| Author |
Message
|
| limal_raja |
 Posted: Thu Mar 17, 2011 1:19 pm Post subject: HTTPRequest node calling a webservice in datapower |
 |
|
Novice
Joined: 11 Nov 2009
Posts: 19
|
I have the following very simple flow.
mqinput--> httprequest --> mqoutput
And the HTTPRequest node points to a very simple webservice(whatever request is sent will be echoed back in the response) hosted on DataPower.
I have done all the checks for certificates related configs and necessary settings in the HTTPRq node properties.
But i am getting the following error in broker trace :
2011-03-17 17:08:52.828323 11244 RecoverableException BIP3152S: Socket error detected whilst invoking Web service located at host 'vtest01esb', port 443, path '/loopback'.
This may be a transient error, such as a server not responding, or a symptom of an invalid hostname or port number.
Check that the hostname and port number are valid, and point to a functioning Web service.
2011-03-17 17:08:52.828346 11244 SocketException BIP3165S: An error occurred whilst performing an SSL socket operation. Operation: 'connect'. Error Text: 'java.net.SocketException: Connection reset'.
This may be a temporary error, such as a server not responding, or a symptom of an invalid hostname or port number.
See the following messages for information pertaining to this error.
2011-03-17 17:08:53.830135 11244 Error BIP2648E: Message backed out to a queue; node 'TEST_RQ.TEST_RQ'.
and the following error on datapower:
Event Code 0x806000ca -
The SSL subsystem was unable to locate the peer's X.509 certificate during protocol negotiation.
valcred (Unified_Gateway_ValCred): SSL Proxy Profile 'Unified_Gateway_SSL_Proxy_Profile': connection error: peer did not send a certificate |
|
| Back to top |
|
 |
| harish_td |
| Posted: Sun Mar 20, 2011 5:14 am Post subject: Re: HTTPRequest node calling a webservice in datapower |
|
|
Master
Joined: 13 Feb 2006
Posts: 236
|
| limal_raja wrote: |
valcred (Unified_Gateway_ValCred): SSL Proxy Profile 'Unified_Gateway_SSL_Proxy_Profile': connection error: peer did not send a certificate |
Looks like you have Forward/2 way validation turned on within your SSL Proxy profile on DataPower.
Have you added the Message Broker certificate to your Validation Credentials?
When you use a tool like soapUI to send a message from your HTTP Request node, do you see the personal certificate being sent along with your request? |
|
| Back to top |
|
|
| limal_raja |
| Posted: Tue Mar 22, 2011 6:43 am Post subject: |
|
|
Novice
Joined: 11 Nov 2009
Posts: 19
|
1.) Yes we have Forward/2 way validation turned on within your SSL Proxy profile on DataPower
2.) Yes we have added the Message Broker certificate to your Validation Credentials?
3.) As you can see from the we have: mqinput--> httprequest --> mqoutput.
And i use RFHUTil to test this. When i put a message into the queue using RFHUtil i get the hand shake exception on the queue. I dont see the certificate being sent and that is the issue i want to resolve and am stuck with. |
|
| Back to top |
|
|
| harish_td |
| Posted: Tue Mar 22, 2011 7:56 pm Post subject: |
|
|
Master
Joined: 13 Feb 2006
Posts: 236
|
Wouldn't just Identification Credentials be enough to secure WMB communication with DataPower?
Is there a specific need that you would like to implement Validation Credentials? |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Mar 23, 2011 2:44 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| You have configured the HTTPRequest node to do SSL, and configured all the necessary pieces on the broker side to know the certificate to use and to trust the datapower certificate? |
|
| Back to top |
|
|
|
|
