ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Using WebServices with Message Broker 6.0

Post new topic  Reply to topic
 Using WebServices with Message Broker 6.0 « View previous topic :: View next topic » 
Author Message
msilva18
PostPosted: Fri Dec 09, 2005 4:38 pm    Post subject: Using WebServices with Message Broker 6.0 Reply with quote

Apprentice

Joined: 25 Aug 2004
Posts: 31
Hi all:

I need to comunicate with a Web Service using a Certificate. I have a Message Flow with HTTP Request Node and I used the Keytool to import the certificate, but when I deploy my flow, I get an error:

<?xml version='1.0' encoding='UTF-8'?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Server</faultcode>
<faultstring>BIP3113E: Exception detected in message flow HTTP IN (broker BROKER) </faultstring>
<faultactor>(HTTP) : /RENAPO_CONS</faultactor>
<detail>Exception. BIP2230E: Error detected whilst processing a message in node 'SAT_RENAPO_CONS_I_D.HTTP RENAPO'. : F:\build\S000_P\src\WebServices\WSLibrary\ImbWSRequestNode.cpp: 807: ImbWSRequestNode::evaluate: ComIbmWSRequestNode: SAT_RENAPO_CONS_I_D#FCMComposite_1_9
BIP3162S: An error occured whilst performing a Web Service request. The HTTP Request Header bitstream (if any) sent to the server was: 'X'486f73743a2039392e39302e35362e3136330d0a436f6e74656e742d4c656e6774683a20313035360d0a436f6e74656e742d547970653a20746578742f786d6c0d0a436f6e6e656374696f6e3a20636c6f73650d0a534f4150416374696f6e3a2022220d0a0d0a''. The HTTP Request Messsage Body bitstream (if any) sent to the server was: 'X'3c3f786d6c2076657273696f6e3d22312e30223f3e0d0a3c5341545f52454e41504f5f5152595f5245513e0d0a20203c4669656c6454797065733e0d0a202020203c5341545f4f55545f5152595f57524b20636c6173733d2252223e0d0a2020202020203c5341545f5452414e534143544e5f5459504520747970653d2243484152222f3e0d0a2020202020203c5341545f4355525020747970653d2243484152222f3e0d0a202020203c2f5341545f4f55545f5152595f57524b3e0d0a202020203c505343414d4120636c6173733d2252223e0d0a2020202020203c4c414e47554147455f434420747970653d2243484152222f3e0d0a2020202020203c41554449545f4143544e20747970653d2243484152222f3e0d0a2020202020203c424153455f4c414e47554147455f434420747970653d2243484152222f3e0d0a2020202020203c4d53475f5345515f464c4720747970653d2243484152222f3e0d0a2020202020203c50524f434553535f494e5354414e434520747970653d224e554d424552222f3e0d0a2020202020203c5055424c4953485f52554c455f494420747970653d2243484152222f3e0d0a2020202020203c4d53474e4f44454e414d4520747970653d2243484152222f3e0d0a202020203c2f505343414d413e0d0a20203c2f4669656c6454797065733e0d0a20203c4d7367446174613e0d0a202020203c5472616e73616374696f6e3e0d0a2020202020203c5341545f4f55545f5152595f57524b20636c6173733d2252223e0d0a20202020202020203c5341545f5452414e534143544e5f545950452049734368616e6765643d2259223e353c2f5341545f5452414e534143544e5f545950453e0d0a20202020202020203c5341545f435552502049734368616e6765643d2259223e53495a4d3738313231384844464c4c4e30333c2f5341545f435552503e0d0a2020202020203c2f5341545f4f55545f5152595f57524b3e0d0a2020202020203c505343414d4120636c6173733d2252223e0d0a20202020202020203c4c414e47554147455f43443e454e473c2f4c414e47554147455f43443e0d0a20202020202020203c41554449545f4143544e2f3e0d0a20202020202020203c424153455f4c414e47554147455f43443e454e473c2f424153455f4c414e47554147455f43443e0d0a20202020202020203c4d53475f5345515f464c472f3e0d0a20202020202020203c50524f434553535f494e5354414e43453e303c2f50524f434553535f494e5354414e43453e0d0a20202020202020203c5055424c4953485f52554c455f49442f3e0d0a20202020202020203c4d53474e4f44454e414d452f3e0d0a2020202020203c2f505343414d413e0d0a202020203c2f5472616e73616374696f6e3e0d0a20203c2f4d7367446174613e0d0a3c2f5341545f52454e41504f5f5152595f5245513e''. The HTTP Reply Header bitstream (if any) received from the server was: ''''. The HTTP Reply Message Body bitstream (if any) received from the server was: ''''. : F:\build\S000_P\src\WebServices\WSLibrary\ImbWSRequestNode.cpp: 747: ImbWSRequestNode::evaluate: :
BIP3152S: A Web Service request has detected a Socket error whilst invoking a web service located at host '99.90.56.163', on port 4443, on path '/wsCurp/services/DatosConsultaCurp'. : F:\build\S000_P\src\WebServices\WSLibrary\ImbWSRequest.cpp: 275: ImbWSRequest::makeWSRequest: :
BIP3165S: An error occured whilst performing an SSL socket operation. Operation: 'connect'. Error Text: 'javax.net.ssl.SSLHandshakeException: unknown certificate'. :
F:\build\S000_P\src\WebServices\WSLibrary\ImbSocket.cpp: 1241: ImbSocketJNIManager::handleGeneralJavaException: : </detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Anybody knows if I need to configure something in the flow for indicate the certificate to be use? Or if I need to do anything else to get a connection with a Web Service?

