Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
Hie,
I wrote a java code which connects to Salesforce and updates a value in there, Its is working well and good when i run it from my local system as a standalone java application but my main goal is to take that as a java component in filenet BPM workflow , so when the workflow process gets to this java component then it throws a error as the title
the entire stack stack trace is as follows
com.sforce.ws.ConnectionException: Failed to send request to https://login.salesforce.com/services/Soap/c/24.0/0DF90000000PX8r
at com.sforce.ws.transport.SoapConnection.send(SoapConnection.java:129)
at com.sforce.soap.enterprise.EnterpriseConnection.login(EnterpriseConnection.java:1052)
at com.sforce.soap.enterprise.EnterpriseConnection.<init>(EnterpriseConnection.java:399)
at salesforceupdate.SalesForceUpdate.main(SalesForceUpdate.java:70)
at salesforceupdate.Callin.UpdateSL(Callin.java:19)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at filenet.vw.integrator.adaptors.java.VWJavaAdaptor.execute(VWJavaAdaptor.java:426)
at filenet.vw.integrator.base.VWAdaptorEx$AdaptorAction.run(VWAdaptorEx.java:120)
at java.security.AccessController.doPrivileged(AccessController.java:284)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:727)
at filenet.vw.integrator.base.VWAdaptorEx.run(VWAdaptorEx.java:360)
Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at com.ibm.jsse2.n.a(n.java:42)
at com.ibm.jsse2.tc.a(tc.java:96)
at com.ibm.jsse2.tc.a(tc.java:340)
at com.ibm.jsse2.tc.a(tc.java:555)
at com.ibm.jsse2.tc.a(tc.java:510)
at com.ibm.jsse2.tc.startHandshake(tc.java:381)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:151)
at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:64)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1024)
at com.ibm.net.ssl.www2.protocol.https.b.getOutputStream(b.java:51)
at com.sforce.ws.transport.JdkHttpTransport.connectRaw(JdkHttpTransport.java:115)
at com.sforce.ws.transport.JdkHttpTransport.connect(JdkHttpTransport.java:79)
at com.sforce.ws.transport.SoapConnection.send(SoapConnection.java:107)
... 13 more
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at com.ibm.jsse2.util.e.<init>(e.java:117)
at com.ibm.jsse2.util.d.a(d.java:20)
at com.ibm.jsse2.hc.a(hc.java:58)
at com.ibm.jsse2.hc.checkServerTrusted(hc.java:88)
at filenet.ws.utils.jsse.FnTrustManager.checkServerTrusted(FnTrustManager.java:156)
at com.ibm.jsse2.hb.a(hb.java:382)
at com.ibm.jsse2.hb.a(hb.java:23)
at com.ibm.jsse2.gb.n(gb.java:295)
at com.ibm.jsse2.gb.a(gb.java:269)
at com.ibm.jsse2.tc.a(tc.java:347)
at com.ibm.jsse2.tc.g(tc.java:416)
at com.ibm.jsse2.tc.a(tc.java:60)
... 21 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:287)
at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:143)
at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:101)
at com.ibm.jsse2.util.e.<init>(e.java:17)
... 32 more
I have googled everything regarding this error and generated a .crt file of the domain and created a keystore file and mentioned that in my code
System.setProperty("javax.net.ssl.trustStore","C:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\bin\\secure.ts");
System.setProperty("javax.net.ssl.trustStorePassword", "xxxxx");
By the way i even modified key managemnet and certificates in WAS console
But I keep on getting the same error..Don't know what to do , Any help would be great
Thanks in Advance
Answer
This error message usually means that your specified truststore can not be read. What I would check:
- Is the path correct? (I'm sure you checked this...)
- Has the user who started the JVM enough access privileges to read the trustore?
- When do you set the system properties? Are they already set when the webservice is invoked?
- Perhaps another component has overridden the values. Are the system properties still set when the webservice is invoked?
- Does the trustore contains the Salesforce certificate and is the file not corrupt (e.g. check with
keytool -list)?
Edit:
- Don't use
System.setPropertybut set the options when starting the Java process with-Djavax.net.ssl.XXX. The reason for this advice is as follows: The IBM security framework may read the options before you set the property (e.g. in astaticblock of a class). Of course this is framework specific and may change from version to version.