessor.java:664)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processAsProvider(MessageExchangeProcessor.java:404)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.process(MessageExchangeProcessor.java:259)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.run(MessageExchangeProcessor.java:190)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:637)
	at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:89)
	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
	at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
	... 26 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
	at sun.security.validator.Validator.validate(Validator.java:218)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
	at org.apache.commons.httpclient.contrib.ssl.AuthSSLX509TrustManager.checkServerTrusted(Unknown Source)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1198)
	... 36 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
	... 42 more</faultstring>
         <faultactor>http://petals.ow2.org/petals-bc-soap</faultactor>
         <detail>
            <stackTrace>org.ow2.petals.component.framework.api.exception.SOAP11FaultServerException: org.apache.axis2.AxisFault: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
	at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
	at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
	at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
	at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
	at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:557)
	at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199)
	at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:76)
	at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:400)
	at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:225)
	at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:438)
	at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
	at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
	at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
	at org.ow2.petals.binding.soap.listener.outgoing.PetalsServiceClient.sendReceive(PetalsServiceClient.java:165)
	at org.ow2.petals.binding.soap.listener.outgoing.SOAPCaller.call(SOAPCaller.java:263)
	at org.ow2.petals.binding.soap.listener.outgoing.JBIListener.onJBIMessage(JBIListener.java:72)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processInOutAsProvider(MessageExchangeProcessor.java:664)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processAsProvider(MessageExchangeProcessor.java:404)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.process(MessageExchangeProcessor.java:259)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.run(MessageExchangeProcessor.java:190)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:637)
	at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:89)
	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
	at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
	... 26 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
	at sun.security.validator.Validator.validate(Validator.java:218)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
	at org.apache.commons.httpclient.contrib.ssl.AuthSSLX509TrustManager.checkServerTrusted(Unknown Source)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1198)
	... 36 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
	... 42 more

	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processInOutAsProvider(MessageExchangeProcessor.java:687)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processAsProvider(MessageExchangeProcessor.java:404)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.process(MessageExchangeProcessor.java:259)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.run(MessageExchangeProcessor.java:190)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
Caused by: javax.jbi.messaging.MessagingException: org.apache.axis2.AxisFault: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
	at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
	at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
	at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
	at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
	at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:557)
	at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199)
	at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:76)
	at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:400)
	at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:225)
	at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:438)
	at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
	at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
	at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
	at org.ow2.petals.binding.soap.listener.outgoing.PetalsServiceClient.sendReceive(PetalsServiceClient.java:165)
	at org.ow2.petals.binding.soap.listener.outgoing.SOAPCaller.call(SOAPCaller.java:263)
	at org.ow2.petals.binding.soap.listener.outgoing.JBIListener.onJBIMessage(JBIListener.java:72)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processInOutAsProvider(MessageExchangeProcessor.java:664)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processAsProvider(MessageExchangeProcessor.java:404)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.process(MessageExchangeProcessor.java:259)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.run(MessageExchangeProcessor.java:190)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:637)
	at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:89)
	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
	at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:94)
	... 26 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
	at sun.security.validator.Validator.validate(Validator.java:218)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
	at org.apache.commons.httpclient.contrib.ssl.AuthSSLX509TrustManager.checkServerTrusted(Unknown Source)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1198)
	... 36 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
	... 42 more

	at org.ow2.petals.binding.soap.listener.outgoing.SOAPCaller.call(SOAPCaller.java:329)
	at org.ow2.petals.binding.soap.listener.outgoing.JBIListener.onJBIMessage(JBIListener.java:72)
	at org.ow2.petals.component.framework.process.MessageExchangeProcessor.processInOutAsProvider(MessageExchangeProcessor.java:664)
	... 6 more</stackTrace>
         </detail>
      </soapenv:Fault>
   </soapenv:Body>
</soapenv:Envelope>

