| Author |
Message
|
| Bartez75 |
 Posted: Tue Oct 07, 2008 1:20 am Post subject: https error, SOAPRequest and HTTPRequest nodes |
 |
|
Voyager
Joined: 26 Oct 2006
Posts: 80
Location: Poland, Wroclaw
|
Hi,
I have a problem both with HTTPRequest node and SOAPRequest node. I'm trying to connect with SSL.
My error is:
| Quote: |
RecoverableException
File:CHARACTER:F:\build\S000_P\src\WebServices\WSLibrary\ImbWSRequest.cpp
Line:INTEGER:556
Function:CHARACTER:ImbWSRequest::makeWSRequest
Type:CHARACTER:
Name:CHARACTER:
Label:CHARACTER:
Catalog:CHARACTER:BIPv610
Severity:INTEGER:3
Number:INTEGER:3152
Text:CHARACTER:A Web Service request has detected a SOCKET error whilst invoking a web service located at host &1, on port &2, on path &3.
Insert
Type:INTEGER:5
Text:CHARACTER:
Insert
Type:INTEGER:2
Text:CHARACTER:31116
Insert
Type:INTEGER:5
Text:CHARACTER:/PlanServicesWeb/services/SchedulingFactory
SocketException
File:CHARACTER:F:\build\S000_P\src\WebServices\WSLibrary\ImbSocket.cpp
Line:INTEGER:2127
Function:CHARACTER:ImbSocketJNIManager::handleGeneralJavaException
Type:CHARACTER:
Name:CHARACTER:
Label:CHARACTER:
Catalog:CHARACTER:BIPv610
Severity:INTEGER:3
Number:INTEGER:3165
Text:CHARACTER:An error occurred whilst performing an SSL socket operation
Insert
Type:INTEGER:5
Text:CHARACTER:createSocket
Insert
Type:INTEGER:5
Text:CHARACTER:java.net.SocketException: Unconnected sockets not implemented
|
I'm able to connect to webservice and recive response via soapUi program.
I can connect there also with web browser. I test it from the same machine where broker 6.1 is installed.
I have added certificate to cacert keystore file in the broker to enable the HTTPRequest node for SSL with Server Authentication.
Did anyone have it before?
Is there any good example/description how to configure SSL connection with nodes SOAP Request or HTTPRequest on broker 6.1?
Last edited by Bartez75 on Tue Oct 07, 2008 3:36 am; edited 1 time in total |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Tue Oct 07, 2008 3:02 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20767
Location: LI,NY
|
|
| Back to top |
|
|
| Bartez75 |
| Posted: Wed Oct 08, 2008 1:48 am Post subject: |
|
|
Voyager
Joined: 26 Oct 2006
Posts: 80
Location: Poland, Wroclaw
|
Hi
Any help here? What to check first? |
|
| Back to top |
|
|
| Bartez75 |
| Posted: Tue Oct 28, 2008 3:08 am Post subject: |
|
|
Voyager
Joined: 26 Oct 2006
Posts: 80
Location: Poland, Wroclaw
|
Hi
I have found out that I have this error right now:
Default SSL context init failed: IBMKeyManager: Problem accessing key store java.lang.Exception: Keystore file does not exist: tws.jks
Do I need to create this keysstore tws.jks? Is that the problem?
If yes, how? With ikeyman?
I'm using broker 6.1. Where should it be added?
Can you please explain it in some steps, what should I do/check? |
|
| Back to top |
|
|
| marcin.kasinski |
| Posted: Tue Oct 28, 2008 5:02 am Post subject: |
|
|
Sentinel
Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
|
My advice:
google -> "message Broker HTTPS" - > first link
Please read this.
If you have additional questions ask here.
_________________
Marcin |
|
| Back to top |
|
|
| Bartez75 |
| Posted: Tue Oct 28, 2008 1:24 pm Post subject: |
|
|
Voyager
Joined: 26 Oct 2006
Posts: 80
Location: Poland, Wroclaw
|
|
| Back to top |
|
|
| marcin.kasinski |
| Posted: Tue Oct 28, 2008 1:59 pm Post subject: |
|
|
Sentinel
Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
|
| Quote: |
| Keystore file does not exist: tws.jks. |
It means that you are trying to use this keystore file for SSL authentication.
Problem is that this file doesn't exist.
_________________
Marcin |
|
| Back to top |
|
|
| Bartez75 |
| Posted: Wed Oct 29, 2008 3:09 am Post subject: |
|
|
Voyager
Joined: 26 Oct 2006
Posts: 80
Location: Poland, Wroclaw
|
Ok, file tws.jks is not created. What I did, was adding a file with extension .cer that I have saved from webservice from web browser to a cacerts.
How can I generate/get this tws.jks file? Sorry for maybe stupid questions. Is it something that I should get from webservice provider? What broker expects to have in that file? |
|
| Back to top |
|
|
| marcin.kasinski |
| Posted: Wed Oct 29, 2008 3:54 am Post subject: |
|
|
Sentinel
Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
|
| Bartez75 wrote: |
Ok, file tws.jks is not created. What I did, was adding a file with extension .cer that I have saved from webservice from web browser to a cacerts.
How can I generate/get this tws.jks file? Sorry for maybe stupid questions. Is it something that I should get from webservice provider? What broker expects to have in that file? |
keystore -> store with your key pair.
truststore -> store with public keys of your partners
File tws.jks is not created but as you can see you configured broker to use it as your keystore. You can create this file with lots of tools (ikeyman, keytool , ...).
File with extension .cer is public key.
What you should do:
0. read documentation again.
no offence. I just think you don't understand SSL concept.
1. create / update existing keystore and create / place there your key pair
2. create truststore and place there public keys from your WS partner.
3. configure broker
_________________
Marcin |
|
| Back to top |
|
|
| Bartez75 |
| Posted: Fri Oct 31, 2008 5:51 am Post subject: |
|
|
Voyager
Joined: 26 Oct 2006
Posts: 80
Location: Poland, Wroclaw
|
Hi,
I have now this error:
Default SSL context init failed: IBMKeyManager: Problem accessing key store java.io.IOException: Keystore was tampered with, or password was incorrect
I think I tried different settings but still got this error. In this topic http://mqseries.net/phpBB2/viewtopic.php?t=45212&sid=2c63a6975600754721dc4b95b3f03743 you had this problem. Did you solve it? If yes, please post how. I tried also things that are described at the end of your topic but without success. |
|
| Back to top |
|
|
| marcin.kasinski |
| Posted: Fri Oct 31, 2008 6:16 am Post subject: |
|
|
Sentinel
Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
|
I had only problems with SOAP nodes and SSL (APAR IC56802).
HTTP nodes and SSL work fine.
_________________
Marcin |
|
| Back to top |
|
|
| akashdwolf |
| Posted: Mon Mar 27, 2017 12:27 am Post subject: |
|
|
Apprentice
Joined: 09 Feb 2017
Posts: 28
Location: Mumbai
|
Before SOAP Request node use a compute node and use below piece of code:
SET OutputLocalEnvironment.Destination.SOAP.Request.Transport.HTTP.SSLProtocol = 'SSL_TLSv2';
We can use any of the below protocols depending on the destinations protocol
SSL, SSLv3, TLS, TLSv1, TLSv1.1, TLSv1.2, SSL_TLS, and SSL_TLSv2
one of them would surely work. |
|
| Back to top |
|
|
| smdavies99 |
| Posted: Mon Mar 27, 2017 12:32 am Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
Do you want to share with us why you thought that re-openeing a thread that is NINE years old is a good thing?
Things have moved on since an awful lot since then...
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
|
|
