Getting Issue on making Secure submission on Virgo
152 views
Skip to first unread message
rajesh babu
Mar 16, 2012, 7:35:37 AM3/16/12
to ipf-...@googlegroups.com
Hi All,
--
Thanks & Regards
Rajesh
I am getting a issue when i am trying to submit a document(CDA) on secure mode. I have configured my dmk.dat (which will be consumed by startup.bat on starting the virgo) and valid certificates are in place. Can anyone suggest the various locations on Virgo environment that we have to configure the certificates
Thanks a lot in advance.
[2012-03-16 06:27:45.566] WARN el Thread 4 - MinaThreadPool org.apache.cxf.phase.PhaseInterceptorChain Interceptor for {urn:ihe:iti:xds-b:2007}DocumentRepository_Service#{urn:ihe:iti:xds-b:2007}DocumentRepository_ProvideAndRegisterDocumentSet-b has thrown exception, unwinding now org.apache.cxf.interceptor.Fault: Marshalling Error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.cxf.jaxb.JAXBEncoderDecoder.marshall(JAXBEncoderDecoder.java:252)
at org.apache.cxf.jaxb.io.DataWriterImpl.write(DataWriterImpl.java:169)
at org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDatabindingInterceptor.java:111)
at org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInterceptor.java:68)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
at $Proxy227.documentRepositoryProvideAndRegisterDocumentSetB(Unknown Source)
at org.openehealth.ipf.platform.camel.ihe.xds.iti41.component.Iti41Producer.callService(Iti41Producer.java:42)
at org.openehealth.ipf.platform.camel.ihe.xds.iti41.component.Iti41Producer.callService(Iti41Producer.java:27)
at org.openehealth.ipf.platform.camel.ihe.ws.DefaultItiProducer.process(DefaultItiProducer.java:160)
at org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(AsyncProcessorTypeConverter.java:50)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.SendProcessor$2.doInAsyncProducer(SendProcessor.java:104)
at org.apache.camel.impl.ProducerCache.doInAsyncProducer(ProducerCache.java:272)
at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:98)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.processor.interceptor.TraceInterceptor.process(TraceInterceptor.java:99)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.RedeliveryErrorHandler.processErrorHandler(RedeliveryErrorHandler.java:299)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:208)
at org.apache.camel.processor.DefaultChannel.process(DefaultChannel.java:256)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:143)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:78)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:143)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:78)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.processor.interceptor.TraceInterceptor.process(TraceInterceptor.java:99)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.RedeliveryErrorHandler.processErrorHandler(RedeliveryErrorHandler.java:299)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:208)
at org.apache.camel.processor.DefaultChannel.process(DefaultChannel.java:256)
at org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:113)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:61)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.SendProcessor$2.doInAsyncProducer(SendProcessor.java:104)
at org.apache.camel.impl.ProducerCache.doInAsyncProducer(ProducerCache.java:272)
at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:98)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.processor.interceptor.TraceInterceptor.process(TraceInterceptor.java:99)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.RedeliveryErrorHandler.processErrorHandler(RedeliveryErrorHandler.java:299)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:208)
at org.apache.camel.processor.DefaultChannel.process(DefaultChannel.java:256)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:143)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:78)
at org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:99)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:70)
at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:98)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:89)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:91)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:85)
at org.apache.camel.component.mina.MinaConsumer$ReceiveHandler.messageReceived(MinaConsumer.java:114)
at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:570)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:220)
at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:264)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.xml.bind.MarshalException: null
at com.sun.xml.internal.bind.v2.runtime.MarshallerImpl.write(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.MarshallerImpl.marshal(Unknown Source)
at javax.xml.bind.helpers.AbstractMarshallerImpl.marshal(Unknown Source)
at org.apache.cxf.jaxb.JAXBEncoderDecoder.writeObject(JAXBEncoderDecoder.java:536)
at org.apache.cxf.jaxb.JAXBEncoderDecoder.marshall(JAXBEncoderDecoder.java:227)
... 91 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1977)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1929)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
at org.apache.cxf.io.AbstractThresholdOutputStream.unBuffer(AbstractThresholdOutputStream.java:89)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:63)
