I've connect mongoDb with SSL & Certs(Trust, Keystore) using Springboot
System.setProperty("javax.net.ssl.trustStore", trustStoreFilePath.getPath());
System.setProperty("javax.net.ssl.trustStorePassword", truststorePassword);
System.setProperty("javax.net.ssl.keyStore", keyStoreFilePath.getPath());
System.setProperty("javax.net.ssl.keyStorePassword", keystorePassword);
Then, able to connect successfully
Then, tried REST call on https://xxxxxx.net/api/v1/login
Added and tried below options
- karate.configure('ssl', true);
- * configure ssl = true
i'm getting below error -
admin_login.feature
21:43:28.106 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, http call failed after 943 milliseconds for URL: https://xxxxxx.net/api/v1/login
21:43:28.107 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - http request failed:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
21:43:28.114 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - feature call failed: classpath:admin_login.feature
arg: [object Object]
admin_login.feature:8 -
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
21:43:28.116 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - javascript function call failed:
admin_login.feature:8 -
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
if i'm not connecting db with ssl. able to call all REST calls
Please help on this.
SSL can be tricky, you may need time and patience.
Normally * configure ssl = true should just work in Karate because it will disable certificate validation. Sounds like here you have set some System properties that is being picked up by Karate also. Refer https://github.com/intuit/karate#system-properties-for-ssl-and-http-proxy
So maybe if you use the advanced form of configure ssl you can get it it work.
Remember if are still stuck and you need more support, follow the instructions here: https://github.com/intuit/karate/wiki/How-to-Submit-an-Issue
Related
Currently, when my helidon application invoke a request to another server using https protocol, it will cause an exception about certification:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
How can I disable this validation? Do the config "server.ssl.trustAll" or "server.trust-all" solve my issue?
The ssl validation should be resovled
While calling loqate api https://api.addressy.com
Please Help me in resolving this
[BRA-100006- SSL configuration is not well defined
ServiceException: BRA-100006 - SSL configuration is not well defined
SunCertPathBuilderException: BRA-003 - An unexpected error occured
(sun.security.provider.certpath.SunCertPathBuilderExpection with the following message:
sun.security.provider.certpath.SunCertPathBuilderExpection: unable to to find valid certification path to request target
Validationexception: BRA-003 - An unexpected error occurred (sun.security.validator.ValidatorException) with the following message
sun.security.provider.certpath.SunCertPathBuilderExpection: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderexception:
unable to find valid certification path to requested target.
Hello I need a simple method to ask soapUI to ignore SSL validation when I call an https sevice.
Acuatlly my error is unable to find valid certification path when I import tha wadl.
org.apache.xmlbeans.XmlException: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
Maybe somethong to set on the SoapUI-5.2.0.vmoptions...?
This is my actual file:
-Xms128m
-Xmx1000m
-Dsoapui.properties=soapui.properties
-Dsoapui.home=D:\Programmi\soapUI\SoapUI-5.2.0/bin
-Dsoapui.ext.libraries=D:\Programmi\soapUI\SoapUI-5.2.0/bin/ext
-Dsoapui.ext.listeners=D:\Programmi\soapUI\SoapUI-5.2.0/bin/listeners
-Dsoapui.ext.actions=D:\Programmi\soapUI\SoapUI-5.2.0/bin/actions
-Dwsi.dir=D:\Programmi\soapUI\SoapUI-5.2.0/wsi-test-tools
-Djava.library.path=D:\Programmi\soapUI\SoapUI-5.2.0/bin
-Djava.util.Arrays.useLegacyMergeSort=true
-splash:SoapUI-Spashscreen.png
-Dsun.security.ssl.allowUnsafeRenegotiation=true
I'm trying to connect my Java application to a IMAP server mail on 993, in a test environment.
I'm trying to ignore the certificate validation ,using a recommendation from previous answers to a similar question, as follows:
imapProps.put("mail.imaps.ssl.checkserveridentity", "false");
imapProps.put("mail.imaps.ssl.trust", "*");
but it doesn't seem to work, I'am still getting an exception.
Cannot process current mailbox => sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:727)
So my question is, is it actually possible to use IMAPS protocol to connect to a mail server,without having to check or validate the certificate ?
If it is, choosing to ignore the certificate validation wouldn't it be a 2 sides decision then? JavaApp and the mailServer ?
You need to use the same protocol name in both the properties and in the getStore method call. So, since you're setting the imaps properties, you should be using Store s = session.getStore("imaps");
I've connect mongoDb with SSL & Certs(Trust, Keystore) using Springboot
System.setProperty("javax.net.ssl.trustStore", trustStoreFilePath.getPath());
System.setProperty("javax.net.ssl.trustStorePassword", truststorePassword);
System.setProperty("javax.net.ssl.keyStore", keyStoreFilePath.getPath());
System.setProperty("javax.net.ssl.keyStorePassword", keystorePassword);
Then, able to connect successfully
Then, tried REST call on https://xxxxxx.net/api/v1/login
Added and tried below options
- karate.configure('ssl', true);
- * configure ssl = true
i'm getting below error -
admin_login.feature
21:43:28.106 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, http call failed after 943 milliseconds for URL: https://xxxxxx.net/api/v1/login
21:43:28.107 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - http request failed:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
21:43:28.114 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - feature call failed: classpath:admin_login.feature
arg: [object Object]
admin_login.feature:8 -
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
21:43:28.116 [ForkJoinPool-1-worker-1] ERROR com.intuit.karate - javascript function call failed:
admin_login.feature:8 -
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
if i'm not connecting db with ssl. able to call all REST calls
Please help on this.
SSL can be tricky, you may need time and patience.
Normally * configure ssl = true should just work in Karate because it will disable certificate validation. Sounds like here you have set some System properties that is being picked up by Karate also. Refer https://github.com/intuit/karate#system-properties-for-ssl-and-http-proxy
So maybe if you use the advanced form of configure ssl you can get it it work.
Remember if are still stuck and you need more support, follow the instructions here: https://github.com/intuit/karate/wiki/How-to-Submit-an-Issue