Support Article
WS-Security profile of Connect-Soap is not working correctly
SA-10751
Summary
A WSDL file from a different system is provided. The end point URL is a HTTPS request. Connect-Soap is used to receive the request. A certificate in CRT format and CA_Root.jks file is provided.
User converts the CRT file into JKS format, creates a keystore rule and uploads the converted file in the keystore rule. Then the user creates a web service security profile and mentions the keystore created in keystore and truststore field in the keystore tab of security profile. On submitting the request without mentioning any security profile an error is encountered.
Error Messages
pySoapFaultReason: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target .
pyInvocationException: Java Object: javax.net.ssl.SSLHandshakeException.
Steps to Reproduce
1. Create a Connect SOAP rule
2. Using the advanced tab of the SOAP rule, configure the security profile.
3. Import the keystore file in the Keystore tab of the Security profile.
4. Using the secured service endpoint that is the service running on HTTPS, invoke the rule from an activity.
Root Cause
While executing the activity which is using Connect SOAP rule, security profile is not selected and WS security is checked.
Resolution
This issue is resolved by mentioning the security profile and unchecking the WS Security checkbox, which allows the Connect SOAP rule to use SSL to complete the handshake with the service.
Selecting the WS Security results in the usage of web service security which is another level of security and not required in this case.
Published June 29, 2015 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.