Ma configuration actuelle :
  - Petals ESB 4.1
  - BC-SOAP 4.2

J'ai configuré le jbi.xml du composant BC-SOAP de la manière suivante :
[...]
<soap:http-port xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">8084</soap:http-port>
<soap:http-host xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
<soap:http-services-list xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">true</soap:http-services-list>
<soap:http-services-context xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">petals</soap:http-services-context>
<soap:http-services-mapping xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">services</soap:http-services-mapping>
<soap:http-thread-pool-size-min xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">2</soap:http-thread-pool-size-min>
<soap:http-thread-pool-size-max xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">50</soap:http-thread-pool-size-max>
<soap:http-acceptors xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">4</soap:http-acceptors>
<soap:ws-clients-pool-size-max xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
<soap:https-enabled xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">true</soap:https-enabled>
<soap:https-port xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">8083</soap:https-port>
<soap:https-keystore-type xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">JKS</soap:https-keystore-type>
<soap:https-keystore-file xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">/usr/apps/petals/petals-esb-4.1/https/keystore.jks</soap:https-keystore-file>
<soap:https-keystore-password xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">7rlYHmrW8yTDanbH</soap:https-keystore-password>
<soap:https-key-password xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">7rlYHmrW8yTDanbH</soap:https-key-password>
<soap:https-truststore-type xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">JKS</soap:https-truststore-type>
<soap:https-truststore-file xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">/usr/apps/petals/petals-esb-4.1/https/truststore.jks</soap:https-truststore-file>
<soap:https-truststore-password xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">7rlYHmrW8yTDanbH</soap:https-truststore-password>
<soap:https-client-authentication-enabled xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
[...]

J'ai configuré le jbi.xml du SU provide de la manière suivante :
<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi xmlns:cdk5="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:ws="http://ws/" version="1.0">
  <jbi:services binding-component="true">
    <jbi:provides endpoint-name="SivolServiceImplPort" interface-name="ws:SivolServiceImpl" service-name="ws:SivolService">
      
      <cdk5:timeout>30000</cdk5:timeout>
      <cdk5:validate-wsdl>true</cdk5:validate-wsdl>
      <cdk5:forward-security-subject>false</cdk5:forward-security-subject>
      <cdk5:forward-message-properties>false</cdk5:forward-message-properties>
      <cdk5:forward-attachments>false</cdk5:forward-attachments>
      <cdk5:wsdl>SivolService.wsdl</cdk5:wsdl>
      
      <soap:address>https://ganimed.inra.fr:8181/SivolWs/SivolService</soap:address>
      <soap:soap-version>1.1</soap:soap-version>
      <soap:chunked-mode>false</soap:chunked-mode>
      <soap:cleanup-transport>true</soap:cleanup-transport>
      <soap:mode>SOAP</soap:mode>

      <soap:https-truststore-file>/apps/petals/petals-esb-4.1/https/truststore.jks</soap:https-truststore-file>
	  <soap:https-truststore-password>7rlYHmrW8yTDanbH</soap:https-truststore-password>      
      <soap:https-keystore-file>/apps/petals/petals-esb-4.1/https/keystore.jks</soap:https-keystore-file>
	  <soap:https-keystore-password>7rlYHmrW8yTDanbH</soap:https-keystore-password>      
	  
    </jbi:provides>
  </jbi:services>
</jbi:jbi>

J'ai configuré le jbi.xml du SU consume de la manière suivante :
<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cdk5="http://petals.ow2.org/components/extensions/version-5" xmlns:jbi="http://java.sun.com/xml/ns/jbi" xmlns:soap="http://petals.ow2.org/components/soap/version-4" xmlns:ws="http://ws/" version="1.0">
  <jbi:services binding-component="true">
    <jbi:consumes interface-name="ws:SivolServiceImpl" service-name="ws:SivolService">

      <cdk5:timeout>30000</cdk5:timeout>
      <cdk5:mep xsi:nil="true"/>

      <soap:service-name>SivolService</soap:service-name>
      <soap:mode>SOAP</soap:mode>
      <soap:enable-http-transport>true</soap:enable-http-transport>
      <soap:enable-https-transport>true</soap:enable-https-transport>
      <soap:enable-jms-transport>false</soap:enable-jms-transport>

