Connect to SSL certificate secured WebService from WebSphere

Question

we have WAS (Websphere Application Server) 7 web service, that is somekind of proxy to other party SSL secured WebService.

When using our WebService (Client) outside WAS (for example using eclipse) it will connect with no problem, but not inside WAS. I have also created test service that is using function to print other party WebService (Server) wsdl.

public void testSSL() {
  URL u;
  InputStream is = null;
  DataInputStream dis;
  String s;

  try {

    System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
    System.setProperty("javax.net.ssl.keyStore", "/home/...");  //path to jks certificate
System.setProperty("javax.net.ssl.keyStorePassword", "******");
System.setProperty("javax.net.ssl.requireClientAuth", "true");

u = new URL("https://...?WSDL");
is = u.openStream();         // throws an IOException
dis = new DataInputStream(new BufferedInputStream(is));

while ((s = dis.readLine()) != null) {
    System.out.println(s);
}
  } catch (MalformedURLException mue) {
 System.out.println("Ouch - a MalformedURLException happened.");
 mue.printStackTrace();
 System.exit(1);
  } catch (IOException ioe) {
 System.out.println("Oops- an IOException happened.");
 ioe.printStackTrace();
 System.exit(1);
  } finally {
 try {
    is.close();
 } catch (IOException ioe) {
    // just going to ignore this one
 }
  } // end of 'finally' clause
} 

Answer 1

Your issue is probably because the certificate of the remote server is not trusted by the Websphere server. If your local testing is on Windows it will be using the same key store as Internet Explorer uses.

Rather than trying to configure the keystore in your Java code using System.SetProperty() take a look in the Websphere Admin Console under Security > SSL certificate and key management > Key stores and certificates

Its likely that your Java code kis being overridden by the servers own configuration.

If you post the Exceptions you're getting it will be easier to advise.