cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Secure HTTP over SSL (HTTPS) with Client Authentication

Former Member

on ‎08-25-2011 1:28 PM

0 Kudos

We have a requirement to invoke external partners synchronous webservice using HTTP over SSL (HTTPS) and also all the communication to be performed with client authentication, or two-way SSL.

Accordingly we are using SOAP Adapter 7.11 with following configuration:

Transport Protocol- HTTP

Message Protocol- SAOP 1.1

Configure Certificate Authentication-enabled

Keystore Entry - Our Private Certificate

Keystore View - Trusted CAs

When we try to invoke the webservice we are getting following error:

additional info ssl_debug(226): Starting handshake (iSaSiLk 4.403)...

ssl_debug(226): Sending v3 client_hello message to webservices.staging0.paymentnet.jpmorgan.com:1308, requesting version 3.1...

ssl_debug(226): Received v3 server_hello handshake message.

ssl_debug(226): Server selected SSL version 3.1.

ssl_debug(226): Server created new session 2D:3C:26:4B:DF:44:77:AC...

ssl_debug(226): CipherSuite selected by server: SSL_RSA_WITH_3DES_EDE_CBC_SHA

ssl_debug(226): CompressionMethod selected by server: NULL

ssl_debug(226): Server does not supports secure renegotiation.

ssl_debug(226): Received certificate handshake message with server certificate.

ssl_debug(226): Server sent a 1024 bit RSA certificate, chain has 3 elements.

ssl_debug(226): ChainVerifier: Found a trusted certificate, returning true

ssl_debug(226): Received certificate_request handshake message.

ssl_debug(226): Accepted certificate types: RSA, DSA

ssl_debug(226): Accepted certificate authorities:

ssl_debug(226): (empty list)

ssl_debug(226): Received server_hello_done handshake message.

ssl_debug(226): Sending certificate handshake message with RSA client certificate...

ssl_debug(226): Sending client_key_exchange handshake...

ssl_debug(226): Sending certificate_verify handshake message...

ssl_debug(226): Sending change_cipher_spec message...

ssl_debug(226): Sending finished message...

ssl_debug(226): Received alert message: Alert Fatal: bad certificate

ssl_debug(226): SSLException while handshaking: Peer sent alert: Alert Fatal: bad certificate

ssl_debug(226): Shutting down SSL layer...

I am able to successfully test through third party soap client like Soap UI.

Could you please help me what am I missing here.

Thanks

Rajeev Gupta

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Shabarish_Nair
Active Contributor
‎08-25-2011 1:34 PM
0 Kudos

this seems to be similar-

Show replies
Show replies
Former Member
‎08-25-2011 1:40 PM
0 Kudos

Thanks for your response, but as you can see from the following logs both the client(PI) and the server(external webService) are using SSL veersion 3.1

ssl_debug(226): Sending v3 client_hello message to XXX, requesting version 3.1...

ssl_debug(226): Received v3 server_hello handshake message.

ssl_debug(226): Server selected SSL version 3.1.

Thanks

Rajeev Gupta

former_member188791
Participant
‎11-26-2015 11:25 AM
0 Kudos

Hi Rajeev,

i am also facing same issue, could you please let me know how you solved this.

Ask a Question