I wrote a webservice client and now fail to get it to run through https. Although I imported the cert.pfx(alias=cert) into javas cacerts and succesfully added an entry with the certs alias.
Still i cant use the wsimport prompt on the wsdl url. It says: PKIX path building failed unable to find valid certification path to requested target. Well okay. So i researched a bit and tried setting it with
setlocal set _JAVA_OPTIONS=%_JAVA_OPTIONS%
-Djavax.net.ssl.trustStore="C:\Program Files\Java\jdk1.7.0_79\jre\lib\security\cacerts"
-Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStoreType=PKCS12 -Djavax.net.ssl.keyStorePassword=xxxxxxxxx -Djavax.net.ssl.keyStore="d:\cert.pfx" "C:\Program Files\Java\jdk1.7.0_79\bin\wsimport" -s C:\Users\me\keystore\bin\s
-keep https://service.xxxxxxxxxxx.de/xxxxxxxxxxxxTest?wsdl endlocal
without success.
I also tried exporting the certificate out of the cert.pfx file and then importing the certificate into cacerts via keytool -exportcert and keytool -importcert. Later I tried exporting the certificates from my browser (because my browser handles the certificates just fine and can access the https url). I exported the root certificate into a root.cer file and imported this .cer into my cacerts (I had to use a different alias than cert. With cert as alias i got a "Keys not matching" message in the console when using the keytool prompt).
A dump on cacerts shows that there is indeed an entry in cacerts. I dont get why java refuses to do a wsimport on the url.
In the end i just downloaded the url destination onto my machine and did the wsimport on the downloaded .xml-file and later changed the url parameters in the generated stubs. Doesnt help though, because when i run the application im running into the "PKIX...unable to find valid certification path to requested target" error.