Question

7
Replies
2338
Views
SantoshV3553 Member since 2014 4 posts
CapGemini
Posted: 3 years ago
Last activity: 3 years 5 months ago
Closed
Solved

SSL handshake issue Rest connect

, I was still not able to find out the root cause. I have collected so many screen shots during my research during the week and as well in weekend.

Initially we had issue even connecting from SOAP UI tool. After configuring the SOAP UI tool to use TLS Version 1.2, it was able to make connection. Also, initially our XML format was in-correct and after fixing it we have received response from Hadoop Web service with response XML. We tried with Keys tore file in the SSL connection and without Keys tore file. Both situations the SOAP UI tool was able to get the response and expected results.

After referring Pega documentation, it was suggested to use the Key store file reference in the connect rule and where the file is imported into Data-Admin-KeyStore rule. I have created a keystore file with Hadoop SSL certificate imported into it and tried, but it did not work. Another suggestion was to add the Client Key Pair, but no success.

After this I have used the actual key store file that was created by Mike Mittman, in the Connect rule in Pega. The first error encountered was javax.net.ssl.SSLException: hostname in certificate didn't match.

PDN suggested to update the Dynamic system setting, Which I have tried. Provided the screen shot below. But again this was led to the another repeating error “Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated” which were seeing multiple times during our research. We have created the service ticket with Pega already. This might be related to the configuration of Pega and how Pega is making the SSL connection and sending the certificate details to connect to the Hadoop end point. We need some tomcat server level debugging and trace the communication.

I am guessing that Pega is not picking up the certificate details from the Key store file and sending them to the Hadoop End Point. Scroll to the bottom to see the Pega ticket details. We need to figure out this quickly and fix it

***Moderator Edit: Vidyaranjan | Tagged SR Created***

Data Integration Security SR Created
Moderation Team has archived post
Share this page LinkedIn