Topic
  • 15 replies
  • Latest Post - ‏2010-06-13T20:08:37Z by irriduxibili
SystemAdmin
SystemAdmin
2262 Posts

Pinned topic Problems accessing a HTTPS Webservice

‏2008-02-19T17:58:33Z |
I'm trying to invoke a webservice using a generated proxy in a java main.

System.setProperty("com.ibm.ssl.contextProvider", "IBMJSSE2");
System.setProperty("com.ibm.ssl.protocol", "SSLv3");
System.setProperty("com.ibm.ssl.trustStoreType", "JKS");
System.setProperty("com.ibm.ssl.trustStore", "C://myTrust.jks");
System.setProperty("com.ibm.ssl.trustStorePassword", "secret1");
System.setProperty("java.protocol.handler.pkgs", "com.ibm.ssl.internal.www.protocol");

System.setProperty("javax.net.debug", "ssl,handshake,data,trustmanager");

...

The error
Feb 19, 2008 11:44:28 AM com.ibm.ws.ssl.config.SSLConfigManager
INFO: ssl.disable.url.hostname.verification.CWPKI0027I
Feb 19, 2008 11:44:29 AM com.ibm.ws.webservices.engine.PivotHandlerWrapper invoke
WARNING: WSWS3734W: Warning: Exception caught from invocation to com.ibm.ws.webservices.engine.transport.http.HTTPSender:
WebServicesFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultString: WSWS3740E: Error: No SSL configuration is available for endpoint - https://psa.tz.net/qa/psaserver.asmx
faultActor: null
faultDetail:

WSWS3740E: Error: No SSL configuration is available for endpoint -

Please help.
Updated on 2010-06-13T20:08:37Z at 2010-06-13T20:08:37Z by irriduxibili
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-02-20T17:49:24Z  
    Thanks to another post.
    I got around this problem by commenting all the sets of System.setProperty and added -

    System.setProperty("com.ibm.SSL.ConfigURL", "file:C:
    Program Files\\IBM\\SDP70\\runtimes\\base_v61_stub\\properties
    ssl.client.props");

    Edited the ssl.client.props and set the following option to true

    com.ibm.ssl.enableSignerExchangePrompt=true

    It works.
  • websphere6.1user
    websphere6.1user
    16 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-01T14:58:53Z  
    Thanks to another post.
    I got around this problem by commenting all the sets of System.setProperty and added -

    System.setProperty("com.ibm.SSL.ConfigURL", "file:C:
    Program Files\\IBM\\SDP70\\runtimes\\base_v61_stub\\properties
    ssl.client.props");

    Edited the ssl.client.props and set the following option to true

    com.ibm.ssl.enableSignerExchangePrompt=true

    It works.
    Hi,

    it is not working for me. my requirement is need to access the other web service and the client proxy for the webservice is generated by the was 6.1.
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-02T03:50:58Z  
    Hi,

    it is not working for me. my requirement is need to access the other web service and the client proxy for the webservice is generated by the was 6.1.
    I would suggest posting in the websphere security forum. They should be able to help you with the Websphere setup.
  • websphere6.1user
    websphere6.1user
    16 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-02T09:40:58Z  
    I would suggest posting in the websphere security forum. They should be able to help you with the Websphere setup.
    Hi,

    I need to access a web service from my application. my application is deployed in was 6.1. i got the certificate from the provider. i added the below snippet code before calling the web service.

    System.setProperty("javax.net.ssl.trustStore","c:\\Bank_Test_Merchant
    dexitrust");
    System.setProperty("javax.net.ssl.trustStorePassword", "xxx");
    System.setProperty("javax.net.ssl.keyStore","c:\\Bank_Test_Merchant
    Bank_Test_Merchant.pfx");
    System.setProperty("javax.net.ssl.keyStorePassword", "xxxx");
    //System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
    System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");

    i am getting the following error. when i am trying to run this.,

    Connection to the remote host xxx.xxx.xxx.xxx failed.Received the following error: java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.

    the same application i am able to access using AXIS and tomcat. but the same is not working for me in WAS.

    this is difference i found for the two things. for Tomcat i included the certificate in cacerts by using keytool. the same i havent done for was. is it causing the problem. please help me i trying to solve this issue since 15 days.
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-02T16:36:52Z  
    Hi,

    I need to access a web service from my application. my application is deployed in was 6.1. i got the certificate from the provider. i added the below snippet code before calling the web service.

