SSL issue deploying REST project on SOA 12c

Issue:

summary=<summary>oracle.fabric.common.FabricInvocationException: javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target</summary>

Thoughts:

The certificate provided by the service invoked is not available in the trust store.

From my previous experiences using SOA, there are two main certificate truststores

1- Weblogic level, which can be configured using weblogic console
2- Java level, which can configured using JVM arguments during startup

However, importing the certificates in both the trust stores did not solve my issue. On enabling ssl debugging using "-Djavax.net.debug=all" in WebLogic startup arguments I observed that when the service is invoked, SOA is loading only a couple of trusted cerrtificates during my invocation.

CN=CertGenCA,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US.

CN=CertGenCAB,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US.

On googling noticed that these two are the only certificates available in OPSS trust keystore which is being used.

On adding my certificate to OPSS trust keystore, I no longer faced the issue.

Comments

Popular posts from this blog

weblogic.socket.NIOSocketMuxer$2 cannot be cast to javax.net.ssl.SSLSocket - OUAF application

Invalid file name for use with -Xloggc: Filename can only contain the characters [A-Z][a-z][0-9]-_.%[p|t]