issue with the swagger validator when trying to read yaml file from https port

Comments (13)

1. 

   Sven Döring

   Do you start your application with a key- and truststore enabled with the correct key- and truststore password? That should enable reading the yaml from the https connection.

   Can you read the yaml file before initializing the Swagger Request Validator? If not the problem might not be the S-R-V.

   • 2018-07-02T19:32:12+00:00
2. 

   Moataz Nabil

   Thank you for replying and can you give me example for key- and truststore , I tried with RestAssured.useRelaxedHTTPSValidation() but not working for yaml file

   • 2018-07-03T18:15:12+00:00
3. 

   Sven Döring

   Does this help? https://github.com/rest-assured/rest-assured/issues/790

   • 2018-07-03T18:22:42+00:00
4. 

   Sven Döring

   Can you try to load the .yaml from your local resources? Just to make sure it's the connection to your https server.

   • 2018-07-03T18:27:51+00:00
5. 

   Moataz Nabil

   I was reading the yaml file from local folder in the project and there was any problems , but when change to the published url with the service the problem occurred

   • 2018-07-04T11:32:48+00:00
6. 

   Sven Döring

   Please add this to your test (I suppose it is JUnit).

       @BeforeClass
       public static void setUpSpec() {
           final TrustManager[] trustAllCerts = new TrustManager[]{
                   new X509TrustManager() {
                       public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                           return new X509Certificate[0];
                       }
   
                       public void checkClientTrusted(
                               java.security.cert.X509Certificate[] certs, String authType) {
                       }
   
                       public void checkServerTrusted(
                               java.security.cert.X509Certificate[] certs, String authType) {
                       }
                   }
           };
   
           try {
               final SSLContext sc = SSLContext.getInstance("SSL");
               sc.init(null, trustAllCerts, new java.security.SecureRandom());
               HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
           } catch (final GeneralSecurityException e) {
               System.out.println("ERROR!!! Should not happen: " + e.getMessage());
           }
       }
   

   And here are the imports:

   import java.security.GeneralSecurityException;
   import java.security.cert.X509Certificate;
   
   import javax.net.ssl.HttpsURLConnection;
   import javax.net.ssl.SSLContext;
   import javax.net.ssl.TrustManager;
   import javax.net.ssl.X509TrustManager;
   
   import org.junit.BeforeClass;
   

   This registers a Truststore for the running JVM which accpets every certificate.

   • 2018-07-04T18:31:38+00:00
7. 

   Moataz Nabil

   It solved the certificate issue with yaml file but I got Connection refused error from the the endpoint itself

   • 2018-07-05T14:15:11+00:00
8. 

   Sven Döring

   Is this an issue by the S-R-V?

   • 2018-07-05T19:26:30+00:00
9. 

   Moataz Nabil

   what is the S-R-V ?

   • 2018-07-06T09:39:00+00:00
10. 

    Sven Döring

    S-R-V => Swagger-Request-Validator

    • 2018-07-06T11:42:56+00:00
11. 

    Moataz Nabil

    :) ok , no it's related to this security issue

    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    • 2018-07-06T13:53:35+00:00
12. 

    Sven Döring

    So, if it's not related to the S-R-V... This issue can be closed?

    • 2018-07-06T14:42:35+00:00
13. 

    James Navin

    • changed status to resolved

    • 2018-09-04T06:13:04+00:00
14. Log in to comment