    System.setProperty("javax.net.ssl.trustStore","c:\\Bank_Test_Merchant
    dexitrust");
    System.setProperty("javax.net.ssl.trustStorePassword", "xxx");
    System.setProperty("javax.net.ssl.keyStore","c:\\Bank_Test_Merchant
    Bank_Test_Merchant.pfx");
    System.setProperty("javax.net.ssl.keyStorePassword", "xxxx");
    //System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
    System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");

    i am getting the following error. when i am trying to run this.,

    Connection to the remote host xxx.xxx.xxx.xxx failed.Received the following error: java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.

    the same application i am able to access using AXIS and tomcat. but the same is not working for me in WAS.

    this is difference i found for the two things. for Tomcat i included the certificate in cacerts by using keytool. the same i havent done for was. is it causing the problem. please help me i trying to solve this issue since 15 days.
    It appears that the signer of the cerificate is not in your trust file.
    Use the setting
    com.ibm.ssl.enableSignerExchangePrompt=true
    which will automatically add the signer to your cacerts file.
    I'm not sure how you'd set it if you are not using the ssl.client.props file.

    Use ikeyman to view your signer certificates.
    Another option is to use ikeyman and import your downloaded certificate, maybe the signer will be place automatically.

    Good luck. I know it is frustrating.
  • websphere6.1user
    websphere6.1user
    16 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-04T07:29:20Z  
    It appears that the signer of the cerificate is not in your trust file.
    Use the setting
    com.ibm.ssl.enableSignerExchangePrompt=true
    which will automatically add the signer to your cacerts file.
    I'm not sure how you'd set it if you are not using the ssl.client.props file.

    Use ikeyman to view your signer certificates.
    Another option is to use ikeyman and import your downloaded certificate, maybe the signer will be place automatically.

    Good luck. I know it is frustrating.
    I imported the signer certificate using retrieve from port. and i saw that the trust.p12was modified after that change. i am not getting new error.
    WSWS3713E: Connection to the remote host XXX.XXX.XXX.XXX failed.Received the following error: java.io.IOException: Unable to verify MAC.
    at com.ibm.ws.webservices.engine.transport.http.HttpOutboundChannelConnection.connect(HttpOutboundChannelConnection.java:752)
    at com.ibm.ws.webservices.engine.transport.http.HttpsOutboundChannelConnection.connect(HttpsOutboundChannelConnection.java:210)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionGroup.createConnection(OutboundConnectionGroup.java:133)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionCache.findGroupAndGetConnection(OutboundConnectionCache.java:331)
    at com.ibm.ws.webservices.engine.transport.http.HTTPSender.invoke(HTTPSender.java:510)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEngine.java:332)
    at com.ibm.ws.webservices.engine.client.Connection.invokeEngine(Connection.java:738)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:659)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:617)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:452)
    at com.ibm.ws.webservices.engine.client.Stub$Invoke.invoke(Stub.java:908)
    at ae.comtrust.sdes.DateExchangeServiceIFBindingStub.exchangeMessage(DateExchangeServiceIFBindingStub.java:87)
    at ae.comtrust.sdes.DateExchangeServiceIFProxy.exchangeMessage(DateExchangeServiceIFProxy.java:64)
    at com.servion.nib.host.etisalat.ConnectEtisalatCheck.proccessEtisalatReq(ConnectEtisalatCheck.java:112)
    at com.servion.nib.host.etisalat.TestEtisalat.main(TestEtisalat.java:25)

    and these are the below properties are available in ther log before secure call..

