cancel
Showing results for 
Search instead for 
Did you mean: 

SunCertPathBuilderException - Import SSL certificate in Netweaver Java

former_member190085
Participant
0 Kudos

Hi Experts,

      I have to make a http call to a third party url with https (Eg., https://<exthost>/path/example) from the application server Java. So, i implemented the below code.

CloseableHttpClient httpClient = HttpClients.createDefault();

  //HttpPost postRequest = new HttpPost(UtilMethods.getEzPayRegisterUrl(request));

  HttpPost req = new HttpPost("https://host/path/example");

  HttpResponse ezpayResponse = httpClient.execute(req);

On deploying this code in a web module project and running it, I'm getting the below exception in the logs.

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

On browsing about this exception, I found that it required the certificate to be added to the trusted store of the server. So, i got the certificate by opening this third party url in the browser and copied the certificate to a file (X509 .cer). And, under NWA->Configuration->Security->Certificate and Keys, I imported the certificates for the view 'TrustedCAs'. But, still i face the same issue.

Am I missing something here? Kindly help me in this regard.

Thanks & Regards

Vijay.K

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

What is the version of your AS Java? You need to use Destination Service API.

former_member190085
Participant
0 Kudos

Hi Roman,

     Thanks, this approach helped me. Actually, i expected to get some answers for why my approach didn't work, which i still don't know, but the approach of creating HTTP destination in NWA and using Destination service to get it worked without giving any SSL issue. I didn't have to add any certificate at all.

So, I assume that there is some problem in using Apache HTTP Components API in SAP Web AS java for HTTPS calls. Infact, the problem was soved just by using java.net.HttpUrlConnection and executing the URL. So, it was NOT mandatory for me to use Destination API to resolve this error, but anyway using HTTP destination in NWA is a better way than to hardcode URLs in the code.

Thanks again for the help.

Regards

Vijay.K

Former Member
0 Kudos

> Actually, i expected to get some answers for why my approach didn't work, which i still don't know, but the approach of creating HTTP destination in NWA and using Destination service to get it worked without giving any SSL issue. I didn't have to add any certificate at all.

What is your HTTP destination configuration?

> Infact, the problem was soved just by using java.net.HttpUrlConnection and executing the URL.

Can you explain a bit more your results?

former_member190085
Participant
0 Kudos

Okay, without using HTTP Destination API, we can just execute a basic HTTP call like below.

import java.io.BufferedReader;

import java.io.IOException;

import java.io.InputStreamReader;

import java.io.UnsupportedEncodingException;

import java.net.URL;

import java.net.URLConnection;

URL ezpay = new URL("https://host/path....");

URLConnection con = ezpay.openConnection();    

BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));

StringBuffer postresponse = new StringBuffer();

String inputLine;

while ((inputLine = in.readLine()) != null)

             postresponse.append(inputLine);

in.close();

Now, postresponse will have the response content as string.

Now, if we create destinations, we can get HttpURLConnection like below and execute the HTTP call in the same way, where DEST1 is the name of my http destination. In it's configuration, i choose to Ignore SSL certification and No Authentication.

import java.net.HttpURLConnection;

Context ctx = new InitialContext();

DestinationService dstService = (DestinationService)

ctx.lookup(DestinationService.JNDI_KEY);

httpDestination = (HTTPDestination)dstService.getDestination("HTTP","DEST1");

HttpURLConnection con = (HttpURLConnection)httpDestination.getURLConnection();

In using both these approaches, I didn't get the SSL certificate exception.

Regards

Vijay.K

Answers (0)