    </jbi:consumes>
  </jbi:services>
</jbi:jbi>

Voici le contenu de mon répertoire https :
 - un certificat petals.cer
 - un keystore keystore.jkscontenant uniquement ce certificat
 - un truststore truststore.jkscontenant uniquement ce certificat
drwxr-xr-x  2 petals-user petals-adm 4096 20 févr. 10:44 .
drwxr-xr-x 15 petals-user petals-adm 4096 20 févr. 10:42 ..
-rw-r--r--  1 petals-user petals-adm 1355 20 févr. 10:42 keystore.jks
-rw-r--r--  1 petals-user petals-adm  837 20 févr. 10:42 petals.cer
-rw-r--r--  1 petals-user petals-adm  647 20 févr. 10:42 truststore.jks
Reply | Threaded
Open this post in threaded view
|

Re: BC-SOAP et HTTPS

Christophe DENEUX
Administrator
Bonjour,

Pour commencer, l'erreur se produit au niveau de la SU provide du BC Soap, lors de l'appel du web-service externe.

Il semblerait que l'erreur indiquée correspondent à un problème de certificat: http://www.developpez.net/forums/d922760/java/general-java/apis/securite/erreur-suncertpathbuilderexception-unable-to-find-valid-certification-path-to-request/

Si tel est bien le problème, il devrait se passer plus ou moins la même chose en invoquant le webservice externe avec SoapUI et la même configuration SSL. Peux-tu faire cette vérification ?
Christophe DENEUX
Petals ESB Architect
Linagora
Twitter: @ChrisDENEUX
Reply | Threaded
Open this post in threaded view
|

Re: BC-SOAP et HTTPS

theirman
Le premier test que j'ai fais (et dont tu as la trace ci-dessus) est justement un test en utilisant SoapUI

En invoquant directement le WS sur le serveur Glassfish, j'ai une réponse correcte (mais du coup, cela n'utilise pas la config SSL de Petals)
Reply | Threaded
Open this post in threaded view
|

Re: BC-SOAP et HTTPS

Christophe DENEUX
Administrator
Afin d'éliminer un conflit de configuration entre les deux cotés du BC SOAP 'consume' et 'provide', peux-tu:
- modifier la configuration du composant pour ne pas activer de SSL,
- modifier la configuration de la SU consume pour supprimer ce qui est relatif à SSL
Est ce toujours la même erreur ?
Christophe DENEUX
Petals ESB Architect
Linagora
Twitter: @ChrisDENEUX
Reply | Threaded
Open this post in threaded view
|

Re: BC-SOAP et HTTPS

theirman
Test 1 :
  - Reconfiguration du BC-SOAP (soap:https-enabled = false)
  - SU consume inchangé (soap:enable-https-transport = true)
Résultat : erreur identique

Test 2 :
  - Reconfiguration du BC-SOAP (soap:https-enabled = false)
  - Reconfiguration du SU consume (soap:enable-https-transport = false)
Résultat : erreur identique

Test 3 :
  - BC-SOAP inchangé (soap:https-enabled = true)
  - Reconfiguration du SU consume (soap:enable-https-transport = false)
Résultat : erreur identique
Reply | Threaded
Open this post in threaded view
|

Re: BC-SOAP et HTTPS

theirman
Pensant que cela pouvait venir du certificat en lui-même, j'ai généré un nouveau certificat. Mais je me retrouve tjrs avec cette même erreur.
Reply | Threaded
Open this post in threaded view
|

Re: BC-SOAP et HTTPS

Christophe DENEUX
Administrator
N'ayant aucune idée d'où peut venir ton erreur, je te propose te repartir à zéro puis d'activer pas à pas le SSL:
1/ Peux-tu commencer par récréer ton use case sans aucun paramétrage SSL, ie. aucun paramètre SSL dans les SU et dans la config des composants, suppression de ton répertoire 'https' ?
2/ Ensuite, peux-tu recréer tes certificats, keystore et trustore, en m'indiquant comment tu les as généré (en gros les lignes de commandes que tu as utilisé)
3/ Ensuite, activation du SSL uniquement sur la partie 'provide'
4/ Et pour finir, activation du SSL sur la partie 'consume' (le composant).
Christophe DENEUX
Petals ESB Architect
Linagora
Twitter: @ChrisDENEUX