I am trying to connect to a secured web socket to consume a API. Below is the source code. Hosting environment configuration is JRE 1.7 and Tomcat 7.
import java.net.URI;
import javax.websocket.ClientEndpoint;
import javax.websocket.CloseReason;
import javax.websocket.ContainerProvider;
import javax.websocket.OnClose;
import javax.websocket.OnMessage;
import javax.websocket.OnOpen;
import javax.websocket.Session;
import javax.websocket.WebSocketContainer;
import org.apache.log4j.Logger;
@ClientEndpoint
public final class SocketRateFeed
{
private static final Logger logger = Logger.getLogger(SocketRateFeed.class);
private Session sessionWS;
public static void startContainer()
{
try
{
URI wsURI = new URI("wss://websocket.abc.xyz/?api_key=qwerty&user_id=ASDF");
WebSocketContainer container = ContainerProvider.getWebSocketContainer();
container.connectToServer(new SocketRateFeed() , wsURI);
}
catch(Exception exp)
{
logger.error(exp.getMessage() , exp);
}
}
....other annotated methods
}
This is stack trace.
28-02-2017 11:24:37 localhost-startStop-1 ERROR SocketRateFeed.startContainer(30) : The HTTP request to initiate the WebSocket connection failed
javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed
at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:325)
at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:166)
............
Caused by: java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.java:511)
at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:291)
... 17 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1395)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:516)
at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1193)
at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1165)
at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)
at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.java:371)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1702)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:281)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1477)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:961)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:901)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:899)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1333)
at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.java:397)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:350)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:260)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:283)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:138)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1464)
... 7 more
Caused by: java.security.cert.CertPathValidatorException: timestamp check failed
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:159)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:353)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:191)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:279)
at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:345)
... 13 more
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Sat May 21 17:56:00 IST 2016
at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:273)
at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:576)
at sun.security.provider.certpath.BasicChecker.verifyTimestamp(BasicChecker.java:184)
at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:136)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:133)
... 17 more
I would be very helpful if anyone can provide solution/workaround or bypass trick for this issue. Thanks.
CertificateExpiredException: NotAfter: Sat May 21 17:56:00 IST 2016
Why you do not renew it? – Toffey