at com.sun.xml.internal.bind.v2.runtime.output.UTF8XmlOutput.write(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.output.Encoded.write(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.output.UTF8XmlOutput.doText(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.output.UTF8XmlOutput.attribute(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.output.MTOMXmlOutput.attribute(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.XMLSerializer.attribute(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.AttributeProperty.serializeAttributes(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl.serializeAttributes(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.XMLSerializer.childAsXsiType(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.ArrayElementNodeProperty.serializeItem(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.ArrayElementProperty.serializeListBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.ArrayERProperty.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.XMLSerializer.childAsXsiType(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.SingleElementNodeProperty.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl$1.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl$1.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl.serializeRoot(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl.serializeRoot(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.ArrayReferenceNodeProperty.serializeListBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.ArrayERProperty.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.XMLSerializer.childAsXsiType(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.SingleElementNodeProperty.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.XMLSerializer.childAsXsiType(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.SingleElementNodeProperty.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.XMLSerializer.childAsXsiType(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.property.SingleElementNodeProperty.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl$1.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl$1.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl.serializeBody(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl.serializeRoot(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl.serializeRoot(Unknown Source)
at com.sun.xml.internal.bind.v2.runtime.XMLSerializer.childAsRoot(Unknown Source)
... 96 common frames omitted
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 151 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 157 common frames omitted
Thanks & Regards
Rajesh
Boris Stanojević
Mar 19, 2012, 4:06:19 AM3/19/12
to ipf-...@googlegroups.com
Hi Rajesh,
I don't think that has something to do with the exact location of your certificates. This exception usually means that the server is using a test certificate (possibly generated using keytool) rather than a certificate from a well known commercial Certification Authority.
Check out this article, hope it can help you:
http://nodsw.com/blog/leeland/2006/12/06-no-more-unable-find-valid-certification-path-requested-target
Cheers,
Boris
I don't think that has something to do with the exact location of your certificates. This exception usually means that the server is using a test certificate (possibly generated using keytool) rather than a certificate from a well known commercial Certification Authority.
Check out this article, hope it can help you:
http://nodsw.com/blog/leeland/2006/12/06-no-more-unable-find-valid-certification-path-requested-target
Cheers,
Boris
rajesh babu
Mar 19, 2012, 6:20:06 AM3/19/12
to ipf-...@googlegroups.com
Hi Boris,
I tried the below mentioned and i was able to perform a successful handshake with the server. But right now i am getting the following below mentioned error,
I have even made the disableCNCheck change in my config file where i am defining my http-conduit. But still it is throwing this issue
[2012-03-19 05:11:26.063] WARN el Thread 4 - MinaThreadPool org.apache.cxf.phase.PhaseInterceptorChain Interceptor for {urn:ihe:iti:xds-b:2007}DocumentRepository_Service#{urn:ihe:iti:xds-b:2007}DocumentRepository_ProvideAndRegisterDocumentSet-b has thrown exception, unwinding now org.apache.cxf.interceptor.Fault: Marshalling Error: The https URL hostname does not match the Common Name (CN) on the server certificate. To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) on the server certificate. To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1932)
Boris Stanojević
Mar 19, 2012, 11:19:30 AM3/19/12
to ipf-...@googlegroups.com
Hi Rajesh,
from the cxf documentation:
http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
there are some cases where the 'disableCNCheck' configuration parameter is ignored (useHttpsURLConnectionDefaultHostnameVerifier=true). You can also request the help directly on the CXF forum.
Cheers,
Boris
from the cxf documentation:
http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
there are some cases where the 'disableCNCheck' configuration parameter is ignored (useHttpsURLConnectionDefaultHostnameVerifier=true). You can also request the help directly on the CXF forum.
Cheers,
Boris
rajesh babu
Mar 22, 2012, 6:08:24 AM3/22/12
to ipf-...@googlegroups.com
Hi Boris,
I am bit confused here, i removed my http-conduit file completely, but still i get the same error. This is one is happening only when i am trying to hit xds-iti41 endpoint. Actually my conduit file is never read the control is failing before that itself. Can you please help me if you have come across this issue or can you point me where i am making mistake on virgo deployment.
