How to connect xmpp server using TSL/SSL? - xmpp

i am using smack 4.2.1 to connect xmpp server ,but when i run the code ,the server response the message below.
i really know that the error caused by tsl/ssl config.but i dont know how to solve.
XMPPTCPConnectionConfiguration conf = XMPPTCPConnectionConfiguration.builder()
.setXmppDomain("404.city").setUsernameAndPassword("xx", "xxxx")
.setCompressionEnabled(false)
.setSecurityMode(ConnectionConfiguration.SecurityMode.required)
.build();
XMPPTCPConnection connection = new XMPPTCPConnection(conf);
connection.connect();
org.jivesoftware.smack.SmackException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1060)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:982)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:998)
at java.lang.Thread.run(Thread.java:745)

i fix it by myself....
i should set a SSLContext to the config

Related

Connection With Azure to MongoDB

I am trying to connect Azure Databricks with MongoDB, but I am getting an error message which I am not able to resolve.
I am getting the following error
com.mongodb.MongoTimeoutException: Timed out after 30000 ms while waiting to connect. Client view of cluster state is {type=UNKNOWN, servers=[{address=sopt-bo-halo-01.northeurope.cloudapp.azure.com:27017, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}, {address=sopt-bo-halo-03.northeurope.cloudapp.azure.com:27017, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}, {address=sopt-bo-halo-02.northeurope.cloudapp.azure.com:27017, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}]
from pyspark.sql import SparkSession
database = "prod-backoffice"
collection = "AmazonRegion"
connectionString = ‘<Username>://<Password> #hostN
/defaultdb?
ssl=true&readPreference=primary&maxIdleTimeMS=60000&connectTimeoutMS=10000&
authSource=DBNAME &authMechanism=SCRAM-SHA-1&
tlsAllowInvalidCertificates=true&tlsAllowInvalidHostnames=true
&sslAllowConnectionsWithoutCertificates=true&sslInvalidHostNameAllowed=true'
spark = SparkSession.builder\
.appName("MongoSparkConnectorIntro")\
.config('spark.mongodb.input.uri',connectionString)\
.config('spark.mongodb.output.uri', connectionString)\
.config('spark.jars.packages', 'org.mongodb.spark:mongo-spark-connector_2.12:3.0.1')\
.getOrCreate()
df = spark.read\
.format("com.mongodb.spark.sql.DefaultSource")\
.option("uri", connectionString)\
.option("database", database)\
.option("collection", collection)\
.load()
Connect MongoDB Atlas with DataBricks
Connection with databricks
Connect and Enable Databricks clusters to the cluster by adding the external IP addresses for the Databricks cluster nodes to the whitelist in Atlas.
Access on MongoDB Network and add the Databrick cluster IP address.
Configure Databricks Cluster with MongoDB Connection URI
Get the MongoDB connection URI. click the cluster you have created in the MongoDB Atlas UI.
Click the Connect button.
Click Connect Your Application.
According to your Databrick MongoDB connector configuration make sure your scala and spark version
Copy the generated connection string. It should look like mongodb+srv://:#Firstdatabase-wlcof.azure.mongodb.net/test?retryWrites=true
Replace password and Firstdatabase name with your password and database name.
Configuration in DataBricks
METHOD 1
In your databricks cluster, select the configuration tab and click the edit button -> under advanced options, Please select the spark configuration tab using the connection string and update the spark config. Follow the below format in the config tab
spark.mongodb.output.uri<connection-string>
spark.mongodb.input.uri<connection-string>
METHOD 2
In python notebook configure settings directly using below code.
from pyspark.sql import SparkSession
database = "<datanase_name>" #your database name
collection = "millionsongs" #your collection name
connectionString= copy your connection string here ('mongodb+srv://user:<password>#cluster0.9rvsi.mongodb.net/<database>?retryWrites=true&w=majority')
spark = SparkSession
.builder
.config('spark.mongodb.input.uri',connectionString)
.config('spark.mongodb.input.uri', connectionString)
.config('spark.jars.packages', 'org.mongodb.spark:mongo-spark-connector_2.12:3.0.1')
.getOrCreate()
#Reading from MongoDB
df = spark.read
.format("com.mongodb.spark.sql.DefaultSource")
.option("uri", connectionString)
.option("database", database)
.option("collection", collection)
.load()

