Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
3 replies Latest Post - ‏2013-02-12T06:29:13Z by IdanAdar
SystemAdmin
SystemAdmin
2327 Posts
ACCEPTED ANSWER

Pinned topic SSLPeerUnverifiedException: peer not authenticated

‏2013-02-10T11:00:25Z |
Hi All,

With regard to this post, I have gone through the suggestion provided by Idan at the below link and it worked for the keystore of my local WL Server.

http://www.ibm.com/developerworks/forums/thread.jspa?messageID=14937348#14937348

But when on trying to implement the same for my remote WL Server (below are the environment details I am using), I am not able to locate for the keystore needs to be updated. I know for Liberty Profile, JRE path has to be the one that came with WebSphere. I just gave a random search with "cacerts" keyword (attached the output), but there are many instances that are appearing.

Could you please suggest as to how I could get the correct path, so that I can update the keystore for the same.

Below is my working environment:
WL Studio 5.0.5 - Enterprise Edition on Win7
WL Server 5.0.5 - Enterprise Edition on Red Hat Enterprise Linux
(Database - Apache Derby, Application server - WebSphere® Application Server Liberty Profile)

Thanks again,
Baxi

Attachments

  • IdanAdar
    IdanAdar
    741 Posts
    ACCEPTED ANSWER

    Re: SSLPeerUnverifiedException: peer not authenticated

    ‏2013-02-11T06:44:06Z  in response to SystemAdmin
    AFAIK, when installing Liberty it does not come with JRE/JDK, so you would need to install that on your own on the server machine.
    The cacerts is located at (for example): C:\JDK6\jre\lib\security

    If you say that you have multiple cacerts files, I would assume this means you have multiple installations of JDK...
    Do you have JDK6 installed? Lets try with that.

    Import your self-signed certificate using the command from the IC article and JDK6's cacert file.

    ===
    Note: IBM forums are in the process of migrating to a new format. During migration the forums will be frozen and in read-only mode. If you wish to continue this thread discussion please post it on stackoverflow, where the Worklight team and others can respond.

    See the Forum Migration announce post for more details. Thank you.
    https://www.ibm.com/developerworks/forums/thread.jspa?messageID=14937476

    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform
    • SystemAdmin
      SystemAdmin
      2327 Posts
      ACCEPTED ANSWER

      Re: SSLPeerUnverifiedException: peer not authenticated

      ‏2013-02-11T16:41:51Z  in response to IdanAdar
      Hello,

      I suppose jdk6 is already installed. If you could check the attached log.txt for reference. For eg below, one of the many instances:

      ./WLbuild/jdk1.6.0_27/jre/lib/security/cacerts

      Moreover, if jdk6 is installed again, how would the WL Server know as to which jre to point to, since the "cacerts" file needs to be updated for the one WL Server is pointing to.

      Please let us know if we are missing anything.

      Thanks again!
      Baxi
  • IdanAdar
    IdanAdar
    741 Posts
    ACCEPTED ANSWER

    Re: SSLPeerUnverifiedException: peer not authenticated

    ‏2013-02-12T06:29:13Z  in response to SystemAdmin
    Should you not have only 1 instance of it? Have you tried setting a JAVA_HOME environment variable?

    ---
    Important Note: IBM forums are in the process of migrating to a new format. During migration the forums will be frozen and in read-only mode. If you wish to continue this thread discussion please post it on stackoverflow, where the Worklight team and others can respond.

    See the Forum Migration announce post for more details. Thank you.
    https://www.ibm.com/developerworks/forums/thread.jspa?messageID=14937476
    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform