Can not deploy SOA composite with SSL External Web Service Partner Link
Last updated on JULY 13, 2017
Applies to:Oracle Fusion Application Toolkit - Version 184.108.40.206.1 and later
Information in this document applies to any platform.
***Checked for relevance on 01-03-2013***
***Checked for relevance on 11-08-2014***
Users built a composite CallGetPerson2 with a BPEL process and adjusted input and output with types from getperson.xsd. This project built and deployed successfully from JDeveloper.
The partner link to the Fusion web service PersonService was added without any invocation . The WSDL is https://<host><domain>/foundationParties/PersonService?WSDL.
The deployment of the project with the partner link errors with the message below.
Users tried to correct the error by making local copy of the target WSDL file in the BPEL project. When creating the web service partner link in the composite, using the wizard, the option "Copy WSDL and its dependent artifacts into the project" was checked.
When the project was deployed via JDeveloper the following error displayed.
[03:21:25 PM] HTTP error code returned 
[03:21:25 PM] Error message from server:
There was an error deploying the composite on soa_server1: Deployment Failed: Unable to register service..
[03:21:25 PM] Check server log for more details.
[03:21:25 PM] Error deploying archive sca_FusionGetPerson_rev1.0.jar to partition "default" on server soa_server1 [http://<host><domain>:<port>]
[03:21:25 PM] #### Deployment incomplete. ####
[03:21:25 PM] Error deploying archive file:/D:/oracle/Middleware/jdev_111150/jdeveloper/SOA_APP2/FusionGetPerson/deploy/sca_FusionGetPerson_rev1.0.jar
The SOA Server Log contained the errors below.
oracle.webservices.provider.ProviderException: oracle.webservices.mdds.MddsException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The user logged into the Web Logic Server console. Environment --> Servers--> Admin Server --> was selected. The Debug tab was chosen and "weblogic" --->"Deploy" was expanded. All debug flags under deploy were enabled. After running the deploy again from JDeveloper, the following message was observed in the SOA log.
javax.net.ssl.SSLKeyException: [Security:090542]Certificate chain received from [host] was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.; No available router to destination]
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms