FMS | ||
---|---|---|
<<< Previous | Frequently Asked Questions | Next >>> |
When trying to send a message with the client process I get the following response
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The client has received an SSL certificate chain that it does not recognise. This implies that the certificate validation path does not exist in the default cacerts java keystore. If the certificate exists in the client keystore then try re-sending with the '-st' command line switch set to the client keystore.
When trying to send a message with the client process I get the following response
\ \com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection post \SEVERE: SAAJ0009: Message send failed \SOAP Error: : com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed: \sun.security.validator.ValidatorException: PKIX path building failed: \sun.security.provider.certpath.SunCertPathBuilderException: \ \ unable to find valid certification path to requested target: \ \ |
Export the server certificate and install it on the client. See the Section called Keystore Configuration in the Chapter called Installation for further details on this.
How do I define the security context file as required by the as4 client?
The client security context as set using the '-sc security.xml' command line option determines the signing and encryption security of any sent messages. Full details on the syntax and settings are available at http://docs.oracle.com/cd/E17802_01/webservices/webservices/docs/1.6/tutorial/doc/XWS-SecurityIntro4.html
I get the following error in my client log when attempting to send to a remote destination.
com.flame.client.as4.api.Client transmit - SEVERE: Received fatal alert: bad_certificate or com.flame.client.as4.AS4ClientAPI <init> - INFO: ClientException - Received fatal alert: bad_certificate.
Ensure that the SSL client certificate chain has been provided and installed in the server truststore and that the certificate validates against it's root certificate (if a CA signed cert) path in the server truststore. The certificate chain is presented to the remote client from the server and the client can only respond with the appropriate certificate if the certificate authority (CA) is correctly presented to it. The bad_certificate error will occur when the client continues a connection to a remote server without presenting it's certificate but when client authentication is required.
<<< Previous | Home | Next >>> |
Client and FMC | Up | Version History |