Saturday, September 25, 2021

Jdeveloper Integrated server -Importing SSL certificate for webservice call

Requirement-For local development using Jdeveloper when we call any webservice which is SSL enabled which is very common and when we call any SSL enabled service from Jdeveloper we get SSL handshake error something like pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable to find valid certification path to requested target.

Solution

For this firstly we need to identify which is the trust keystore for local integrated server .For this start local weblogic server and go to default server à keystores as shown in below screenshot.

Here you can find path of trust keystore used by integrated server of Jdeveloper.


Go to trust keystore  path mentioned in above screenshot .In my case it is C:\Oracle\Middleware\wlserver_10.3\server\lib\DemoTrust.jks 

Now we need to import the SSL certificate of webservice we are calling on above JKS .So step 1 would be to download the SSL certificate of webservice we are trying to call which can be done using below command.

1.      openssl s_client -servername abc.webservicehost.ent -connect abc.webservicehost.ent:8243 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > abc.crt

certificate gets downloaded with name abc.crt

(install open ssl for windows if it is not installed)

2.      Now we need to add this certificate in DemoTrust.jks .password for this jks is “DemoTrustKeyStorePassPhrase”.This you can either do this by installing keystore explorer in windows or using command below

a.      Using keystore explorer open DemoTrust.jks it will ask for password which is DemoTrustKeyStorePassPhrase.

b.      Once open go  to tools and click import certificate and select certificate downloaded in step1 above i.e. abc.crt

c.      Using command, you can do as below. Go to JDK home in your windows and execute below command

      keytool -import -keystore C:\Oracle\Middleware\wlserver_10.3\server\lib\DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase  -file abc.crt -alias webservicecertalias

 


Now restart Integrated weblogic server of Jdeveloper and run the webservice call again.You will not see any SSL handshake error. 



 

 

           


By at
Labels: ,

2 comments:

Subscribe to: Post Comments (Atom)