[2012-03-22 04:59:52.413] WARN l Thread 75 - MinaThreadPool org.apache.cxf.phase.PhaseInterceptorChain Interceptor for {urn:ihe:iti:xds-b:2007}DocumentRepository_Service#{urn:ihe:iti:xds-b:2007}DocumentRepository_ProvideAndRegisterDocumentSet-b has thrown exception, unwinding now org.apache.cxf.interceptor.Fault: Marshalling Error: The https URL hostname does not match the Common Name (CN) on the server certificate. To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
at org.apache.cxf.jaxb.JAXBEncoderDecoder.marshall(JAXBEncoderDecoder.java:252)
at org.apache.cxf.jaxb.io.DataWriterImpl.write(DataWriterImpl.java:169)
at org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDatabindingInterceptor.java:111)
at org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInterceptor.java:68)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
at $Proxy227.documentRepositoryProvideAndRegisterDocumentSetB(Unknown Source)
at org.openehealth.ipf.platform.camel.ihe.xds.iti41.component.Iti41Producer.callService(Iti41Producer.java:42)
at org.openehealth.ipf.platform.camel.ihe.xds.iti41.component.Iti41Producer.callService(Iti41Producer.java:27)
at org.openehealth.ipf.platform.camel.ihe.ws.DefaultItiProducer.process(DefaultItiProducer.java:160)
Boris Stanojević
Mar 22, 2012, 6:48:06 AM3/22/12
to ipf-...@googlegroups.com
Hi Rajesh,
I'm also a bit confused. You've mentioned before that
>>and i was able to perform a successful handshake with the server
and the HttpConduit normally configures the path to your keystore/truststore. So I figure that the file is used after all.
Nevertheless, I would definitely need more details about your deployment, application and bundles structure to be able to make any guess about this issue.
Cheers,
Boris
I'm also a bit confused. You've mentioned before that
>>and i was able to perform a successful handshake with the server
Nevertheless, I would definitely need more details about your deployment, application and bundles structure to be able to make any guess about this issue.
Cheers,
Boris
rajesh babu
Mar 22, 2012, 7:23:46 AM3/22/12
to ipf-...@googlegroups.com
Hi Boris,
I was able to make the handshake with the InstallCert.Java which helped me out in removing the "Marshalling Error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" Error.
I was able to do a successful submission on unsecured mode, my problem is when i try to send the the submission to a secure URL
The list of IPF binaries that i deploy in OSGI are,
atna-bundle-1.2.0-v20110609.jar
modules-cda-2.2.2.jar
modules-cda-oht-2.2.4.jar
org.openehealth.ipf.commons.commons-core_2.2.4.jar
org.openehealth.ipf.commons.commons-flow_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-atna_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-hl7v2ws_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-hl7v3_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-pixpdqv3_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-pixpdq_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-ws_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-xca_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-xcpd_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-xds_2.2.4.jar
org.openehealth.ipf.commons.commons-map_2.2.4.jar
org.openehealth.ipf.commons.commons-xml_2.2.4.jar
org.openehealth.ipf.modules.modules-hl7dsl_2.2.4.jar
org.openehealth.ipf.modules.modules-hl7_2.2.4.jar
org.openehealth.ipf.osgi.osgi-commons_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-flow-manager_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-flow-repository_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-atna_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-pixpdqv3_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-pixpdq_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-xca_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-xcpd_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-xds_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-jms_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-log_2.2.4.jar
org.openehealth.ipf.osgi.osgi-extender-basic_2.2.4.jar
org.openehealth.ipf.osgi.osgi-extender-spring_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-core_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-flow_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-hl7_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-atna_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-hl7v2ws_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-hl7v2_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-mllp_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-pixpdqv3_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-pixpdq_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-ws_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-xca_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-xcpd_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-xds_2.2.4.jar
org.openhealthtools.ihe.atna-bundle_1.2.0.v20110214.jar
org.openhealthtools.ihe.common.cdar2-1.1.0-p1.jar
atna-bundle-1.2.0-v20110609.jar
modules-cda-2.2.2.jar
modules-cda-oht-2.2.4.jar
org.openehealth.ipf.commons.commons-core_2.2.4.jar
