on 08-25-2011 1:28 PM
We have a requirement to invoke external partners synchronous webservice using HTTP over SSL (HTTPS) and also all the communication to be performed with client authentication, or two-way SSL.
Accordingly we are using SOAP Adapter 7.11 with following configuration:
Transport Protocol- HTTP
Message Protocol- SAOP 1.1
Configure Certificate Authentication-enabled
Keystore Entry - Our Private Certificate
Keystore View - Trusted CAs
When we try to invoke the webservice we are getting following error:
additional info ssl_debug(226): Starting handshake (iSaSiLk 4.403)...
ssl_debug(226): Sending v3 client_hello message to webservices.staging0.paymentnet.jpmorgan.com:1308, requesting version 3.1...
ssl_debug(226): Received v3 server_hello handshake message.
ssl_debug(226): Server selected SSL version 3.1.
ssl_debug(226): Server created new session 2D:3C:26:4B:DF:44:77:AC...
ssl_debug(226): CipherSuite selected by server: SSL_RSA_WITH_3DES_EDE_CBC_SHA
ssl_debug(226): CompressionMethod selected by server: NULL
ssl_debug(226): Server does not supports secure renegotiation.
ssl_debug(226): Received certificate handshake message with server certificate.
ssl_debug(226): Server sent a 1024 bit RSA certificate, chain has 3 elements.
ssl_debug(226): ChainVerifier: Found a trusted certificate, returning true
ssl_debug(226): Received certificate_request handshake message.
ssl_debug(226): Accepted certificate types: RSA, DSA
ssl_debug(226): Accepted certificate authorities:
ssl_debug(226): (empty list)
ssl_debug(226): Received server_hello_done handshake message.
ssl_debug(226): Sending certificate handshake message with RSA client certificate...
ssl_debug(226): Sending client_key_exchange handshake...
ssl_debug(226): Sending certificate_verify handshake message...
ssl_debug(226): Sending change_cipher_spec message...
ssl_debug(226): Sending finished message...
ssl_debug(226): Received alert message: Alert Fatal: bad certificate
ssl_debug(226): SSLException while handshaking: Peer sent alert: Alert Fatal: bad certificate
ssl_debug(226): Shutting down SSL layer...
I am able to successfully test through third party soap client like Soap UI.
Could you please help me what am I missing here.
Thanks
Rajeev Gupta
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for your response, but as you can see from the following logs both the client(PI) and the server(external webService) are using SSL veersion 3.1
ssl_debug(226): Sending v3 client_hello message to XXX, requesting version 3.1...
ssl_debug(226): Received v3 server_hello handshake message.
ssl_debug(226): Server selected SSL version 3.1.
Thanks
Rajeev Gupta
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.