Hi ,
I am using winrm tool as interface between linux server and windows server and everything is working fine.To make my application more secure i want to use winrm through https
code snippet:
WinRmTool.Builder builder = WinRmTool.Builder.builder("windows serverip", userName, password);
WinRmClientContext context = WinRmClientContext.newInstance();
builder.setAuthenticationScheme(AuthSchemes.NTLM);
builder.port(5986);
builder.useHttps(true);
builder.disableCertificateChecks(true);
builder.context(context);
WinRmTool tool = builder.build();
tool.executePs(commands);
the flow is working fine but when i change the option
builder.disableCertificateChecks(true); to false , modified it to
builder.disableCertificateChecks(false); (Changed from true to false) from there i am getting issue
it is throwing the below stack trace
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://10.1.10.5:5986/wsman: General SSLEngine problem
at sun.reflect.GeneratedConstructorAccessor136.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1402)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
NikolayKlyatishev
commented
1 year ago
Hi , I am using winrm tool as interface between linux server and windows server and everything is working fine.To make my application more secure i want to use winrm through https code snippet: WinRmTool.Builder builder = WinRmTool.Builder.builder("windows serverip", userName, password); WinRmClientContext context = WinRmClientContext.newInstance(); builder.setAuthenticationScheme(AuthSchemes.NTLM); builder.port(5986); builder.useHttps(true); builder.disableCertificateChecks(true); builder.context(context); WinRmTool tool = builder.build(); tool.executePs(commands);
Configured the winrm https on windows server by creating the self signed certificate and setting the thumbprint of certificate into winrm by following the steps from below refernce https://www.visualstudiogeeks.com/devops/how-to-configure-winrm-for-https-manually
the flow is working fine but when i change the option builder.disableCertificateChecks(true); to false , modified it to builder.disableCertificateChecks(false); (Changed from true to false) from there i am getting issue it is throwing the below stack trace Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://10.1.10.5:5986/wsman: General SSLEngine problem at sun.reflect.GeneratedConstructorAccessor136.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1402)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
can any one please help on this Thanks Teja