org.openehealth.ipf.commons.commons-flow_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-atna_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-hl7v2ws_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-hl7v3_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-pixpdqv3_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-pixpdq_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-ws_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-xca_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-xcpd_2.2.4.jar
org.openehealth.ipf.commons.commons-ihe-xds_2.2.4.jar
org.openehealth.ipf.commons.commons-map_2.2.4.jar
org.openehealth.ipf.commons.commons-xml_2.2.4.jar
org.openehealth.ipf.modules.modules-hl7dsl_2.2.4.jar
org.openehealth.ipf.modules.modules-hl7_2.2.4.jar
org.openehealth.ipf.osgi.osgi-commons_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-flow-manager_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-flow-repository_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-atna_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-pixpdqv3_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-pixpdq_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-xca_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-xcpd_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-ihe-xds_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-jms_2.2.4.jar
org.openehealth.ipf.osgi.osgi-config-log_2.2.4.jar
org.openehealth.ipf.osgi.osgi-extender-basic_2.2.4.jar
org.openehealth.ipf.osgi.osgi-extender-spring_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-core_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-flow_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-hl7_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-atna_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-hl7v2ws_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-hl7v2_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-mllp_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-pixpdqv3_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-pixpdq_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-ws_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-xca_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-xcpd_2.2.4.jar
org.openehealth.ipf.platform-camel.platform-camel-ihe-xds_2.2.4.jar
org.openhealthtools.ihe.atna-bundle_1.2.0.v20110214.jar
org.openhealthtools.ihe.common.cdar2-1.1.0-p1.jar
2012/3/22 Boris Stanojević <stanojev...@googlemail.com>
Boris Stanojević
Mar 22, 2012, 8:44:53 AM3/22/12
to ipf-...@googlegroups.com
Hi Rajesh,
I meant rather your bundles, especially the one which holds the httpConduit configuration. How does your httpConduit configuration looks like? Manifest? Visibility of bundles packages? How does cxf-bundle uses your resources?
Cheers,
Boris
I meant rather your bundles, especially the one which holds the httpConduit configuration. How does your httpConduit configuration looks like? Manifest? Visibility of bundles packages? How does cxf-bundle uses your resources?
Cheers,
Boris
rajesh babu
Mar 22, 2012, 8:54:40 AM3/22/12
to ipf-...@googlegroups.com
Hi Boris,
My http-conduit looks like,
beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
xsi:schemaLocation="
<!-- <bean id="placeholderConfig" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations" value="classpath:/context.properties"/>
</bean>-->
<http:conduit name="*.http-conduit">
<http:tlsClientParameters secureSocketProtocol="TLS" disableCNCheck="true">
<sec:keyManagers keyPassword="password">
<sec:keyStore type="JKS" password="password"
file="c:/certs/client.keystore"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="password"
file="c:/certs/ca.keystore"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with
export-suitable or null encryption is used,
but exclude anonymous Diffie-Hellman key change as
this is vulnerable to man-in-the-middle attacks -->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>NULL-SHA</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:include>.*_RSA_.*</sec:include>
<sec:include>.*_NULL-SHA_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
</beans>
My Manifest looks like,
Manifest-Version: 1.0
Export-Package: com.ge.hcit.dataexchange.ccg.adapters.ihe.beans,com.ge
.hcit.dataexchange.ccg.adapters.ihe.commons;uses:="com.ge.hcit.dataex
change.common.logging,com.ge.hcit.dataexchange.ccg.adapters.ihe.beans
,org.openehealth.ipf.commons.ihe.xds.core.stub.ebrs30.rim,org.apache.
cxf.message,org.apache.cxf.phase,com.ge.hcit.dataexchange.ccg.adapter
s.ihe.pix,org.apache.camel,org.openehealth.ipf.commons.ihe.xds.core.s
tub.ebrs30.rs,org.openehealth.ipf.commons.ihe.xds.core.ebxml.ebxml30,
groovy.lang,org.codehaus.groovy.runtime.typehandling,org.codehaus.gro
ovy.reflection,org.codehaus.groovy.runtime,org.codehaus.groovy.runtim
e.callsite,org.openehealth.ipf.commons.ihe.xds.core.stub.ebrs30.lcm,o
rg.codehaus.groovy.runtime.wrappers",com.ge.hcit.dataexchange.ccg.ada
pters.ihe.exception;uses:="org.apache.camel,com.ge.hcit.dataexchange.
common.logging",com.ge.hcit.dataexchange.ccg.adapters.ihe.mdmtoxds;us
es:="groovy.lang,org.codehaus.groovy.runtime.wrappers,org.codehaus.gr
oovy.reflection,org.codehaus.groovy.runtime,org.codehaus.groovy.runti
me.callsite,com.ge.hcit.dataexchange.ccg.adapters.ihe.commons,org.apa
che.camel,org.codehaus.groovy.runtime.typehandling,org.openehealth.ip
f.modules.hl7dsl,com.ge.hcit.dataexchange.common.logging,com.ge.hcit.
