SSL 握手失败，无法从 WSO2 ESB 代理服务调用 Tibco BW6 安全 API

Question

I have created a proxy service in WSO2 ESB 4.9.0 and I am calling a secured https API which is made in Tibco BW6. This API is secured with SSL security. When I send my message from proxy service to Tibco API, I get SSL hand shake problem.
Also I have imported a client.cer certificate in my jks carbon key store on my WSO2 ESB but still I am unable to send my message on API. Note: I have no experience about SSL

ERROR IN LOGS: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

Answer 1

You can export the server certificate via the browser. Then import it into the client-truststore.jks. For trouble shooting you may have to do an SSL debug and my blog post [1] will help you doing this.

You can follow the following steps to import your server certificate into wso2esb client's keystore as follows:

• Go to backend service in your browser, and then click the HTTPS trust icon on the address bar (eg, the padlock next to the URL in Firefox).
• View the certificate details (the steps vary by browser) and then export the trust certificate to the file system.
• Use the ESB Management Console or the following command to import that certificate into the ESB client keystore. keytool -importcert -file -keystore /repository/resources/security/client-truststore.jks -alias "your-alias"
• Restart the server.

Happy coding!

[1] http://ravindraranwala.blogspot.com/2014/11/ssl-debugging-in-wso2-esb.html