Topic
1 reply Latest Post - ‏2012-06-24T11:13:29Z by AntonAleksandrov
JamieWitt
JamieWitt
1 Post
ACCEPTED ANSWER

Pinned topic [Answered[ Setup issue with SSL

‏2012-06-22T22:27:15Z |
I have a few questions/issues I've ran into setting up a worklight server on WebSphere V8.
1) I have the server up and running and I'm trying to use SSL to connect to the application center, but if I have SSL enabled I can not make a connection. The server is using the WebSphere generated self signed certificate. In both scenarios below if I use the non-SSL port on the server everything seems to work correctly.

I have two iOS devices, the first I installed the IBM App Center application through iTunes, the second does not have the app installed.
On the first device when I enter the URL and login info in the settings section and turn on SSL I get an error saying it cannot connect to the server. If I do nothing but turn SSL off I get an SSL error on the server so it can get to it but with SSL on it doesn't seem to try. Here is the server error I see:
SSLHandshakeE E SSLC0008E: Unable to initialize SSL connection. Unauthorized access was denied or security settings have expired. Exception is javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.ibm.jsse2.b.a(b.java:21)
at com.ibm.jsse2.qc.a(qc.java:504)
at com.ibm.jsse2.qc.unwrap(qc.java:481)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:17)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.readyInbound(SSLConnectionLink.java:534)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.ready(SSLConnectionLink.java:294)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1650)

On the second device I can point the browser to https://<ip address>:<port>/applicationcenter/installers.html and connect to that page and even see the IBM App Center app listed. When I click the Install Now button I get an error saying it can not connect to the server.

2) I can not update a device name in the application center, I get the following error when I try.
An error occurred during update of iPhone (MOBILEMGMT0200W: A device with ID "null" does not exist.)

3) Is there a way to secure the Worklight Console? I have application security turned on in WebSphere but I see no way to secure this app with a login screen as there was in Worklight 4.2.
  • AntonAleksandrov
    AntonAleksandrov
    2 Posts
    ACCEPTED ANSWER

    Re: Setup issue with SSL

    ‏2012-06-24T11:13:29Z  in response to JamieWitt
    Worklight server uses JRE's keystore, so in case your back end is protected by a self-signed certificate you need to import it to your WebSphere's JRE keystore.
    You can refer to belo link to see how to import an SSL certificate. Make sure you're importing it to WebSphere's JRE.
    http://www.chrissearle.org/node/260

    In order to protect Worklight console you need to modify AuthenticationConfig.xml file in your project, it contains a commented section for securing the console.