I wrote a webservice client and now I can not get it to work through https. Although I imported cert.pfx (alias = cert) into javas cacerts and successfully added an entry with the alias certs.
However, I cannot use the wsimport invitation to the wsdl url. It says: "The PKIX path could not find the correct certification path for the requested target. Okay. So I did a little research and tried to install it using
setlocal set _JAVA_OPTIONS =% _ JAVA_OPTIONS% -Djavax.net.ssl.trustStore = "C: \ Program Files \ Java \ jdk1.7.0_79 \ jre \ lib \ security \ cacerts" -Djavax.net.ssl.trustStorePassword = changeit - Djavax.net.ssl.keyStoreType = PKCS12 -Djavax.net.ssl.keyStorePassword = xxxxxxxxx -Djavax.net.ssl.keyStore = "d: \ cert.pfx" "C: \ Program Files \ Java \ jdk1.7.0_79 \ bin \ wsimport "-s C: \ Users \ me \ keystore \ bin \ s -keep https://service.xxxxxxxxxxx.de/xxxxxxxxxxxxTest?wsdl endlocal
without success.
I also tried to export the certificate from cert.pfx file and then imported the certificate into cacerts via keytool -exportcert and keytool -importcert. Later I tried to export certificates from my browser (because my browser does a great job with certificates and can access the https URL). I exported the root certificate to the root.cer file and imported this .cer into my cacerts (I had to use a different alias than the certificate. With the as alias certificate, I got the message "Keys not matching" in the console when using the keytool line).
A dump on cacerts shows that there really is a record in cacerts. I do not understand why java refuses to do wsimport on the URL.
url wsimport .xml , url . , im, "PKIX... ".