SSLHandshakeException while trying to consume REST web service

I'm trying to consume a secured rest endpoint through java code as following
public static void main(String[] args) {
getUrl();
}
private static void getUrl(){
System.setProperty("javax.net.ssl.keyStore", "C:\\Program Files\\Java\\jdk1.8.0_191\\keystore\\test.jks");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
System.setProperty("javax.net.ssl.keyStorePassword", "test123");
RestTemplate restTemplate = new RestTemplate();
ResponseEntity<SignedURL> signedURLEntity = restTemplate.getForEntity("https://tfgts.xyz.com:16610/file-transfer/get-url?fmt=json", SignedURL.class);
System.out.println("PUT URL : "+signedURLEntity.getBody().getPuturl());
}
I have imported the test.jks certificate in the following way
keytool -importkeystore -srckeystore .\test.jks -destkeystore %JAVA_HOME%/jre/lib/security/cacerts
I could find the alias of the certificate I imported, when I ran the below command
keytool -list -keystore cacerts
I'm using eclipse IDE to run this java class and configured the Java build path of the project to the JDK path where the certificate is imported. Also, I ordered the JAVA_HOME in path environment variables to be on top.
But still I'm getting the following error
Exception in thread "main" org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://tfgts.xyz.com:16610/file-transfer/get-url": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:732)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:680)
at org.springframework.web.client.RestTemplate.getForEntity(RestTemplate.java:359)
at com.paychex.retirement.ml.service.SterlingFileProcessor.getUrl(FileProcessor.java:99)
at com.paychex.retirement.ml.service.SterlingFileProcessor.main(FileProcessor.java:88)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:162)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:723)
... 4 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
... 24 more

Connecting to secured remote AEM repository

In order to create JCR nodes, We are trying to programmatically connect to a remote AEM instance using the JcrUtils.getRepository(...) method to acquire the handle to the repository instance.
This instance is secured and checks for a cookie in the request to let the user in.
Is there a way to pass the cookie to JcrUtils (or other methods of connecting to an AEM repository)?
Right now, when running the code JcrUtils.getRepository("http://host:port/crx/server"); it just throws the following exception:
javax.jcr.RepositoryException: Unable to access a repository with the following settings:
org.apache.jackrabbit.repository.uri: https://<host>:<port>/crx/server
The following RepositoryFactory classes were consulted:
org.apache.jackrabbit.jcr2dav.Jcr2davRepositoryFactory: declined
org.apache.jackrabbit.jcr2spi.Jcr2spiRepositoryFactory: declined
org.apache.jackrabbit.commons.JndiRepositoryFactory: declined
org.apache.jackrabbit.core.RepositoryFactoryImpl: declined
org.apache.jackrabbit.rmi.repository.RmiRepositoryFactory: failed
because of RemoteRuntimeException: java.rmi.RemoteException: Failed to read the resource at URL https://<host>:<port>/crx/server; nested exception is:
java.io.StreamCorruptedException: invalid stream header: 3C21444F
because of RemoteException: Failed to read the resource at URL https://<host>:<port>/crx/server; nested exception is:
java.io.StreamCorruptedException: invalid stream header: 3C21444F
because of StreamCorruptedException: invalid stream header: 3C21444F
Perhaps the repository you are trying to access is not available at the moment.
at org.apache.jackrabbit.commons.JcrUtils.getRepository(JcrUtils.java:223)
at org.apache.jackrabbit.commons.JcrUtils.getRepository(JcrUtils.java:263)
...
There is no way to pass cookie via JcrUtils.getRepository(...) it accepts URI as a string.
In your logs looks like org.apache.jackrabbit.jcr2dav.Jcr2davRepositoryFactory doesn't exist in application classpath.
Make sure you added to dependencies following libs
jackrabbit-jcr-commons
jackrabbit-jcr2dav
in case you are using Maven:
<dependency>
<groupId>org.apache.jackrabbit</groupId>
<artifactId>jackrabbit-jcr-commons</artifactId>
<version>2.10.1</version>
</dependency>
<dependency>
<groupId>org.apache.jackrabbit</groupId>
<artifactId>jackrabbit-jcr2dav</artifactId>
<version>2.10.1</version>
</dependency>
I am getting similar issue as #user3239244 but only in case of https.
I am trying to access repository from standalone java application
repository = JcrUtils.getRepository(url)
Works for http and fails for https
From logs:
javax.jcr.RepositoryException: Unable to access a repository with the
following settings:
org.apache.jackrabbit.repository.uri: https://localhost:5433/crx/server The following RepositoryFactory
classes were consulted:
org.apache.jackrabbit.jcr2dav.Jcr2davRepositoryFactory: declined
org.apache.jackrabbit.jcr2spi.Jcr2spiRepositoryFactory: declined
org.apache.jackrabbit.commons.JndiRepositoryFactory: declined
org.apache.jackrabbit.core.RepositoryFactoryImpl: declined
org.apache.jackrabbit.rmi.repository.RmiRepositoryFactory: failed
because of RepositoryException: Failed to read the resource at URL https://localhost:5433/crx/server
because of SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
because of ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
because of SunCertPathBuilderException: unable to find valid certification path to requested target

