Spring Integration WS outbound gateway SSL

0
votes

We have an external soap service and the below works

<bean id="WSACallbackKlen" class="nbr.ei.util.LctionCallback">
        <constructor-arg index="0" value="http://serviations.bnst.n/toezicht/ka/km/KkService/tnRequest"></constructor-arg>
        <constructor-arg index="1" value="http://servtions.bnst.n.tst.st3/toet/ka/km/Kervice"></constructor-arg>
    </bean> 
    <int:chain input-channel="kkChannel" output-channel="dest-channel">
        <ws:header-enricher>       
            <ws:soap-action value="http://servicons.belt.n/toet/ka/kk/KKserice/tnRequest"/>
        </ws:header-enricher>           
        <ws:outbound-gateway uri="http://bb-k1.ts.nst.n/wsb/router" request-callback="WSACallbackKlen" message-sender="kkMsageSender"/>
    </int:chain>

It was made secure and so updated uri in outbound gateway to uri="https://bb-k1.ts.nst.n/wsb/router"

Error when doing integration testing with spring context -

org.springframework.ws.client.WebServiceIOException: I/O error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:561)
at org.springframework.integration.ws.SimpleWebServiceOutboundGateway.doHandle(SimpleWebServiceOutboundGateway.java:98)
..

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)

How to create ws:outbound-gateway work for https type? I dont know how to specify certificate, if required

1
spring-integration
>I tried message-factory, but getting error. - edit the question to show that configuration and the actual exception you are seeing.Gary Russell

1 Answers

1
votes

To handle SSL on client side you need to use a HttpsUrlConnectionMessageSender or HttpComponentsMessageSender and really have appropriate client sertificates in the cacerts store.

See https://www.baeldung.com/java-ssl for more info.

Also you can borrow some info from the Spring WS Docs: https://docs.spring.io/spring-ws/docs/3.0.4.RELEASE/reference/#security

There is nothing special to do from the Spring Integration perspective.