0

I'm trying to connect to https url - https://rtpubcommission.api.cj.com/wsdl/version2/realtimeCommissionServiceV2.wsdl

But getting the errors (listed only chain of errors, without full stacktrace):

com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: java.security.PrivilegedActionException: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
Caused by: java.security.PrivilegedActionException: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA is disabled
Caused by: java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA is disabled

Here is my code:

private void processCommonRequest(String url, HashMap<String, String> params) throws Exception {
    URL endpoint = new URL(url);

    //MessageDigest md = MessageDigest.getInstance("MD5"); 

    //System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
    //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

    // Create SOAP connection
    SOAPConnectionFactory scf = SOAPConnectionFactory.newInstance();
    SOAPConnection connection = scf.createConnection();

    // Create a message from the message factory.
    MessageFactory mf = MessageFactory.newInstance();
    SOAPMessage msg = mf.createMessage();

    // Get the SOAP Part from the message
    SOAPPart soapPart = msg.getSOAPPart();

    // Get the SOAP Envelope from the SOAP Part
    SOAPEnvelope envelope = soapPart.getEnvelope();
    envelope.addNamespaceDeclaration("SOAP-ENC", "http://schemas.xmlsoap.org/soap/encoding/");
    envelope.addNamespaceDeclaration("xsd", "http://www.w3.org/1999/XMLSchema");
    envelope.addNamespaceDeclaration("xsi", "http://www.w3.org/1999/XMLSchema-instance-instance");
    envelope.addNamespaceDeclaration("tns", "http://api.cj.com");
    envelope.setEncodingStyle("http://schemas.xmlsoap.org/soap/encoding/");
    // Remove empty header from the Envelope
    envelope.getHeader().detachNode();

    // Create a soap body from the Envelope.
    SOAPBody body = envelope.getBody();
    body.addNamespaceDeclaration("soap-env", "http://schemas.xmlsoap.org/soap/encoding/");

    // SOAPBodyElement item = body.addBodyElement(envelope.createName("GeScore") );
    SOAPBodyElement item = body.addBodyElement(envelope.createName(
            "GeScore", "soap-env", "http://schemas.xmlsoap.org/soap/encoding/"));

    for (String keyMap : params.keySet()) {
        addItem(envelope, keyMap, params.get(keyMap), item);
    }

    System.out.println("\nContent of the message: \n"); // FIXME
    msg.writeTo(System.out);

    // Send the SOAP message and get reply
    System.err.println("\nSending message to URL: " + endpoint); // XXX
    SOAPMessage reply = connection.call(msg, endpoint);

  // ... nevermind what later ... .call function throws error ....

    connection.close();
}
Improve this question
1

1 Answer 1

Reset to default
1

The MD2 is not secure any more, so Sun disabled its use in certification path validation. In the Release Notes of security update 6u17, http://java.sun.com/javase/6/webnotes/6u17.html, it is said that the vulnerability is addressed, "6861062: Disable MD2 in certificate chain validation".

You could either run your code on older version of JRE (before 6u17) or try latest version instead, as there are some reports that it might work (https://forums.oracle.com/forums/thread.jspa?threadID=1237743).

Alternatively you could try to use custom TrustManager, although it's not recommended if security is important for you.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.