Topic
2 replies Latest Post - ‏2012-05-31T13:06:23Z by udaitheruler
JasonJava
JasonJava
16 Posts
ACCEPTED ANSWER

Pinned topic WPS 7.0 on UNIX - SSL HANDSHAKE FAILURE

‏2012-01-18T00:04:57Z |
Appreciate any help in advance !

Env: UNIX box with WebSphere Application Server 7.0.0.11 and WebSphere Process Server 7.0.0.3

We just developed an application in WPS 7.0, it needs to make an outbound HTTPs web service call to another host. In my local test environment (WID 7), it works perfectly, after I added the signer certificate to "SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates" using "Retrieve from Port" option to get the certificate from the web service host.

However, the same trick does not seem to work on the Unix box with the same version. It is giving the following SSL handshake message even though I can see the same signer certificate added under "SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates"

1/17/12 16:11:05:662 CST 00000bf7 WSX509TrustMa E CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN "CN=DPCLSTPWS, O=your company, ST=CA , C=US" was sent from target host:port "121.101.21.89:3818". The signer may need to be added to local trust store "/opt/IBM2/wpspf/v70/WPSNode01/config/cells/WPSCell/trust.p12" located in SSL configuration alias "NodeDefaultSSLSettings" loaded from SSL configuration file "security.xml". The extended error message from the SSL handshake exception is: "PKIX path building failed: java.security.cert.CertPathBuilderException: unable to find valid certification path to requested target".

Do we have to add to the NodeDefaultKeystore too on UNIX box ?
Updated on 2012-05-31T13:06:23Z at 2012-05-31T13:06:23Z by udaitheruler
  • JasonJava
    JasonJava
    16 Posts
    ACCEPTED ANSWER

    Re: WPS 7.0 on UNIX - SSL HANDSHAKE FAILURE

    ‏2012-01-30T06:17:54Z  in response to JasonJava
    I found out that the signer certificate needs to be imported in both CellDefaultTrustStore and NodeDefaultTrustStore.
    • udaitheruler
      udaitheruler
      1 Post
      ACCEPTED ANSWER

      Re: WPS 7.0 on UNIX - SSL HANDSHAKE FAILURE

      ‏2012-05-31T13:06:23Z  in response to JasonJava
      hi can you please tell how u solved this issue. thanks in advance.