Pinned topicWPS 7.0 on UNIX - SSL HANDSHAKE FAILURE
This question has been answered.
This question has not been answered yet.
Appreciate any help in advance !
Env: UNIX box with WebSphere Application Server 220.127.116.11 and WebSphere Process Server 18.104.22.168
We just developed an application in WPS 7.0, it needs to make an outbound HTTPs web service call to another host. In my local test environment (WID 7), it works perfectly, after I added the signer certificate to "SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates" using "Retrieve from Port" option to get the certificate from the web service host.
However, the same trick does not seem to work on the Unix box with the same version. It is giving the following SSL handshake message even though I can see the same signer certificate added under "SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates"
1/17/12 16:11:05:662 CST 00000bf7 WSX509TrustMa E CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN "CN=DPCLSTPWS, O=your company, ST=CA , C=US" was sent from target host:port "22.214.171.124:3818". The signer may need to be added to local trust store "/opt/IBM2/wpspf/v70/WPSNode01/config/cells/WPSCell/trust.p12" located in SSL configuration alias "NodeDefaultSSLSettings" loaded from SSL configuration file "security.xml". The extended error message from the SSL handshake exception is: "PKIX path building failed: java.security.cert.CertPathBuilderException: unable to find valid certification path to requested target".
Do we have to add to the NodeDefaultKeystore too on UNIX box ?