I'm having troubles getting SSL authentication working well with WebSphere Liberty Profile. The defaultKeyStore and defaultTrustStores are created successfully (the docs at http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/topic/com.ibm.websphere.wlp.nd.doc/ae/rwlp_ssl.html are very complete), but JAXB webservice client code using SSL doesn't seem to see them...I get a "Certificate Chaining Exception" even though the certificate is in the trust store. I had to fix our development keystores to have passwords 6 characters or longer (to avoid CWPKI0808E errors) so they will load OK, and have enabled traces that show that the keystores are instantiated in WLP. The best I can figure is that the JAXB code is still somehow using basic JDK security and ignoring all the nice keystore definitions.
BTW, I'm using WLP Alpha Next (with the jaxws-2.2 feature) running under Java 6; the JAXB code is actually JAXB 2.1 so it also can run on WAS 7. I've solved the same SSL issues on WAS7...I thought we could use those same keystores with WLP, but haven't been able to get it working yet.
NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
This topic has been locked.
Pinned topic WLP defaultTrustStore not working for outbound JAXB SSL connections
Answered question This question has been answered.
Unanswered question This question has not been answered yet.