IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only

  • 1.  Https handshake for weservice consumer

    Posted Tue December 23, 2008 11:01 PM

    Hi,
    I am invoking a webservice consumer to call my partner webservice. Also I am provided with the partner certificate. I am using 7.1.1 webserivce consumer whihc had pub.client.soapclient.My WSDL carried the ‘Https’ url. I placed the partner certificate in the intergration server config/cert/ca path. when i run the connector to test the webservice I am getting
    “com.wm.app.b2b.server.ServiceException: iaik.security.ssl.SSLException: Invalid SSL message, peer seems to be talking plain!”

    Please let me know how do I configure my IS 7.1.1 to have the partner certificate when it does a https handshake thro webservice consumer? And also the setting I need to do in the IS file path ca/public? Is there anything with trusted certificates settings in IS admin console??

    Thanks in advance


    #webMethods
    #soa
    #API-Management


  • 2.  RE: Https handshake for weservice consumer

    Posted Fri June 19, 2009 11:23 AM

    Hello,

    I’m facing the same problem. Did you find any workaround?

    Jiorgos


    #soa
    #webMethods
    #API-Management


  • 3.  RE: Https handshake for weservice consumer

    Posted Tue January 12, 2010 04:07 PM

    Did you guys get a response to your issue? I am facing the same issue now.


    #soa
    #API-Management
    #webMethods


  • 4.  RE: Https handshake for weservice consumer

    Posted Tue January 12, 2010 04:43 PM

    In my case worked cause I added the certificate as trusted the /jdk1.6.0_14/jre/lib/security/cacerts file. Give it a try but make copy of the original file.

    keytool -keystore C:\Java\jdk1.6.0_14\jre\lib\security\cacerts -import -file customerCertificate.cert.crt.


    #soa
    #API-Management
    #webMethods


  • 5.  RE: Https handshake for weservice consumer

    Posted Wed October 06, 2010 11:01 AM

    Hi guys,

    I was having the same problem and i found my solution was to do with the proxy settings on the IS server.

    My IS had a proxy set up for HTTPS connections, and the server i was attempting to connect to was on the LAN and presumably returning a 404 message in http, which was affecting the error message.

    I added a bypass in the proxy settings. IS → Settings/Proxy Settings → Edit Proxy Settings → (add server to proxy bypass list).

    Hope this helps someone.


    #API-Management
    #webMethods
    #soa


  • 6.  RE: Https handshake for weservice consumer

    Posted Tue September 29, 2015 02:10 PM

    Here is the sample certificates that i generated and used to communicate 2 IS ( one acting as client and other as server on https port with require client cert)

    keytool is available in /jvm/bin

    For application1

    ****** Step 1: Creating the “public-private” key pair.
    keytool -genkey -alias application1 -validity 365 -keystore E:\SSL-Certs\application1_ks.jks -keysize 2048 -keyalg RSA

    E:\SSL-Certs\application1_ks.jks is the file that you will configure in application1 keystore

    ****** Step 2: Validate the “public-private” key pair.
    keytool -list -v -keystore E:\SSL-Certs\application1_ks.jks

    ****** Step 3: Extract the “public key” from the “public-private” key pair
    keytool -export -alias application1 -keystore E:\SSL-Certs\application1_ks.jks -rfc -file E:\SSL-Certs\application1_publickey.cer

    E:\SSL-Certs\application1_publickey.cer is the file you will configure in application2 client certificates

    ****** Step 4: Create the Truststore using the public key extracted.
    keytool -import -alias application1 -file E:\SSL-Certs\application1_publickey.cer -keystore E:\SSL-Certs\application1_ts.jks
    keytool -list -v -keystore E:\SSL-Certs\application1_ts.jks

    For application2

    ****** Step 5: Creating the “public-private” key pair.
    keytool -genkey -alias application2 -validity 365 -keystore E:\SSL-Certs\application2_ks.jks -keysize 2048 -keyalg RSA

    E:\SSL-Certs\application2_ks.jks is the file that you will configure in application2 keystore

    ****** Step 6: Validate the “public-private” key pair.
    keytool -list -v -keystore E:\SSL-Certs\application2_ks.jks

    ****** Step 7: Extract the “public key” from the “public-private” key pair
    keytool -export -alias application2 -keystore E:\SSL-Certs\application2_ks.jks -rfc -file E:\SSL-Certs\application2_publickey.cer

    E:\SSL-Certs\application2_publickey.cer is the file you will configure in application1 client certificates

    ****** Step 8: Create the Truststore using the public key extracted.
    keytool -import -alias application2 -file E:\SSL-Certs\application2_publickey.cer -keystore E:\SSL-Certs\application2_ts.jks
    keytool -list -v -keystore E:\SSL-Certs\application2_ts.jks

    ****** Step 9: Add both public cert to the truststore .
    keytool -import -alias application2 -file E:\SSL-Certs\application2_publickey.cer -keystore E:\SSL-Certs\application1_ts.jks
    keytool -import -alias application1 -file E:\SSL-Certs\application1_publickey.cer -keystore E:\SSL-Certs\application2_ts.jks

    E:\SSL-Certs\application1_ts.jks is the file that you will configure in application1 truststore
    E:\SSL-Certs\application2_ts.jks is the file that you will configure in application2 truststore


    #soa
    #API-Management
    #webMethods


Related Content