Thanks a lot.
_________________
Ing. Manuel Silva Zaldivar
Back to top
View user's profile Send private message MSN Messenger
mgk
PostPosted: Sat Dec 10, 2005 2:13 am    Post subject: Reply with quote

Padawan

Joined: 31 Jul 2003
Posts: 1642
Hi,

As the exception says, the problem is "'javax.net.ssl.SSLHandshakeException: unknown certificate'".

Check that the certificate is valid, is the correct one for the host you are connecting to. Also, can you post the keytool commands you used to enter the certificate. Also verify that the output of a keytool list shows the certificate is installed in the truststore for the brokers jvm.
_________________
MGK
The postings I make on this site are my own and don't necessarily represent IBM's positions, strategies or opinions.
Back to top
View user's profile Send private message
msilva18
PostPosted: Mon Dec 12, 2005 7:45 am    Post subject: Reply with quote

Apprentice

Joined: 25 Aug 2004
Posts: 31
Hi,

The certificate is correct because other systems use the same certificate, in fact, I have the archive that contains the key to make certificates, then I'm sure that is correct.

I typed the list command to see the certificate and I think that is correct, this is the result:

C:\Program Files\IBM\MQSI\6.0\jre\bin>keytool -list -v -keystore cacerts
Enter keystore password: changeit

Keystore type: jks
Keystore provider: IBMJCE

Your keystore contains 1 entry

Alias name: renapo
Creation date: Dec 9, 2005
Entry type: trustedCertEntry

Owner: EMAILADDRESS=FOR TEST PURPOSES ONLY, CN=GET A REAL CERTIFICATE!!!, OU=DO
NOT USE COMMERCIALLY, O=Oracle DEMO, L=Redwood Shores, ST=California, C=US
Issuer: EMAILADDRESS=FOR TEST PURPOSES ONLY, CN=GET A REAL CERTIFICATE!!!, OU=DO
NOT USE COMMERCIALLY, O=Oracle DEMO CA, L=Redwood Shores, ST=California, C=US
Serial number: 57ea4fb9b8fed23d217c1ccc2637737b
Valid from: 10/19/01 1:38 AM until: 3/3/25 1:38 AM
Certificate fingerprints:
MD5: 70:8D:72:01:3D:CF:2B:71:09:0A:5A:C3:05:4F:E4:2D
SHA1: C4:11:DC:C9:85:50:3E:57:1C:DB:74:EF:F3:80:F8:50:06:32:8B:FA


*******************************************
*******************************************

This is my first time using certificates to comunicate with a Web Services, and maybe I dont know how to import a certificate, this are the instruction that I used, can you tell me if its correct?

C:\Program Files\IBM\MQSI\6.0\jre\bin>keytool -import -v -trustcacerts -alias renapo -file c:\renapo\b64certificate.txt -keypass anis1986 -keystore cacerts
Enter keystore password: changeit
Owner: EMAILADDRESS=FOR TEST PURPOSES ONLY, CN=GET A REAL CERTIFICATE!!!, OU=DO
NOT USE COMMERCIALLY, O=Oracle DEMO, L=Redwood Shores, ST=California, C=US
Issuer: EMAILADDRESS=FOR TEST PURPOSES ONLY, CN=GET A REAL CERTIFICATE!!!, OU=DO
NOT USE COMMERCIALLY, O=Oracle DEMO CA, L=Redwood Shores, ST=California, C=US
Serial number: 57ea4fb9b8fed23d217c1ccc2637737b
Valid from: 10/19/01 1:38 AM until: 3/3/25 1:38 AM
Certificate fingerprints:
MD5: 70:8D:72:01:3D:CF:2B:71:09:0A:5A:C3:05:4F:E4:2D
SHA1: C4:11:DC:C9:85:50:3E:57:1C:DB:74:EF:F3:80:F8:50:06:32:8B:FA
Trust this certificate? [no]: yes
Certificate was added to keystore
[Saving cacerts]

Thanks a lot...

Regards.
_________________
Ing. Manuel Silva Zaldivar
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Using WebServices with Message Broker 6.0
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.