0

I am facing the SSL Exception file Keystore.jks not found only in one environment rest of the environment works fine we have 4 environments.

i am calling a rest http url by using DefaultHttpClient . i have developed this in java and plugged in the jar to our IBM BPM process.

 DefaultHttpClient httpclient = new DefaultHttpClient();

                  List<String> authpref = new ArrayList<String>();                     
                  authpref.add(AuthPolicy.NTLM);

                  NTCredentials ntlm =new NTCredentials(userName, password, "", "XXXX");       
                  httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);

           //     httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
           //     UsernamePasswordCredentials creds = new UsernamePasswordCredentials(userName,password);  
           //     httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds);

                  httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, ntlm);

                  String finalURL = baseURL  +folderpath;
                  finalURL = finalURL.replaceAll(" ", "%20");
                  System.out.println("final URL --->"+finalURL);
                  HttpGet request2 = new HttpGet(finalURL);  // target
                  request2.addHeader("Accept", "application/json;odata=verbose");

                   HttpResponse response2 = null;
                  response2 = httpclient.execute(request2);

i have also tried using a custom http client. 

public class CustomHTTPClient
{
  public DefaultHttpClient getNewHttpClient()
  {
    try
    {
      KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
      trustStore.load(null, null);
      MySSLSocketFactory sf = new MySSLSocketFactory(trustStore);
      sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
      HttpParams params = new BasicHttpParams();
      HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
      HttpProtocolParams.setContentCharset(params, "UTF-8");

      SchemeRegistry registry = new SchemeRegistry();
      registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
      registry.register(new Scheme("https", sf, 443));

      ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);

      return new DefaultHttpClient(ccm, params);
    }
    catch (Exception e) {}
    return new DefaultHttpClient();
  }
}

public class MySSLSocketFactory
  extends org.apache.http.conn.ssl.SSLSocketFactory
{
  SSLContext sslContext = SSLContext.getInstance("TLS");

  public MySSLSocketFactory(KeyStore truststore)
    throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
  {
    super(truststore);

    TrustManager tm = new X509TrustManager()
    {
      public void checkClientTrusted(X509Certificate[] chain, String authType)
        throws CertificateException
      {}

      public void checkServerTrusted(X509Certificate[] chain, String authType)
        throws CertificateException
      {}

      public X509Certificate[] getAcceptedIssuers()
      {
        return null;
      }
    };
    this.sslContext.init(null, new TrustManager[] { tm }, null);
  }

  public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
    throws IOException, UnknownHostException
  {
    return this.sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
  }

  public Socket createSocket()
    throws IOException
  {
    return this.sslContext.getSocketFactory().createSocket();
  }
}

This is a rest http URL not the https. Can any one advise please

mktl
  • 29
  • 1
  • 6
  • I would suggest looking at the start up params/arguments being passed to what I'd guess would be websphere or the configuration files as likely you have something incorrect with regards to the path to the keystore. On startup you should see an error relating to it. – JGlass Feb 07 '18 at 14:18
  • We have checked the params/arguments and rest of the configurations all look similar. – mktl Feb 09 '18 at 11:11
  • config in was looks as below – mktl Feb 09 '18 at 11:30
  • On these `keyStore="KeyStore_1447230154787" trustStore="KeyStore_2"`, is this the same "path" as is used on the other environments that work? I mean, you dont really have a path, just a file name but are the other servers/environments the same? Are the two keystore files referenced above in the EXACT same location as in the other environments? Also, just a sanity check, do those files have the same name? One think I note, and not sure it matters is almost everything has this at end 1447230154787 but this is different Property_1500233465478? – JGlass Feb 09 '18 at 13:57

0 Answers0