Pinned topic Failed to Establish a BackSide Connection in Webserviceproxy
I Created Webservice Proxy.
In That Proxy i configured
1)front side HTTP Handler eg: http://10.222.10.205:sample
2)Back End URI
Eg: https://service.external.com/sample using port 80
Here i received Soap Request from client to Datapower.But i am not getting any response from BackEnd server.
In Troubleshooting also i tested TCP/IP connection Successfully.
5:36:02 ws-proxy error 640868 e 0x01130006 wsgw (Project1): Failed to establish a backside connection
05:36:02 ws-proxy error 640868 0x80e00126 wsgw (Project1): Valid backside connection could not be established: Failed to establish a backside connection
05:36:02 ws-proxy error 640868 0x80e0005a wsgw (Project1): Cannot establish SSL credentials
Note: In that error Desription showing like SSL credentials not esatblished.But Same request sent through SOAPUI tool we are getting response from server without any SSL credentials.
Pls suggest me any configuration settings needs in webservice proxy for getting responce from backend server.
SystemAdmin 110000D4XK6772 PostsACCEPTED ANSWER
Re: Failed to Establish a BackSide Connection in Webserviceproxy2009-08-17T13:18:31Z in response to gloarsHi Mahe,
According to the MessageReference guide, the error 0x80e0005a - "Cannot establish SSL credentials" indicates that DataPower cannot find a SSL proxy profile to use for your backend connection. Try setting one up in your user-agent. If you are currently using the default ua, create a new one for this service.
DP-admin 270004YU4C3 PostsACCEPTED ANSWER
Re: Failed to Establish a BackSide Connection in Webserviceproxy2012-02-03T17:21:01Z in response to SystemAdminHi Peter,
Hi i'm facing the same issue, i tried the above solution but i'm still facing the same issue. Is there any other solution for "Cannot establish SSL credentials"
Please let me know if any one have a similar problem and found the solution.
SystemAdmin 110000D4XK6772 PostsACCEPTED ANSWER
Re: Failed to Establish a BackSide Connection in Webserviceproxy2012-02-06T21:47:01Z in response to DP-adminI believe SSL enforcement with DataPower is bit more explicit than SOAPUI, I suspect you might have gone wrong with the SSL proxy profile, if you could provide more details on how you created the SSL Proxy Profile then may be I would be able to help like the direction, key and cert objects in the Crypto Profile etc.., Can you please give a try specifying the SSL Proxy Profile in the Proxy Settings tab of you WSP.
Re: Failed to Establish a BackSide Connection in Webserviceproxy2013-06-15T01:19:35Z in response to gloars
I have a similar problem, where the service works fine when it is invoked through the soap ui, but gives the below mentioned error when invoked through the client application (Firefox Rest Client).
Re: Failed to Establish a BackSide Connection in Webserviceproxy2013-06-15T03:02:07Z in response to gloars
Here the configuration flow.
The MPG is configured with a HTTPS front side handler listening at 443. The FSH is configured with a reverse ssl proxy profile. The SSL proxy image has been attached as SSLProxy.png. The Crypto profile config has been attached as CryptoProfile.png.
Also would like to mention that I have a different service which is working(from browser as well) with same configuration on the same box but different domain.
Kindly provide your inputs.
kenhygh 120000PD1B1475 PostsACCEPTED ANSWER
Re: Failed to Establish a BackSide Connection in Webserviceproxy2013-06-15T11:47:28Z in response to Nitin_Jha
A FSH is for front-side connections, not backside. You will need to add an SSL proxy profile, in forward mode, for connecting to your backend.
You will need to put the public cert of the backend server into the SSL proxy profile's valcred. If you need to do mutual-auth SSL, you will also need to add your private key and cert to the SSL proxy profile's idcred.
You can specify the SSL proxy profile either by setting it in code - there's a service variable for it - or by attachiing it to your User Agent (MPGW -> XML Manager -> User Agent). You probably will not want to configure this on the default XML Manager/User Agent.
Re: Failed to Establish a BackSide Connection in Webserviceproxy2013-06-17T22:13:06Z in response to kenhygh
The MPG works as a SSL server and hence a reverse SSL Proxy profile has been created in the HTTPS front side handler. (To secure communication with requesting clients) Hope this clarifies.
Re: Failed to Establish a BackSide Connection in Webserviceproxy2013-06-18T17:39:50Z in response to gloars
Thanks Ken, The issue has now been resolved.
The errors shows by DP were misleading, the actual error was in the match rule in the MPG. The header being sent by the soap ui and the browser client were different and hence the the match action was not processing the request from the browser client whereas it was working with soap ui.
The soap ui sends content type as "application/xml" and the browser client send it as "application/xml; charset=UTF-8". So now I tweaked the match exp to "application/xml*" and now it works fine.
Thanks again for guidance.