NetBeans: How to create a web service client that consumes a SSL protected Metro service?

java web-services ssl wsit

14,213

Answer found here:

You have to run NetBeans with the following options:

<NETBEANS_HOME>/bin/netbeans.exe
-J-Djavax.net.ssl.trustStore=<AS_HOME>/domains/domain1/config/cacerts.jks 
-J-Djavax.net.ssl.keyStore=<AS_HOME>/domains/domain1/config/keystore.jks 
-J-Djavax.net.ssl.trustStorePassword=changeit 
-J-Djavax.net.ssl.keyStorePassword=changeit

I actually set those in <NETBEANS_HOME>/etc/netbeans.conf, in netbeans_default_options. I still got an error though, this just resulted that I am able to generate client code for SSL protected services. Running a simple WS call results in this:

EDIT IMPORTANT The following only happens if you are using the older JAX-WS libraries!

Exception in thread "main" javax.xml.ws.WebServiceException: Cannot find 'https://localhost:8181/myApp/myService?wsdl' wsdl. Place the resource correctly in the classpath.

This can be solved by setting the clients DATASTOREWS_WSDL_LOCATION property with a method like this:

private static URL getURL() {
    try {
        return new URL("https://localhost:8181/myApp/myService?wsdl");
    } catch (MalformedURLException ex) {
        Logger.getLogger(DataStoreWS_Service.class.getName()).log(Level.SEVERE, null, ex);
        return null;
    }
}

This is needed only if you generate it for a simple Java Application, because the generated client code differs for Java Web Application. Also, I just couldn't get it working with a fully qualified hostname, like my local IP. The only thing that worked was localhost. One important thing: Don't forget to bundle the same Metro libraries as on the service side! NB bug report.

14,213

Author by

Daniel Szalay

Hello there :) I am a software engineer with experience in developing applications based on Java SE & EE. On top of my team first mentality, I have a passion for composing systems that resemble fine clockwork, with an open mind for new concepts and technologies. Operating with attention to detail, I produce well-structured, maintainable code that follows coding conventions. When I'm off the keyboard I am usually practicing the same multidisciplinary approach through running and cycling.

Updated on June 04, 2022

Comments

Daniel Szalay almost 2 years

I am trying to add a web service reference to my application in NetBeans 7.0.1. The Metro webservice is protected with SSL and is hosted on the same computer that I want to run the client on. I am using the 'New Web Service Client' wizard, but when I submit an SSL protected WSDL, I get the following error message:

Problem with downloading wsdl or schema file.

Check the URL, proxy settings, or whether the server is running.

URL: https://192.168.0.200:8181/MyApp/myService?wsdl

Metro User Guide - To Secure the Example Web Service Client Application (SSL) states:

In the step where you are directed to cut and paste the URL of the web service that you want the client to consume into the WSDL URL field, type https :// fully-qualified-hostname:8181 /CalculatorApplication/CalculatorWSService?wsdl (changes indicated in bold) to indicate that this client should reference the web service using the secure port. The first time you access this service, accept the certificate (s1as) when you are prompted. This is the server certificate popping up to confirm its identity to the client.

In some cases, you might get an error dialog telling you that the URL https:// fully-qualified-hostname :8181/CalculatorApplication/CalculatorWSService?wsdl couldn't be downloaded. However, this the correct URL, and it does load when you run the service. So, when this error occurs, repeat the steps that create the Web Service Client using the secure WSDL. The second time, the web service reference is created and you can continue creating the client.

No matter how many times I try I still get the same error message (there are no proxies set and the server is running with the services deployed). The WSDL gets displayed in browser after accepting the certificate. If I enter the basic WSDL URL (the one without HTTPS), the wizard accepts it and generates the client. What do I need to do to get this work?

UPDATE

The same applies if I run client and service on different machines. I am using the default development certificate. Retriever output:

Error: An I/O error occured. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target`

Do I have to set keytore and truststore in VMargs? What if I want to have this service reference in the same web application that contains the web services?