0
votes

We have a websphere application that must connect to a webservice over https. Websphere Application server has version 8.5.5

We have the wsdl of the service, so we were able to create the client using the JAX-WS wizard in eclipse 4.5.

The SSL connection requires both accepting the server certificate and authentication with client certificate (private key).

The restriction we have is that the SSL configuration must be at application level, and not at server level. In a first time we were able to configure the server with the repective certificates in the default truststore and keystore, but that configuration was not accepted.

So we created a SSL configuration with a keystore that includes both the signer certificates of the server of the webservice and the personal certificate (with the private key) of the client. Type is JKS.

We suppose that we have to create in some way a "Web services Client security bindings" in Applications > Application Types > WebSphere enterprise applications > application_name > Manage Module > module_name > Web services: Client security bindings, but that list is empty:

enter image description here

Currently when we try to test the service client we get the exception:

exception: javax.xml.ws.soap.SOAPFaultException: 
  javax.net.ssl.SSLHandshakeException: General SSLEngine problem
1

1 Answers

1
votes

You need to import the SSL certificate into the Web SPhere truststore, you can do it from here:

Security > SSL certificate and key management > Key stores and certificates > CellDefaultTrustStore > Signer certificates > Retrieve from port

or

You can directly upload the certificate from:

SSL certificate and key management > Key stores and certificates > CellDefaultTrustStore > Signer certificates > Add signer certificate

Hope this solves your issue.