Web Services: unable to find valid certification path to requested target

Web Services: unable to find valid certification path to requested target

  
The Problem

Basically the same as in this post by Acácio: you are consuming a web service using https but the web service's certificate is not accepted by the client (your OutSystems Platform server). But on Java stack instead of .NET.

The error message you get in Java looks something like:

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Resolution

Basically the same:

step 1) obtain the certificate
step 2) make sure it's accepted in the OutSystems Platform server

refer to Acácio's post for step 1), let's see how we do step 2) in the Java stack:

after obtaining the certificate, get it onto the server. We'll use /root/certificate.cer as the path in the example.

as root, run:

# source /etc/sysconfig/outsystems
# $JAVA_HOME/bin/keytool -import -alias <give_it_a_name_here> -keystore $JAVA_HOME/jre/lib/security/cacerts -file /root/certificate.cer

You will probably be asked for a password. If you haven't changed it, the password is "changeit" *.

When the tool asks you if you want to trust this certificate, answer "yes".

restart jboss with "service jboss-outsystems restart" and from now on you should be able to connect to your web service.


* Google tells me that if you want to change it, you use the following command:

# $JAVA_HOME/bin/keytool -storepasswd -new <new password> -keystore $JAVA_HOME/jre/lib/security/cacerts