SSL Certificate Issue on Box api
Hi,
I have used the BoxApiConnection service to connect my application to the developer box . I am running the application in WAS Liberty Profile while connecting to Box it throws me an error as below.
I have given the correct path for ketstore but still i see this issue.
Is there any particular SSL certificate to upload in Liberty Server. Please help me on this.
[ERROR ] CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN CN=*.box.com, O="Box, Inc.", L=Los Altos, ST=California, C=US was sent from the target host. The signer might need to be added to local trust store key.jks, located in SSL configuration alias defaultSSLConfig. The extended error message from the SSL handshake exception is: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[err] com.box.sdk.BoxAPIException: Couldn't connect to the Box API due to a network error.
[err] at com.box.sdk.BoxAPIRequest.trySend(BoxAPIRequest.java:395)
[err] at com.box.sdk.BoxAPIRequest.send(BoxAPIRequest.java:209)
[err] at com.box.sdk.BoxAPIRequest.send(BoxAPIRequest.java:184)
[err] at com.box.sdk.BoxUser.getCurrentUser(BoxUser.java:138)
[err] at com.ibm.sc.analytics.DigitalAnalyticsDAO.getBoxApiConnectivity(DigitalAnalyticsDAO.java:248)
[err] at com.ibm.sc.analytics.DigitalAnalyticsDAO.getBoxConnectivity(DigitalAnalyticsDAO.java:232)
[err] at com.ibm.sc.web.actions.BuyerDashboard.execute(BuyerDashboard.java:103)
[err] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[err] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
[err] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
[err] at java.lang.reflect.Method.invoke(Unknown Source)
[err] at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:404)
[err] at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:267)
[err] at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:229)
[err] at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:221)
[err] at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:86)
[err] at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(DefaultActionInvocation.java:224)
[err] at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(DefaultActionInvocation.java:223)
[err] at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTimerStack.java:455)
[err] at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:221)
[err] at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:150)
[err] at org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercep
-
See my post
for the same error "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
Hope it helps or at least gives you some clues.
-
I fixed that by placing proper keystore file into the
wlp\usr\servers\defaultServer\resources\security
Liberty directory.
In my case its name was - "jssecacerts" (i believe that "cacerts" would be enough as it has similar content)
then i added next lines to the Server.xml
.....
ssl-1.0
.....
As it seems Liberty has its own key storage. I came to this conclusion when i saw that my UnitTests used the same calls to remote server and they worked OK. That's why it didn't work via Liberty when i put this file into jre/lib/security.
Hope this helps.
Please sign in to leave a comment.
Comments
3 comments