IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Bad certificate SSL Connection tracking client certificate

    Posted Wed March 03, 2004 06:25 AM

    Hi All

    Is there a way to save and log the certificate received by the HTTPS port during an SSL hand shake ?

    We are facing a problem with one of our partners where once we restart the WM server , the partner keeps getting a “Bad Certificate” error while trying to connect through SSL (AS2 to be specific ) . The error auto-corrects itself after 4 to 5 hours . The problem is specific to one particular TN partner . Other TN parners are okay .

    We suspect that this is a problem because of partner s/w caching or their settings goes hayward when a connection fails etc . So we need to track exactly which certificates are submitted by partner while trying the SSL connection .

    There is no server log existing for these failed connections. … very weird probelm .
    appreciating any help towards a solution
    Thanks in advance


    #webMethods
    #Integration-Server-and-ESB
    #webmethods-Protocol-and-Transport


  • 2.  RE: Bad certificate SSL Connection tracking client certificate

    Posted Wed March 03, 2004 08:20 AM

    Jose

    Thumb rule

    “always restart your server and the partners server when you have certificate conflicts.”

    Certificates are cached for hours

    Thahir


    #webMethods
    #webmethods-Protocol-and-Transport
    #Integration-Server-and-ESB


  • 3.  RE: Bad certificate SSL Connection tracking client certificate

    Posted Wed March 03, 2004 08:26 AM

    Jose

    Sorry I missed to mention that when we had certificate problem like this before we used ssl tap from netscape

    [url=“http://enterprise.netscape.com/docs/cms/60/cert/tools_guide/ssltap.htm”]http://enterprise.netscape.com/docs/cms/60/cert/tools_guide/ssltap.htm[/url]

    This tool could give you a complete log of what certificates are passed during the handshake

    HTH

    Thahir


    #Integration-Server-and-ESB
    #webmethods-Protocol-and-Transport
    #webMethods


  • 4.  RE: Bad certificate SSL Connection tracking client certificate

    Posted Thu March 04, 2004 01:14 AM

    Hi Thahir
    Thank you very much for the information . Expacially the tool looks extremly help ful .

    Infact our probelm is not exactly a certificate conflict out of the blue . It is specific to this particualr partner , only after our server is restarted for some other reason . More over partner does not use WM , they use a IIS based B2B server . I feel that rather than the certificate being cached, it is the errored connection that is being cached some where . Because even if the certificates are cached , they are correct certs , so the error shudn’t happen .

    Anyway thanks a lot and let me now if you have any ideas …
    Thanks and regards


    #webmethods-Protocol-and-Transport
    #webMethods
    #Integration-Server-and-ESB


  • 5.  RE: Bad certificate SSL Connection tracking client certificate

    Posted Mon November 08, 2004 07:30 AM

    Matthew

    This might help

    [url=“wmusers.com”]wmusers.com

    to find the complete list of certificates passed

    Thahir


    #Integration-Server-and-ESB
    #webMethods
    #webmethods-Protocol-and-Transport


Related Content