Hello Experts,

I am trying to do an HTTPS call to a client using a pfx Certificate.
I am able to connect to their system but am don’t see a valid response. Instead, the response says “Neither certificate nor password was provided”.

I have clients PKCS 12 certificate imported to the DEFAULT_IS_KEYSTORE and *.der certificates in truststore.

In My floew service i have

pub.security.keystore:getKeyAndChain
pub.client:http

Could anyone help me with the issue??

Any one who can help me resolve this issue

Hello,

The following setup worked for me:

• adding a new keystore alias in the IS keystore
• In the IS service I have the following calls:

pub.security.keystore:setKeyAndChain (keystoreAlias and the keyAlias are the previously configured ones)
pub.client:http
pub.security:clearKeyAndChain

Maybe it will help you.

Hi Vlad,

The use case is as below:

• We have been doing the HTTPS call to a Microsoft API even before but they never asked for the certificate till now.

• Now we have to call them to a new URL and pass our certificate, they have configured the thumbprint of same certificate at their end.

• We were doing a custom http call before, but now we are doing the http call as below

  1. pub.security.keystore:setKeyAndChain
  2. pub.client:http
  3. pub.security:clearKeyAndChain
     But still getting the error as : com.wm.net.NetException: [ISC.0064.9314] Authorization Required: Client certificate or AAD Bearer token not found in request.

• We have our certificate configured and mapped with our HTTPS port in Security > Keystore and we have CA Cert in truststore.

• Even we have configured the certificate of the API which we are making HTTPS call to in Security > Certificates > Configure Client Certificates and mapped to a user which is part of group Administrator .

• In Security > Certificates, I have the same Keystore and TrustStore as we have in Security > Keystore.

Still not sure what else required to send them the certificate so that they can verify the HTTPS call with certificate against the thumbprint of same certificate.

Though here from pub.security.keystore:setKeyAndChain no certificate is produced and not sure if it is produced from services like pub.security.keystore:getKeyAndChain or pub.security.keystore:getTrustedCertificates, where to pass it in pub.client:http

So when you say, adding new keystore alias in IS keystore worked for me, which one did you add? Because for us the keystore is already configured having our organization certificate in PKCS12 format.

Regards,

Sanket

Hi,

Import the trust certificate from IS → Security → Certificates → Configure Client Certificates. You can set the usage as per your need. SSL Auth if thats what you are looking for.

HTH

Regards,
Ashish Bania

Hi ,

Could any please share the steps of instaling a pfx certificate in webMethods.

the steps i am folowing are:

1. installing the pfx certificate
2. extracting the certificate in DER format from the pfx file
3. creating a truststore
4. impoting the DER certificates into trustsore using keytool
5. create keysore
6. extract prvate key from PFX in .p12 format.
7. install the p12 to keystore using keytool
8. configure the keystore and truststore under Securrity----> keystore
9. i my flow service invoke below

pub.security.keystore:setKeyAndChain (keystoreAlias and the keyAlias are the previously configured ones)
pub.client:http
pub.security:clearKeyAndChain

Regards