    com.ibm.ssl.keyStorePassword = ******
    com.ibm.ssl.keyStoreScope = client
    com.ibm.ssl.daysBeforeExpireWarning = 60
    com.ibm.ssl.trustStoreFileBased = true
    com.ibm.ssl.keyStoreName = DefaultSystemProperties_key
    com.ibm.ssl.keyStoreUseForAcceleration = false
    com.ibm.ssl.trustStoreReadOnly = false
    com.ibm.ssl.contextProvider = IBMJSSE2
    com.ibm.ssl.keyStoreFileBased = true
    com.ibm.ssl.alias = DefaultSystemProperties
    com.ibm.ssl.keyManager = IbmX509
    com.ibm.ssl.keyStore = C:/Program Files/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/UAEDXBPDCEPAY01Node01Cell/nodes/UAEDXBPDCEPAY01Node01/key.p12
    com.ibm.ssl.trustStoreInitializeAtStartup = false
    com.ibm.ssl.keyStoreType = PKCS12
    com.ibm.ssl.clientAuthentication = false
    com.ibm.ssl.trustStoreProvider = IBMJCE
    com.ibm.ssl.keyStoreInitializeAtStartup = false
    com.ibm.ssl.trustStore = C:/Program Files/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/UAEDXBPDCEPAY01Node01Cell/nodes/UAEDXBPDCEPAY01Node01/trust.p12
    com.ibm.ssl.trustStorePassword = ******
    com.ibm.ssl.protocol = SSL_TLS
    com.ibm.ssl.trustManager = IbmX509
    com.ibm.ssl.tokenEnabled = false
    com.ibm.ssl.trustStoreName = DefaultSystemProperties_trust
    com.ibm.ssl.keyStoreCreateCMSStash = true
    com.ibm.ssl.trustStoreCreateCMSStash = true
    com.ibm.ssl.trustStoreUseForAcceleration = false
    com.ibm.ssl.keyStoreReadOnly = false
    com.ibm.ssl.securityLevel = HIGH
    com.ibm.ssl.trustStoreScope = client
    com.ibm.ssl.trustStoreType = PKCS12
    com.ibm.ssl.validationEnabled = false
    com.ibm.ssl.keyStoreProvider = IBMJCE
    com.ibm.ssl.configURLLoadedFrom = System Properties

    let me know any of the properties needs to be change.

    This is the code snippet what i am using to connect secure web service.

    System.setProperty("javax.net.ssl.trustStore","C:
    Program Files\\IBM\\WebSphere\\AppServer\\profiles\\AppSrv01\\config\\cells\\UAEDXBPDCEPAY01Node01Cell\\nodes\\UAEDXBPDCEPAY01Node01
    trust.p12");
    System.setProperty("javax.net.ssl.trustStorePassword", "123456");
    System.setProperty("javax.net.ssl.keyStore","C:
    Program Files\\IBM\\WebSphere\\AppServer\\profiles\\AppSrv01\\config\\cells\\UAEDXBPDCEPAY01Node01Cell\\nodes\\UAEDXBPDCEPAY01Node01
    key.p12");
    System.setProperty("javax.net.ssl.keyStorePassword", "123456");
    //System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
    System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
    System.setProperty("com.ibm.ssl.enableSignerExchangePrompt", "true");
  • websphere6.1user
    websphere6.1user
    16 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-23T15:01:29Z  
    I imported the signer certificate using retrieve from port. and i saw that the trust.p12was modified after that change. i am not getting new error.
    WSWS3713E: Connection to the remote host XXX.XXX.XXX.XXX failed.Received the following error: java.io.IOException: Unable to verify MAC.
    at com.ibm.ws.webservices.engine.transport.http.HttpOutboundChannelConnection.connect(HttpOutboundChannelConnection.java:752)
    at com.ibm.ws.webservices.engine.transport.http.HttpsOutboundChannelConnection.connect(HttpsOutboundChannelConnection.java:210)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionGroup.createConnection(OutboundConnectionGroup.java:133)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionCache.findGroupAndGetConnection(OutboundConnectionCache.java:331)
    at com.ibm.ws.webservices.engine.transport.http.HTTPSender.invoke(HTTPSender.java:510)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEngine.java:332)
    at com.ibm.ws.webservices.engine.client.Connection.invokeEngine(Connection.java:738)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:659)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:617)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:452)
    at com.ibm.ws.webservices.engine.client.Stub$Invoke.invoke(Stub.java:908)
    at ae.comtrust.sdes.DateExchangeServiceIFBindingStub.exchangeMessage(DateExchangeServiceIFBindingStub.java:87)
    at ae.comtrust.sdes.DateExchangeServiceIFProxy.exchangeMessage(DateExchangeServiceIFProxy.java:64)
    at com.servion.nib.host.etisalat.ConnectEtisalatCheck.proccessEtisalatReq(ConnectEtisalatCheck.java:112)
    at com.servion.nib.host.etisalat.TestEtisalat.main(TestEtisalat.java:25)

