Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

sun.security.validator.ValidatorException: No trusted certificate found

843811Sep 5 2008 — edited Sep 8 2008
Hello,
I am using Java 1.6.0_04 (JBoss-4.2.2.GA application). My application implements a WS client which needs to integrate with an external Web Service. This communication needs to be handled through https.

I have created a jks keystore with the server certificate, and passed its details to JBoss through the System Properties:
-Djavax.net.ssl.trustStore=/Path-to-file  -Djavax.net.ssl.trustStorePassword=password
On my development environment I can call the Web Service correctly.
Although, on the production environment, I am getting the following exception:
javax.xml.ws.WebServiceException: java.io.IOException: Could not transmit message
	at org.jboss.ws.core.jaxws.client.ClientImpl.handleRemoteException(ClientImpl.java:317)
	at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:255)
	at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:164)
	at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)
	at $Proxy171.send(Unknown Source)
	at com.xpto.integration.SmsHelper.send(SmsHelper.java:57)
	at com.xpto.services.sms.SMSSenderServiceMBean.run(SMSSenderServiceMBean.java:106)
	at java.lang.Thread.run(Thread.java:619)
Caused by: java.io.IOException: Could not transmit message
	at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:204)
	at org.jboss.ws.core.client.SOAPRemotingConnection.invoke(SOAPRemotingConnection.java:77)
	at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:337)
	at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:243)
	... 6 more
Caused by: org.jboss.remoting.CannotConnectException: Can not connect http client invoker.
	at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:
333)
	at org.jboss.remoting.transport.http.HTTPClientInvoker.transport(HTTPClientInvoker.java:135)
	at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
	at org.jboss.remoting.Client.invoke(Client.java:1634)
	at org.jboss.remoting.Client.invoke(Client.java:548)
	at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:183)
	... 9 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No truste
d certificate found
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLCo
nnection.java:166)
	at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:832)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:23
0)
	at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:
275)
	... 14 more
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
	at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304)
	at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107)
	at sun.security.validator.Validator.validate(Validator.java:218)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:2
09)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:2
49)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
	... 26 more
Both systems are configured with the same JBoss, JVM, ...

The certificate details are:
Owner=
  CN=*...., OU=..., O=..., L=..., ST=..., C=PT
Issuer=
  CN=..., O=..., C=PT
Version=3
Serial Number=BC81A81843E26C2597CD10354588F61E
Valid From=Monday, 3 March 2008 18:50
Valid Until=Tuesday, 3 March 2009 18:50
Signature Algorithm=SHA1withRSA

Fingerprints=
    MD5:     0A:A6:89:92:A4:CF:17:74:7C:4E:20:63:6B:81:AE:85
    SHA1:    35:01:74:8C:35:AB:9F:02:7B:23:3F:15:5E:73:C6:4D:DD:BB:C0:7A
Key Usage= critical
    List:
    . digitalSignature
    . keyEncipherment
    . dataEncipherment
    . keyAgreement
Extended Key Usage= none
On production I have also tried adding the following properties:
-Djavax.net.ssl.keyStore=/Path-to-file  -Djavax.net.ssl.keyStorePassword=password
But I still get the error.

Any one has any hint for this problem? Is there any property which I can define to ignore untrusted certificates?

Any help would really be welcome.
Thanks in advance.

Best regards,
Victor Batista
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Oct 6 2008
Added on Sep 5 2008
#java-secure-socket-extension-jsse
6 comments
8,211 views