Mule SOAP вызывается через SSL-результат «не удалось найти допустимый путь сертификации для запрошенной цели»

Question

У меня возникла проблема с активацией потока мула, который использует пользователя веб-службы, чтобы попасть в службу SOAP, работающую через HTTP. Вот моя конфигурация:

<https:connector name="httpsConnector" doc:name="HTTP-HTTPS"> 
    <https:tls-key-store path="keystore.jks" keyPassword="****" storePassword="****"/> 
</https:connector> 
<ws:consumer-config name="Web_Service_Consumer" wsdlLocation="https://sm1.actions.aclu.org:7443/sm/services/mailing/v2?wsdl" service="MailingService" port="MailingServicePort" serviceAddress="https://sm1.actions.aclu.org:7443/sm/services/mailing/v2" doc:name="Web Service Consumer" connector-ref="httpsConnector"> 
    <ws:security> 
     <ws:wss-username-token username="muleapi" password="k%t5mSZRgWsAjGwq" passwordType="TEXT" addCreated="true" addNonce="true"/> 
    </ws:security> 
</ws:consumer-config> 
<flow name="soaptestFlow"> 
    <poll doc:name="Poll"> 
     <ws:consumer config-ref="Web_Service_Consumer" operation="list" doc:name="Web Service Consumer" /> 
    </poll> 
    <mulexml:xml-to-object-transformer mimeType="application/java" doc:name="XML to Obj"/> 
    <logger message="extracted data: #[payload]" level="INFO" doc:name="Logger"/> 
</flow> 

Хранилище ключей сгенерированы и помещены в каталоге ресурсов проекта. Я также импортировал сертификат для сервера, к которому я пытаюсь связаться.

Ошибки я получаю это:

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) ~[?:1.7.0_80] 
    at java.security.cert.CertPathBuilder.build(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.validator.Validator.validate(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.Handshaker.processLoop(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.Handshaker.process_record(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) ~[?:1.7.0_80] 
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) ~[?:1.7.0_80] 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) ~[?:1.7.0_80] 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) ~[?:1.7.0_80] 
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) ~[?:1.7.0_80] 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source) ~[?:1.7.0_80] 
    at java.net.URL.openStream(Unknown Source) ~[?:1.7.0_80] 
    at com.ibm.wsdl.util.StringUtils.getContentAsInputStream(StringUtils.java:158) ~[wsdl4j-1.6.3.jar:1.6.3] 
    at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2270) ~[wsdl4j-1.6.3.jar:1.6.3] 
    at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2239) ~[wsdl4j-1.6.3.jar:1.6.3] 
    at org.mule.module.ws.consumer.WSConsumer.parseWsdl(WSConsumer.java:356) ~[mule-module-ws-3.7.2.jar:3.7.2] 
    at org.mule.module.ws.consumer.WSConsumer.initialise(WSConsumer.java:91) ~[mule-module-ws-3.7.2.jar:3.7.2] 
    at org.mule.endpoint.DefaultInboundEndpoint.createMessageProcessorChain(DefaultInboundEndpoint.java:172) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.endpoint.AbstractEndpoint.getMessageProcessorChain(AbstractEndpoint.java:521) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.endpoint.DefaultInboundEndpoint.start(DefaultInboundEndpoint.java:100) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.construct.AbstractFlowConstruct.startIfStartable(AbstractFlowConstruct.java:325) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.construct.AbstractPipeline.doStart(AbstractPipeline.java:353) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.construct.Flow.doStart(Flow.java:90) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.construct.AbstractFlowConstruct$2.onTransition(AbstractFlowConstruct.java:136) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.construct.AbstractFlowConstruct$2.onTransition(AbstractFlowConstruct.java:132) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.AbstractLifecycleManager.invokePhase(AbstractLifecycleManager.java:138) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.construct.FlowConstructLifecycleManager.fireStartPhase(FlowConstructLifecycleManager.java:92) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.construct.AbstractFlowConstruct.start(AbstractFlowConstruct.java:131) ~[mule-core-3.7.2.jar:3.7.2] 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.7.0_80] 
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:1.7.0_80] 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:1.7.0_80] 
    at java.lang.reflect.Method.invoke(Unknown Source) ~[?:1.7.0_80] 
    at org.mule.lifecycle.phases.DefaultLifecyclePhase.applyLifecycle(DefaultLifecyclePhase.java:237) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.RegistryLifecycleCallback.doApplyLifecycle(RegistryLifecycleCallback.java:91) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.RegistryLifecycleCallback.onTransition(RegistryLifecycleCallback.java:67) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.RegistryLifecycleManager.invokePhase(RegistryLifecycleManager.java:140) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.RegistryLifecycleManager.fireLifecycle(RegistryLifecycleManager.java:111) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.registry.AbstractRegistryBroker.fireLifecycle(AbstractRegistryBroker.java:88) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.registry.MuleRegistryHelper.fireLifecycle(MuleRegistryHelper.java:141) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.MuleContextLifecycleManager$MuleContextLifecycleCallback.onTransition(MuleContextLifecycleManager.java:91) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.MuleContextLifecycleManager$MuleContextLifecycleCallback.onTransition(MuleContextLifecycleManager.java:87) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.MuleContextLifecycleManager.invokePhase(MuleContextLifecycleManager.java:69) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.lifecycle.MuleContextLifecycleManager.fireLifecycle(MuleContextLifecycleManager.java:61) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.DefaultMuleContext.start(DefaultMuleContext.java:294) ~[mule-core-3.7.2.jar:3.7.2] 
    at org.mule.module.launcher.application.DefaultMuleApplication.start(DefaultMuleApplication.java:134) ~[mule-module-launcher-3.7.2.jar:3.7.2] 

Answer 1

Если ваше приложение является потребителем вам не нужно определить хранилище ключей, вместо того, чтобы определить доверенные сертификаты или просто добавить сертификат сервера в JRE cacert, который является default truststore.

Вы можете получить некоторую помощь с этим сообщений: Unable to find valid certification path to requested target - error even after cert imported

What is difference between cacerts and keystore

Cheers,