    and these are the below properties are available in ther log before secure call..

    com.ibm.ssl.keyStorePassword = ******
    com.ibm.ssl.keyStoreScope = client
    com.ibm.ssl.daysBeforeExpireWarning = 60
    com.ibm.ssl.trustStoreFileBased = true
    com.ibm.ssl.keyStoreName = DefaultSystemProperties_key
    com.ibm.ssl.keyStoreUseForAcceleration = false
    com.ibm.ssl.trustStoreReadOnly = false
    com.ibm.ssl.contextProvider = IBMJSSE2
    com.ibm.ssl.keyStoreFileBased = true
    com.ibm.ssl.alias = DefaultSystemProperties
    com.ibm.ssl.keyManager = IbmX509
    com.ibm.ssl.keyStore = C:/Program Files/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/UAEDXBPDCEPAY01Node01Cell/nodes/UAEDXBPDCEPAY01Node01/key.p12
    com.ibm.ssl.trustStoreInitializeAtStartup = false
    com.ibm.ssl.keyStoreType = PKCS12
    com.ibm.ssl.clientAuthentication = false
    com.ibm.ssl.trustStoreProvider = IBMJCE
    com.ibm.ssl.keyStoreInitializeAtStartup = false
    com.ibm.ssl.trustStore = C:/Program Files/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/UAEDXBPDCEPAY01Node01Cell/nodes/UAEDXBPDCEPAY01Node01/trust.p12
    com.ibm.ssl.trustStorePassword = ******
    com.ibm.ssl.protocol = SSL_TLS
    com.ibm.ssl.trustManager = IbmX509
    com.ibm.ssl.tokenEnabled = false
    com.ibm.ssl.trustStoreName = DefaultSystemProperties_trust
    com.ibm.ssl.keyStoreCreateCMSStash = true
    com.ibm.ssl.trustStoreCreateCMSStash = true
    com.ibm.ssl.trustStoreUseForAcceleration = false
    com.ibm.ssl.keyStoreReadOnly = false
    com.ibm.ssl.securityLevel = HIGH
    com.ibm.ssl.trustStoreScope = client
    com.ibm.ssl.trustStoreType = PKCS12
    com.ibm.ssl.validationEnabled = false
    com.ibm.ssl.keyStoreProvider = IBMJCE
    com.ibm.ssl.configURLLoadedFrom = System Properties

    let me know any of the properties needs to be change.

    This is the code snippet what i am using to connect secure web service.

    System.setProperty("javax.net.ssl.trustStore","C:
    Program Files\\IBM\\WebSphere\\AppServer\\profiles\\AppSrv01\\config\\cells\\UAEDXBPDCEPAY01Node01Cell\\nodes\\UAEDXBPDCEPAY01Node01
    trust.p12");
    System.setProperty("javax.net.ssl.trustStorePassword", "123456");
    System.setProperty("javax.net.ssl.keyStore","C:
    Program Files\\IBM\\WebSphere\\AppServer\\profiles\\AppSrv01\\config\\cells\\UAEDXBPDCEPAY01Node01Cell\\nodes\\UAEDXBPDCEPAY01Node01
    key.p12");
    System.setProperty("javax.net.ssl.keyStorePassword", "123456");
    //System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
    System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
    System.setProperty("com.ibm.ssl.enableSignerExchangePrompt", "true");
    hi,

    i have imported the certificate into trust.p12. after that i am trying to access the service. i am getting the below error. it seems that the certificate is not installed or properly or any thing else. please help me to solve this issue.