dataexchange.ccg.adapters.ihe.beans,org.apache.camel.builder,org.spri
ngframework.transaction,org.apache.commons.logging,com.ge.hcit.dataex
change.ccg.adapters.ihe.pix,org.apache.camel.spring.spi,org.springfra
mework.context,org.apache.camel.builder.xml,org.openehealth.ipf.platf
orm.camel.core.config,org.apache.camel.model,org.apache.camel.spring,
org.springframework.transaction.support,org.openehealth.ipf.commons.i
he.xds.core.ebxml.ebxml30,org.openehealth.ipf.commons.core.modules.ap
i,com.ge.hcit.dataexchange.ccg.adapters.ihe.exception,org.openehealth
g.adapters.ihe.oru;uses:="groovy.lang,org.codehaus.groovy.runtime.wra
ppers,org.codehaus.groovy.reflection,org.codehaus.groovy.runtime,org.
codehaus.groovy.runtime.callsite,org.codehaus.groovy.runtime.typehand
ling,com.ge.hcit.dataexchange.ccg.adapters.ihe.commons,org.apache.cam
el,com.ge.hcit.dataexchange.ccg.adapters.ihe.beans,com.ge.hcit.dataex
change.common.logging,org.openehealth.ipf.commons.ihe.xds.core.ebxml.
ebxml30,org.openehealth.ipf.commons.core.modules.api,org.apache.camel
.builder,org.springframework.transaction,org.apache.commons.logging,o
rg.apache.camel.spring.spi,org.springframework.context,org.apache.cam
el.builder.xml,org.apache.camel.model,org.apache.camel.spring,org.spr
ingframework.transaction.support",com.ge.hcit.dataexchange.ccg.adapte
rs.ihe.pix;uses:="ca.uhn.hl7v2,org.codehaus.groovy.reflection,org.apa
che.camel,org.openehealth.ipf.modules.hl7,org.codehaus.groovy.runtime
.callsite,groovy.lang,org.codehaus.groovy.runtime.typehandling,org.co
dehaus.groovy.runtime,org.openehealth.ipf.modules.hl7dsl,com.ge.hcit.
dataexchange.ccg.adapters.ihe.beans,com.ge.hcit.dataexchange.common.l
ogging"
Built-By: bld_csf
Tool: Bnd-0.0.357
Bundle-Name: GE Healthcare IT - Data Exchange Projects - CCG Adapters
- IHE Adapter
Created-By: Apache Maven Bundle Plugin
Require-Bundle: org.apache.cxf.bundle
Build-Jdk: 1.6.0_26
Bundle-Version: 9.0.0.SNAPSHOT
Bnd-LastModified: 1329431019441
Bundle-ManifestVersion: 2
Import-Package: ca.uhn.hl7v2,ca.uhn.hl7v2.model.v24.message,ca.uhn.hl7
v2.model.v24.segment,ca.uhn.hl7v2.model.v25.message,ca.uhn.hl7v2.mode
l.v25.segment,ca.uhn.hl7v2.parser,ca.uhn.hl7v2.util,com.ge.hcit.datae
xchange.ccg.adapters.ihe.beans,com.ge.hcit.dataexchange.ccg.adapters.
ihe.commons,com.ge.hcit.dataexchange.ccg.adapters.ihe.exception,com.g
e.hcit.dataexchange.ccg.adapters.ihe.mdmtoxds,com.ge.hcit.dataexchang
e.ccg.adapters.ihe.oru,com.ge.hcit.dataexchange.ccg.adapters.ihe.pix,
com.ge.hcit.dataexchange.common.logging,groovy.lang;version="1.6",gro
ovy.util;version="1.6",javax.activation;version="1.1",org.apache.came
l;version="2.5",org.apache.camel.builder;version="2.5",org.apache.cam
el.builder.xml;version="2.5",org.apache.camel.component.hl7;version="
2.5",org.apache.camel.model;version="2.5",org.apache.camel.processor.
