Service Virtualization

Hi All,

I am triggering 1 SOAP request message in which the endpoint is "https" and its one way ssl, so no need of certificate required. I'm using DevTest 9.0 as my workstation. When trigger that request message with one way ssl endpoint, I'm getting below error:

<ns1:stackTrace xmlns:ns1="javax.net.ssl.SSLHandshakeException" rel="nofollow" target="_blank">http://xml.apache.org/axis/">javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
 at sun.security.ssl.Alerts.getSSLException(Unknown Source)
 at sun.security.ssl.Alerts.getSSLException(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
 at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:535)
 at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
 at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
 at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
 at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
 at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
 at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
 at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)
 at com.itko.lisa.ws.axis.LisaHTTPSender.doInvoke(LisaHTTPSender.java:497)
 at com.itko.lisa.ws.axis.LisaHTTPSender.invoke(LisaHTTPSender.java:274)
 at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
 at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
 at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
 at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
 at org.apache.axis.client.Call.invokeEngine(Call.java:2837)
 at org.apache.axis.client.Call.invoke(Call.java:2820)
 at com.itko.lisa.ws.nx.NxWSStep.executeCall(NxWSStep.java:383)
 at com.itko.lisa.ws.nx.NxWSStep.execute(NxWSStep.java:287)
 at com.itko.lisa.ws.nx.ui.NxWSStepEditor$6.run(NxWSStepEditor.java:599)</ns1:stackTrace>

Now another thing that I wanted to let you know is that When I'm using LISA 7.5.1 I'm getting correct response but when I use DevTest 9.0 the above error is generated.

Please let me know on this.

Hi Abhi,

Verify what are the SSL properties you have in the local.properties for your 7.5.1 Workstation and try to set the same properties on your 9.0 installation (copy the properties from 7.5.1 and paste in the new local.properties file for 9.0).

Do you have the property below enabled in 7.5.1?

   ssl.checkexpiry=false

Hope it helps.

Heloisa

Hi Maria,

I tried everything from my side adding the local properties file of LISA 7.5.1 below code in DevTest 9.0 then also same issue I'm facing-

lisa.default.keystore={{LISA_HOME}}webreckeys.ks
lisa.default.keystore.pass=passphrase

About " ssl.checkexpiry=false", No its not their in LISA 7.5.1 and I tried to add in DevTest 9.0 same issue faced after  restarting the Workstation.

My Server is in different Machine should I add the " ssl.checkexpiry=false" in Server as well?

Please let me know on this.

Thanks,

Abhi

Hi deoma03,

Any suggestions on the above issue?

Thanks,

Abhi

Hi Abhi,

First, try to make sure you are able to access that HTTPS endpoint from a different tool running on the same machine where the Workstation is running - you can try web browser, your 7.5.1 Workstation, SoapUI, a REST client...

If the request works fine from a different tool, please add the following property to the Workstation.vmoptions file (you will find the vmoptions file under $DEVTEST_HOME/bin folder):

-Djavax.net.debug=ssl

This property will add debug SSL handshake information to the Workstation log files. From these debug messages we should be able to find more details about the exception you are facing. 

If your request doesn't work fine from a different tool running on the same host, then the issue is not with DevTest.

In case the issue is only with DevTest, please open a support ticket and attach the workstation log files with the SSL debug details.

You can open a support case via support.ca.com or you can call the number 1-800-225-5224.

Thank you,

Heloisa

   Have you added any certificate details (Root cert) to cacert located in <Devtest_home>/jre/lib/securities folder in Devtest 7.5.1 and missing in Devtest 9.0?

Hi Srikanth,

No, I have not changed any settings in my DevTest.

Thanks,

Abhishek

Please raise a support case with the details through support.ca.com. We will take a look and resolve your issue.

Thanks,

Srikanth