Error when trying to create a new JBOSS OpenShift project

I am trying to have a play around with openshift, but am running into a config issue at the first hurdle.
i have RedHatJBOSS Developer Studio 8.0.0 installed, and have the JBOSS Integration and SOA Development Plugin installed.
I also have an openshift user account and can login just fine to their website.
Basically, when I select the create openshift project from the JBoss central page, and enter my valid openshift credentials and pres next, it tries to connect and immediately throws an error stating an SSL handshake exception occurred (details below).
I am a bit lost if I am honest; is there something I need to install?
I am using JRE 7 in case that is significant
com.openshift.client.OpenShiftEndpointException: Could not request https://openshift.redhat.com/broker/rest/api: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.openshift.internal.client.RestService.request(RestService.java:120)
at com.openshift.internal.client.RestService.request(RestService.java:92)
at com.openshift.internal.client.AbstractOpenShiftConnectionFactory.getConnection(AbstractOpenShiftConnectionFactory.java:36)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:198)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:158)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:114)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:103)
at org.jboss.tools.openshift.express.internal.core.connection.Connection.createUser(Connection.java:229)
at org.jboss.tools.openshift.express.internal.core.connection.Connection.connect(Connection.java:205)
at org.jboss.tools.openshift.express.internal.ui.wizard.connection.ConnectionWizardPageModel.connect(ConnectionWizardPageModel.java:247)
at org.jboss.tools.openshift.express.internal.ui.wizard.connection.ConnectionWizardPage$ConnectJob.run(ConnectionWizardPage.java:479)
at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54)
Caused by: com.openshift.internal.client.httpclient.HttpClientException: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.createException(UrlConnectionHttpClient.java:201)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.request(UrlConnectionHttpClient.java:161)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.request(UrlConnectionHttpClient.java:140)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.get(UrlConnectionHttpClient.java:99)
at com.openshift.internal.client.RestService.request(RestService.java:160)
at com.openshift.internal.client.RestService.request(RestService.java:107)
... 11 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:85)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:57)
at java.lang.reflect.Constructor.newInstance(Constructor.java:541)
at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1686)
at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1684)
at java.security.AccessController.doPrivileged(AccessController.java:330)
at sun.net.www.protocol.http.HttpURLConnection.getChainedException(HttpURLConnection.java:1682)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1255)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:479)
at com.ibm.net.ssl.www2.protocol.https.b.getResponseCode(b.java:40)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.createException(UrlConnectionHttpClient.java:184)
... 16 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.ibm.jsse2.j.a(j.java:33)
at com.ibm.jsse2.j.a(j.java:31)
at com.ibm.jsse2.qc.b(qc.java:190)
at com.ibm.jsse2.qc.a(qc.java:456)
at com.ibm.jsse2.qc.h(qc.java:352)
at com.ibm.jsse2.qc.a(qc.java:523)
at com.ibm.jsse2.qc.startHandshake(qc.java:730)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:70)
at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:9)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1311)
at com.ibm.net.ssl.www2.protocol.https.b.getInputStream(b.java:89)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.request(UrlConnectionHttpClient.java:157)
... 15 more
This looks very weird, I didnt spot this so far. SSL handshake is failing for some unknown reason.
What is the exact version of your JDK7?
What is your OS?
Cheers
Andre

GWT CAS Tomcat deploy fails

I upgraded my GWT project with CAS. When I test it in dev mode, it works fine. Now I wanted to deploy my project to tomcat. When I'm running it, I can reach the CAS server. But when the CAS server directs me back to my webapp, I'm getting this error.
HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
type Exception report
message javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
description The server encountered an internal error that prevented it
from fulfilling this request.
exception
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:295)
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33)
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178)
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132)
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102)
org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62)
org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
root cause
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1902)
sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1338)
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154)
sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032)
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328)
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515)
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299)
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281)
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33)
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178)
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132)
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102)
org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62)
org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
root cause
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
sun.security.validator.Validator.validate(Validator.java:260)
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320)
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154)
sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032)
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328)
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515)
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299)
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281)
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33)
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178)
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132)
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102)
org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62)
org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
root cause
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
sun.security.validator.Validator.validate(Validator.java:260)
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320)
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154)
sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032)
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328)
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515)
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299)
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281)
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33)
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178)
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132)
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102)
org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62)
org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
note The full stack trace of the root cause is available in the Apache
Tomcat/7.0.37 logs. Apache Tomcat/7.0.37
Can't figure out how to fix it.
I'm assuming you enabled https=true in deployDescriptor.xml. Inorder to make CAS work with HTTPS you have to create one keystore file
Creating a Keystore File