    .Received the following error: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
    at com.ibm.ws.webservices.engine.transport.http.HttpOutboundChannelConnection.connect(HttpOutboundChannelConnection.java:752)
    at com.ibm.ws.webservices.engine.transport.http.HttpsOutboundChannelConnection.connect(HttpsOutboundChannelConnection.java:210)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionGroup.createConnection(OutboundConnectionGroup.java:133)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionCache.findGroupAndGetConnection(OutboundConnectionCache.java:331)
    at com.ibm.ws.webservices.engine.transport.http.HTTPSender.invoke(HTTPSender.java:510)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEngine.java:332)
    at com.ibm.ws.webservices.engine.client.Connection.invokeEngine(Connection.java:738)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:659)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:617)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:452)
    at com.ibm.ws.webservices.engine.client.Stub$Invoke.invoke(Stub.java:908)
    at ae.comtrust.sdes.DateExchangeServiceIFBindingStub.exchangeMessage(DateExchangeServiceIFBindingStub.java:87)
    at ae.comtrust.sdes.DateExchangeServiceIFProxy.exchangeMessage(DateExchangeServiceIFProxy.java:64)
    at com.servion.nib.host.etisalat.ConnectEtisalatCheck.proccessEtisalatReq(ConnectEtisalatCheck.java:111)
    at com.servion.nib.host.etisalat.TestEtisalat.main(TestEtisalat.java:25)
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-24T19:57:27Z  
    hi,

    i have imported the certificate into trust.p12. after that i am trying to access the service. i am getting the below error. it seems that the certificate is not installed or properly or any thing else. please help me to solve this issue.

    .Received the following error: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
    at com.ibm.ws.webservices.engine.transport.http.HttpOutboundChannelConnection.connect(HttpOutboundChannelConnection.java:752)
    at com.ibm.ws.webservices.engine.transport.http.HttpsOutboundChannelConnection.connect(HttpsOutboundChannelConnection.java:210)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionGroup.createConnection(OutboundConnectionGroup.java:133)
    at com.ibm.ws.webservices.engine.transport.channel.OutboundConnectionCache.findGroupAndGetConnection(OutboundConnectionCache.java:331)
    at com.ibm.ws.webservices.engine.transport.http.HTTPSender.invoke(HTTPSender.java:510)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:227)
    at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEngine.java:332)
    at com.ibm.ws.webservices.engine.client.Connection.invokeEngine(Connection.java:738)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:659)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:617)
    at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.java:452)
    at com.ibm.ws.webservices.engine.client.Stub$Invoke.invoke(Stub.java:908)
    at ae.comtrust.sdes.DateExchangeServiceIFBindingStub.exchangeMessage(DateExchangeServiceIFBindingStub.java:87)
    at ae.comtrust.sdes.DateExchangeServiceIFProxy.exchangeMessage(DateExchangeServiceIFProxy.java:64)
    at com.servion.nib.host.etisalat.ConnectEtisalatCheck.proccessEtisalatReq(ConnectEtisalatCheck.java:111)
    at com.servion.nib.host.etisalat.TestEtisalat.main(TestEtisalat.java:25)
    Turn on JSSE tracing via Websphere, so that we can see the certificate(s) involved.
  • websphere6.1user
    websphere6.1user
    16 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-25T08:14:58Z  
    Turn on JSSE tracing via Websphere, so that we can see the certificate(s) involved.
    hi,

    i have enabled the JSSE trace. i am able to see the certificate detials in the trace. i am atatching the trace here. this is the certificate i installed using retreive port option in web admin.

