Quantcast

How to install SSL Certificates on OpenESB SE

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

How to install SSL Certificates on OpenESB SE

AshutoshSingh
This post has NOT been accepted by the mailing list yet.
Hello All,

I want to install SSL certificate on OpenESB server so that it can communicate with one https based servlet. I have developed the project using http-bc component to call the servlet. However in order to communicate with that I need to install the certificates at my OpenESB server end.

Is there any document which can be referred to perform this task on SE edition of OpenESB.

Thanks,
Ashutosh
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How to install SSL Certificates on OpenESB SE

AshutoshSingh
This post has NOT been accepted by the mailing list yet.
Folks,

Just to add to my previous post. I am using http-bc type of WSDL and created the Bpel project. Also performed following steps

1. Created keystore.jks at %OPENESB_HOME%/keystore.jks path.
2. Created cacerts.jks at %OPENESB_HOME%/cacerts.jks path
3. Updated keystore and truststore with SSL certificate provided by the target application.

Now when I am testing my BPEL application I am getting ssl handskare error.
"
Caused by: com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
"
I need to know at what path http-bc adapter is looking for certificates. Required certificates are installed in my keystore and cacerts files. But looks like it is looking somewhere else.

Any help here is highly appreciated. Logs are attached.

Thanks,
Ashutosh
server.log
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How to install SSL Certificates on OpenESB SE

AshutoshSingh
This post has NOT been accepted by the mailing list yet.
Anyone?

I think this is quite simple requirement but looks like no one has done this on SE edition. Lack of documentation is quite troublesome sometimes. Anyways I will update this post if I am able to fix this.

Thanks,
Ashutosh
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: How to install SSL Certificates on OpenESB SE

vishnu.piskala

Hi Ashutosh

 

The steps you have mentioned are correct. We are running OpenESB Standalone in https mode in production.

 

Just make sure that your certificates in keystore are chained. Have a look at this link: https://www.digicert.com/ssl-support/pem-ssl-creation.htm. Once you have created the chained certificate, you can then import it in keystore.

 

Regards

Vishnu

www.logicoy.com

 

 

 

 

From: AshutoshSingh [via OpenESB Community Forum] [mailto:[hidden email]]
Sent: Tuesday, May 17, 2016 6:42 PM
To: vishnu.piskala
Subject: Re: How to install SSL Certificates on OpenESB SE

 

Anyone?

I think this is quite simple requirement but looks like no one has done this on SE edition. Lack of documentation is quite troublesome sometimes. Anyways I will update this post if I am able to fix this.

Thanks,
Ashutosh


If you reply to this email, your message will be added to the discussion below:

http://openesb-community-forum.794670.n2.nabble.com/How-to-install-SSL-Certificates-on-OpenESB-SE-tp7581287p7581290.html

To start a new topic under OpenESB Community Forum, email [hidden email]
To unsubscribe from OpenESB Community Forum, click here.
NAML

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: How to install SSL Certificates on OpenESB SE

AshutoshSingh
This post has NOT been accepted by the mailing list yet.
This post was updated on .
Hello Vishnu,

Thanks for replying, really appreciate it.

I deleted installed certificates and reinstalled it. This time I used .pem file, earlier I installed it from .cer file.
Though my certificate does not have chain but looks like this is the right way of installing it in OpenESB.

Now It has started to work. No more handshake error.

Thanks a lot.

Regards,
Ashutosh
Loading...