Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
597
Views
0
Helpful
0
Replies

REST Post Request causes an javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException

Chris K.
Level 1
Level 1

‎01-18-2019 12:47 AM

Hi,

 

I try to implement a task, that sends a post request from the UCS Director over https to a service, but it fails and returns the following error message:

 

Task: post_request (custom_post_request_GetToken) failed with error - java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, selectedContext=<None>

I use the following code:

 
importPackage(java.util);
importPackage(com.cloupia.lib.util);
importPackage(org.apache.commons.httpclient);
importPackage(org.apache.commons.httpclient.cookie);
importPackage(org.apache.commons.httpclient.methods);
importPackage(org.apache.commons.httpclient.auth);
importPackage(org.apache.commons.httpclient.protocol);
importClass(org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory);
importPackage(com.cloupia.lib.cIaaS.vcd.api);

var httpRequest = function () {};

httpRequest.prototype.setup = function(serverIp, serverPort, transport, username, password) {
this.serverIp = serverIp;
this.transport = transport;
this.username = username;
this.password = password;
this.serverPort = serverPort;
this.httpClient = new HttpClient();

// Decide whether to create an HTTP or HTTPS connection based up 'transport'.
if( this.transport == "https" ) {
this.httpClient = CustomEasySSLSocketFactory.getIgnoreSSLClient(this.serverIp, this.serverPort);
this.httpClient.getParams().setCookiePolicy("default");
} else {
// Create new HTTP connection.
this.httpClient.getHostConfiguration().setHost(this.serverIp, this.serverPort, "http");
}
this.httpClient.getParams().setCookiePolicy("default");

// If username and password supplied, then use basicAuth.
if( this.username && this.password ) {
this.httpClient.getParams().setAuthenticationPreemptive(true);
this.defaultcreds = new UsernamePasswordCredentials(this.username, this.password);
this.httpClient.getState().setCredentials(new AuthScope(this.serverIp, -1, null), this.defaultcreds);
}
};

httpRequest.prototype.contentType = function(contentType) {
this.contentType = contentType;
this.contentTypes = [
["xml","application/xml"],
["json","application/json"]
];

for( this.i=0; this.i<this.contentTypes.length; this.i++)
if(this.contentTypes[this.i][0] == this.contentType)
this.httpMethod.addRequestHeader("Content-Type", this.contentTypes[this.i][1]);
};

httpRequest.prototype.addHeader = function(headerName,headerValue) {
this.headerName = headerName;
this.headerValue = headerValue;
this.httpMethod.addRequestHeader(this.headerName, this.headerValue);
};

httpRequest.prototype.execute = function() {
// Connection:close is hard coded here in order to ensure that the TCP connection
// gets torn down immediately after the request. Comment this line out if you wish to
// experiment with HTTP persistence.
this.httpMethod.addRequestHeader("Connection", "close");
this.httpClient.executeMethod(this.httpMethod);
// Retrieve status code.
this.statusCode = this.httpMethod.getStatusCode();
return this.statusCode;
};

httpRequest.prototype.getRequest = function(uri) {
this.uri = uri;
// Get request.
this.httpMethod = new GetMethod(this.uri);
};

httpRequest.prototype.postRequest = function(uri,bodytext) {
this.uri = uri;
this.bodytext = bodytext;
// POST Request.
this.httpMethod = new PostMethod(this.uri);
this.httpMethod.setRequestEntity(new StringRequestEntity(this.bodytext));
};

httpRequest.prototype.getResponse = function(asType) {
this.asType = asType;
if( this.asType == "asStream" )
return this.httpMethod.getResponseBodyAsStream();
else
return this.httpMethod.getResponseBodyAsString();
};

httpRequest.prototype.deleteRequest = function(uri) {
this.uri = uri;
// Get request.
this.httpMethod = new DeleteMethod(this.uri);
};

httpRequest.prototype.disconnect = function() {
// Release connection.
this.httpMethod.releaseConnection();
};


var debug = 1;

var username = input.username;
var password = input.password;

var serverAddress = "111.222.111.222";
var serverPort = 443;
var serverProtocol = 'https';

var MAX_REFRESHES = 3;
var TOKEN_LIFETIME = 60 * 30;

var uri="/api/generatetoken";
var bodytext='';

if ( debug == 1 ) {
logger.addInfo('serverAddress: '+ serverAddress);
logger.addInfo('serverProtocol: '+ serverPort);
logger.addInfo('uri: '+ uri);
logger.addInfo('body: '+ bodytext);
}


var request = new httpRequest();

request.setup(serverAddress,serverPort,serverProtocol,username,password);

request.postRequest('https://111.222.111.222/api/generatetoken',bodytext);

request.contentType('json');

var statusCode = request.execute();
logger.addInfo("Request 1 status code: " +statusCode);

var response = request.getResponse("asString");
if ( debug == 2 ) {
logger.addInfo("Response: " + response);
}

//output.HTTPResponse=response;
//output.HTTPResponseCode=statusCode;
request.disconnect();
 
We also tested this post request with a Python script, where it worked without problems.
 
How can I get this task running? Is it possible to just ignore the certificate validation?
Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Cisco UCS X-Series Energy Efficiency Offer