    4/25/08 12:08:14:687 GST 0000000a SystemOut O adding as trusted cert:
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Subject: CN=sdes.comtrust.ae, OU=eCompany, O=Etisalat, ST=AUH, L=AUH, C=AE
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Issuer: CN=Comtrust Server Certification Authority, OU=Etisalat eBusiness Services, O=Etisalat, C=AE
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Algorithm: RSA; Serial number: 0x93c
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Valid from Sun Jan 13 12:55:56 GST 2008 until Wed Jan 13 12:55:56 GST 2010

    Attachments

  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-25T20:25:53Z  
    hi,

    i have enabled the JSSE trace. i am able to see the certificate detials in the trace. i am atatching the trace here. this is the certificate i installed using retreive port option in web admin.

    4/25/08 12:08:14:687 GST 0000000a SystemOut O adding as trusted cert:
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Subject: CN=sdes.comtrust.ae, OU=eCompany, O=Etisalat, ST=AUH, L=AUH, C=AE
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Issuer: CN=Comtrust Server Certification Authority, OU=Etisalat eBusiness Services, O=Etisalat, C=AE
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Algorithm: RSA; Serial number: 0x93c
    4/25/08 12:08:14:687 GST 0000000a SystemOut O Valid from Sun Jan 13 12:55:56 GST 2008 until Wed Jan 13 12:55:56 GST 2010
    Hi!

    The JSSE trace is not complete. The failure is not shown in the trace provided. Also, please make sure the beginning of the trace is provided, which shows the JSSE build information.

    Thanks.
  • websphere6.1user
    websphere6.1user
    16 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-28T05:34:50Z  
    Hi!

    The JSSE trace is not complete. The failure is not shown in the trace provided. Also, please make sure the beginning of the trace is provided, which shows the JSSE build information.

    Thanks.
    hi,

    i have attached the full systemout.log for u reference

    Attachments

  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-28T19:59:21Z  
    hi,

    i have attached the full systemout.log for u reference
    I am sorry. The trace is not in the log. Did the trace wrap?
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-28T19:59:56Z  
    I am sorry. The trace is not in the log. Did the trace wrap?
    Actually, I meant to say that the exception is not in the log. Everything looks fine in the trace provided.
  • websphere6.1user
    websphere6.1user
    16 Posts

    Re: Problems accessing a HTTPS Webservice

    ‏2008-04-30T16:46:20Z  
    Actually, I meant to say that the exception is not in the log. Everything looks fine in the trace provided.
    hi,

    i am able to communicate the same service form SUN JDK and tomcat and i am facing the problem in IBM WAS 6.1. i am using the below code snippet for ssl in my code

    System.setProperty("javax.net.ssl.trustStore","c:
    Bank_Test_Merchant
    dexitrust");

    System.setProperty("javax.net.ssl.trustStorePassword", "123456");

    System.setProperty("javax.net.ssl.keyStore","c:
    Bank_Test_Merchant
    Bank_Test_Merchant.pfx");

    System.setProperty("javax.net.ssl.keyStorePassword", "123456");

    System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
    but when i am using these certificates IBM WAS is throwing certificate length is too big. Later i came to know that IBM WAS is allows only .p12 format. can u let me know how to solve this issue.
  • irriduxibili
    irriduxibili
    1 Post

    Re: Problems accessing a HTTPS Webservice

    ‏2010-06-13T20:08:37Z  
    hi,

    i am able to communicate the same service form SUN JDK and tomcat and i am facing the problem in IBM WAS 6.1. i am using the below code snippet for ssl in my code

    System.setProperty("javax.net.ssl.trustStore","c:
    Bank_Test_Merchant
    dexitrust");

    System.setProperty("javax.net.ssl.trustStorePassword", "123456");

    System.setProperty("javax.net.ssl.keyStore","c:
    Bank_Test_Merchant
    Bank_Test_Merchant.pfx");

    System.setProperty("javax.net.ssl.keyStorePassword", "123456");

    System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
    but when i am using these certificates IBM WAS is throwing certificate length is too big. Later i came to know that IBM WAS is allows only .p12 format. can u let me know how to solve this issue.
    great! your solution give my problem solved! keep up good post....


    SOA Tutorial