Tell me more ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite

i try to run one system test on Weblogic 10 with HTTPS basic server authentication but i recieve this exception:

com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLKeyException:    [Security:090542]Certificate chain received from myserver - 141.73.205.173 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.

at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:149) at com.sun.jersey.api.client.filter.HTTPBasicAuthFilter.handle(HTTPBasicAuthFilter.java:81) at com.sun.jersey.api.client.Client.handle(Client.java:648) .............................................

My authentication method is :

public static WebResource createWebResource(String path) throws IOException, NoSuchAlgorithmException, Exception {
ClientConfig config = new DefaultClientConfig();
Client client = Client.create(config);
HTTPBasicAuthFilter authFilter = new HTTPBasicAuthFilter("REST_USER", "Supervisor");
client.addFilter(authFilter);
String serverUrl = findServerUrlFromJNDIProps();
return client.resource("https://myserver:8012/ERSrestServices/" + path);

}

Where is my mistake ?

share|improve this question

1 Answer

up vote 0 down vote

The SSL certificate is not trusted by java so it is rejecting your attempt to access the server over https.

If this is a test server with a self-signed certificate, this would make sense. If it is not self-signed, then the CA is not trusted by your java install.

As per the exception:

If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.

So, -Dweblogic.security.TrustKeyStore=DemoTrust should solve your problem.

Alternatively you can add your webserver's SSL certificate to your client's java certificate store:

keytool -importcert -file certificate.cer -keystore cacerts -alias "Your Alias"

Where keytool can be found at ${jdk_home}/bin and the cacerts file at ${jdk_home}/jre/lib/security

share|improve this answer
Thank you for answear, the server is for testing purposes – user2521489 Jun 25 at 20:14

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.