interceptor;version="2.5",org.apache.camel.spring;version="2.5",org.a
pache.camel.spring.spi;version="2.5",org.apache.commons.logging;versi
on="1.1",org.apache.cxf.message,org.apache.cxf.phase,org.codehaus.gro
ovy.reflection;version="1.6",org.codehaus.groovy.runtime;version="1.6
",org.codehaus.groovy.runtime.callsite;version="1.6",org.codehaus.gro
ovy.runtime.typehandling;version="1.6",org.codehaus.groovy.runtime.wr
appers;version="1.6",org.openehealth.ipf.commons.core.modules.api;ver
sion="2.2",org.openehealth.ipf.commons.ihe.pixpdq.definitions.v25.pix
.message;version="2.2",org.openehealth.ipf.commons.ihe.xds.core.ebxml
.ebxml30;version="2.2",org.openehealth.ipf.commons.ihe.xds.core.stub.
ebrs30.lcm;version="2.2",org.openehealth.ipf.commons.ihe.xds.core.stu
b.ebrs30.rim;version="2.2",org.openehealth.ipf.commons.ihe.xds.core.s
tub.ebrs30.rs;version="2.2",org.openehealth.ipf.commons.map;version="
2.2",org.openehealth.ipf.commons.map.extend;version="2.2.4",org.opene
health.ipf.modules.cda.builder;version="2.2",org.openehealth.ipf.modu
les.hl7;version="2.2",org.openehealth.ipf.modules.hl7.extend;version=
"2.2.4",org.openehealth.ipf.modules.hl7.message;version="2.2.4",org.o
penehealth.ipf.modules.hl7.validation;version="2.2",org.openehealth.i
pf.modules.hl7.validation.builder;version="2.2",org.openehealth.ipf.m
odules.hl7dsl;version="2.2.4",org.openehealth.ipf.platform.camel.core
.config;version="2.2",org.openehealth.ipf.platform.camel.core.extend;
version="2.2.4",org.openehealth.ipf.platform.camel.hl7.extend;version
="2.2.4",org.openehealth.ipf.platform.camel.ihe.xds.core.extend;versi
on="2.2",org.openhealthtools.ihe.atna.auditor;version="1.2",org.openh
ealthtools.ihe.atna.auditor.context;version="1.2",org.springframework
.beans.factory.config;version="3.0",org.springframework.context;versi
on="3.0",org.springframework.transaction;version="3.0",org.springfram
ework.transaction.support;version="3.0"
Bundle-SymbolicName: com.ge.hcit.dataexchange.ccg.adapters.ihe
I import CXF in my context,
<import resource="classpath:META-INF/cxf/cxf.xml"/>
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml"/>
<import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
<import resource="classpath:META-INF/cxf/cxf-extension-addr.xml"/>
Thanks
Rajesh
Boris Stanojević
Mar 22, 2012, 9:11:18 AM3/22/12
to ipf-...@googlegroups.com
Hi Rajesh,
This custom configuration file is expected to be on the class path of the Cxf-Bundle. Instead of using "Require-Bundle: org.apache.cxf.bundle" can you please try defining your Bundle as a Fragment of Cxf-Bundle (Fragment-Host: org.apache.cxf.bundle)?
Or otherwise, have you tried starting your Server with additional parameter:
-Dcxf.config.file.url=config_file_url
Cheers,
Boris
This custom configuration file is expected to be on the class path of the Cxf-Bundle. Instead of using "Require-Bundle: org.apache.cxf.bundle" can you please try defining your Bundle as a Fragment of Cxf-Bundle (Fragment-Host: org.apache.cxf.bundle)?
Or otherwise, have you tried starting your Server with additional parameter:
-Dcxf.config.file.url=config_file_url
Cheers,
Boris
rajesh babu
Mar 22, 2012, 9:19:55 AM3/22/12
to ipf-...@googlegroups.com
Hi Boris,
My http-conduit will be located inside my bundle, u want me to keep it outside and give the URL while starting the server and try the deployment?
Thanks
-Rajesh
Boris Stanojević
Mar 22, 2012, 9:53:26 AM3/22/12
to ipf-...@googlegroups.com
Hi Rajesh,
>>My http-conduit will be located inside my bundle
yeah, the option with the Fragment-Host considers the solution with configuration inside the bundle. If that does not help, as a second option try to provide the configuration outside the bundle to see if this works. Obviously the cxf-bundle does not see your custom configuration as you suggested in a previous post.
Cheers,
Boris
>>My http-conduit will be located inside my bundle
Cheers,
Boris
Reply all
Reply to author
Forward
0 new messages