We are developing an application in java and since a few weeks ago we have a problem that we are not able to solve.
This is a call to a webservice to obtain a series of data with certificates.
We have followed the following steps for the creation of the artifacts and the subsequent call
We launched the wsimport command in the windows cmd
wsimport -keep https://xxx/xxx/xxx.svc?singleWsdl -s C:\Users\mvelasco\Documents\xx\xxxx\src\main\java -Xauthfile C:\Users\mvelasco\authwsdl.txt
It generates a series of classes with the structures of the ws and the datacontract. 
We have imported the certificates
keytool -importcert -keystore "C:\Program Files\java\jdk1.7.0_60\jre\lib\security\cacerts" -file <ruta certificados> -alias x
We have created a class with the following ws call method
private static void llamadaAlServicio() {
IDocumentosService port = (new DocumentosService())
.getBasicHttpBindingIDocumentosService();
BindingProvider prov = (BindingProvider) port;
log.error("Username: "+ContextProperties.getAsiturWsUsuario());
log.error("Password: " +ContextProperties.getAsiturWsPassword());
prov.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
ContextProperties.getAsiturWsUsuario());
prov.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
ContextProperties.getAsiturWsPassword());
ArrayOfAttachmentDTO arrAttachmentDTO = port
.getAllAttachments("1234567");
}
The DocumentService class is generated by JAX-WS
@WebServiceClient(name = "DocumentosService", targetNamespace = "http://tempuri.org/", wsdlLocation = "https://xxx/xxx/xxx.svc?singleWsdl")
public class DocumentosService
extends Service
{
private final static URL DOCUMENTOSSERVICE_WSDL_LOCATION;
private final static WebServiceException DOCUMENTOSSERVICE_EXCEPTION;
private final static QName DOCUMENTOSSERVICE_QNAME = new QName("http://tempuri.org/", "DocumentosService");
static {
URL url = null;
WebServiceException e = null;
try {
url = new URL("https://xxx/xxx/xxx.svc?singleWsdl");
} catch (MalformedURLException ex) {
e = new WebServiceException(ex);
}
DOCUMENTOSSERVICE_WSDL_LOCATION = url;
DOCUMENTOSSERVICE_EXCEPTION = e;
}
public DocumentosService() {
super(__getWsdlLocation(), DOCUMENTOSSERVICE_QNAME);
}
public DocumentosService(WebServiceFeature... features) {
super(__getWsdlLocation(), DOCUMENTOSSERVICE_QNAME, features);
}
public DocumentosService(URL wsdlLocation) {
super(wsdlLocation, DOCUMENTOSSERVICE_QNAME);
}
public DocumentosService(URL wsdlLocation, WebServiceFeature... features) {
super(wsdlLocation, DOCUMENTOSSERVICE_QNAME, features);
}
public DocumentosService(URL wsdlLocation, QName serviceName) {
super(wsdlLocation, serviceName);
}
public DocumentosService(URL wsdlLocation, QName serviceName, WebServiceFeature... features) {
super(wsdlLocation, serviceName, features);
}
/**
*
* @return
* returns IDocumentosService
*/
@WebEndpoint(name = "BasicHttpBinding_IDocumentosService")
public IDocumentosService getBasicHttpBindingIDocumentosService() {
return super.getPort(new QName("http://tempuri.org/", "BasicHttpBinding_IDocumentosService"), IDocumentosService.class);
}
/**
*
* @param features
* A list of {@link javax.xml.ws.WebServiceFeature} to configure on the proxy. Supported features not in the <code>features</code> parameter will have their default values.
* @return
* returns IDocumentosService
*/
@WebEndpoint(name = "BasicHttpBinding_IDocumentosService")
public IDocumentosService getBasicHttpBindingIDocumentosService(WebServiceFeature... features) {
return super.getPort(new QName("http://tempuri.org/", "BasicHttpBinding_IDocumentosService"), IDocumentosService.class, features);
}
private static URL __getWsdlLocation() {
if (DOCUMENTOSSERVICE_EXCEPTION!= null) {
throw DOCUMENTOSSERVICE_EXCEPTION;
}
return DOCUMENTOSSERVICE_WSDL_LOCATION;
}
}
4.The PROBLEM is that from our machines in local windows we get the ws to respond correctly with this implementation. However, when we went into pre-production environments under Linux, we could not connect. The trace that appears is the following
2018-02-21 18: 35: 15,614 [Thread-22] [WARN] (com.sun.xml.internal.ws.wspolicy.EffectiveAlternativeSelector: 255) - > WSP0075: Policy assertion "{ link } BasicAuthentication" was evaluated as "UNKNOWN". 2018-02-21 18: 35: 15,615 [Thread-22] [ WARN] (com.sun.xml.internal.ws.wspolicy.EffectiveAlternativeSelector: 255) - > WSP0019: Suboptimal policy alternative selected on the client side with fitness "UNKNOWN". 2018-02-21 18: 35: 15,666 [Thread-22] [ERROR] (com.noaris.agis.util.DocumentosServiceUtil: 116) - > Usernamejavax.xml.ws.security.auth.username 2018-02-21 18: 35: 15,667 [Thread-22] [ERROR] (com.noaris.agis.util.DocumentosServiceUtil: 117) - > Passwordjavax.xml.ws.security.auth.password 2018-02-21 18: 35: 15,667 [Thread-22] [ERROR] (com.noaris.agis.util.DocumentosServiceUtil: 44) - > Call the GetAttachment service with the data: 593718000029818 2018-02-21 18: 35: 15,741 [Thread-22] [ERROR] (com.noaris.agis.util.DocumentosServiceUtil: 63) - > HTTP transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 2018-02-21 18: 35: 15,742 [Thread-22] [ERROR] (com.noaris.agis.screens.expedientes.DetalleExpediente_DocumentacionVM: 1040) - > Unexpected error during the obtaining of data from the DocumentsService service for the file593718000029818 com.noaris.agis.exception.BusinessException at com.noaris.agis.util.DocumentosServiceUtil.getComunicaciones (DocumentosServiceUtil.java:65) at com.noaris.agis.screens.expedientes.DetalleExpediente_DocumentacionVM $ DocumentosServiceThread.run (DetalleExpediente_DocumentacionVM.java:1028)
The certificates in the preproduction machines are well installed in the java jacks. Therefore the exception unable to find valid certification path to requested target , we can not understand why it is launched.
On the other hand, two warn "UNKNOWN" appear when you enter the DocumentService class. We think that maybe this may be because when we enter the wsdl we need to get credit in advance. In this case we do not know how to insert the username and password before calling the wsdl ... if necessary.
We have been stuck with this problem for weeks. Any kind of help would be appreciated. Greetings and thanks