How to generate client code using wsdl2java through https?

Question

I'm using Tomcat 6 and CXF 3 to implement some web services. I need to generate client code by using wsdl2java command on my local server. And it works on http protocol:

wsdl2java -frontend jaxws21 -p com.activenetwork.iam.ws.client -d "D:\devtools\workspace\TestClient\src" -encoding utf-8 -client -V http://localhost:8080/IAM/services/employee?wsdl

But, after i updated the server to https protocal, the command doesn't work anymore

wsdl2java -frontend jaxws21 -p com.activenetwork.iam.ws.client -d "D:\devtools\workspace\TestClient\src" -encoding utf-8 -client -V https://localhost:8443/IAM/services/employee?wsdl

I got below error:

Loading FrontEnd jaxws21 ...
Loading DataBinding jaxb ...
wsdl2java -frontend jaxws21 -p com.activenetwork.iam.ws.client -d D:\devtools\workspace\TestClient\src -encoding utf-8 -client -V https://localhost:8443/IAM/services/employee?wsdl
wsdl2java - Apache CXF 3.0.0-milestone2


WSDLToJava Error: org.apache.cxf.wsdl11.WSDLRuntimeException: FAIL_TO_CREATE_WSDL_DEFINITION

org.apache.cxf.tools.common.ToolException: org.apache.cxf.wsdl11.WSDLRuntimeException: FAIL_TO_CREATE_WSDL_DEFINITION
        at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:420)
        at org.apache.cxf.tools.common.toolspec.ToolRunner.runTool(ToolRunner.java:103)
        at org.apache.cxf.tools.wsdlto.WSDLToJava.run(WSDLToJava.java:113)
        at org.apache.cxf.tools.wsdlto.WSDLToJava.run(WSDLToJava.java:86)
        at org.apache.cxf.tools.wsdlto.WSDLToJava.main(WSDLToJava.java:184)
Caused by: org.apache.cxf.wsdl11.WSDLRuntimeException: FAIL_TO_CREATE_WSDL_DEFINITION
        at org.apache.cxf.tools.wsdlto.core.WSDLDefinitionBuilder.parseWSDL(WSDLDefinitionBuilder.java:99)
        at org.apache.cxf.tools.wsdlto.core.WSDLDefinitionBuilder.build(WSDLDefinitionBuilder.java:71)
        at org.apache.cxf.tools.wsdlto.frontend.jaxws.wsdl11.JAXWSDefinitionBuilder.build(JAXWSDefinitionBuilder.java:83)
        at org.apache.cxf.tools.wsdlto.frontend.jaxws.wsdl11.JAXWSDefinitionBuilder.build(JAXWSDefinitionBuilder.java:60)
        at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.processWsdl(WSDLToJavaContainer.java:198)
        at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:164)
        at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:412)
        ... 4 more
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: Problem parsing 'https://localhost:8443/IAM/services/employee?wsdl'.: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unableto find valid certification path to requested target
        at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2198)
        at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2390)
        at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2422)
        at org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:217)
        at org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:156)
        at org.apache.cxf.tools.wsdlto.core.WSDLDefinitionBuilder.parseWSDL(WSDLDefinitionBuilder.java:80)
        ... 10 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested target
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135)
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
        at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:676)
        at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:186)
        at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:772)
        at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
        at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:119)
        at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:232)
        at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:284)
        at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2188)

        ... 15 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
        at sun.security.validator.Validator.validate(Validator.java:218)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1188)
        ... 34 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
        ... 40 more

It looks this is a certificate problem. I'm not familiar with this, can someone point me out how to solve this problem?

Answer 1

Modify your wsdl2java.bat file to pass on keystore file and password to jvm which would look something like below

"%JAVA_HOME%\bin\java" -Djavax.net.ssl.trustStore="{keystorefile}" -Djavax.net.ssl.trustStorePassword="{password}" -Djavax.net.ssl.keyStoreType="jks" -Dorg.jboss.security.ignoreHttpsHost="true" -Xmx128M -Djava.endorsed.dirs="%CXF_HOME%\lib\endorsed" -cp "%CXF_JAR%;%TOOLS_JAR%;%CLASSPATH%" -Djava.util.logging.config.file="%CXF_HOME%\etc\logging.properties" org.apache.cxf.tools.wadlto.WADLToJava %*

The other option is import certificate to your jdks jdk's security directory using keytool

Answer 2

Below code works for me. Add in pom.xml

<!-- plug in for wsdl to java -->
<plugin>
    <groupId>org.codehaus.mojo</groupId>
    <artifactId>properties-maven-plugin</artifactId>
    <version>1.0-alpha-2</version>
    <executions>
        <execution>
        <goals>
        <goal>set-system-properties</goal>
        </goals>
        <configuration>
            <properties>
            <property>
                <name>javax.net.ssl.keyStore</name>
                <value>/path/to/keysore.jks</value>
            </property>
            <property>
                <name>javax.net.ssl.keyStoreType</name>
                <value>jks</value>
            </property>
            <property>
                <name>javax.net.ssl.keyStorePassword</name>
                <value>changeit</value>
            </property>
            </properties>
        </configuration>
        </execution>
    </executions>
</plugin>

<plugin>
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-codegen-plugin</artifactId>
    <version>3.2.6</version>
    <executions>
        <execution>
            <id>generate-sources</id>
            <phase>generate-sources</phase>
            <configuration>
                <sourceRoot>${basedir}/src/main/java</sourceRoot>
                <wsdlOptions>
                    <wsdlOption>
                        <wsdl>https://example.com/test/WebService?wsdl</wsdl>

                        <!-- to change package name -->
                        <extraargs>
                            <extraarg>-p</extraarg>
                            <extraarg>namespace/name/in/swdl=in.new.package.name</extraarg>
                        </extraargs>
                        <!-- to change package name -->
                    </wsdlOption>
                </wsdlOptions>
            </configuration>
            <goals>
                <goal>wsdl2java</goal>
            </goals>
        </execution>
    </executions>
</plugin>
<!-- plug in for wsdl to java -->

Answer 3

Your Keystore doesn't have the valid certification to access the link, that's why you are facing this error. To solve this, follow the steps given in this link https://confluence.atlassian.com/kb/connecting-to-ssl-services-802171215.html

I followed the steps for Command Line Installation in the above link, and it worked for me