Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Michael Talbott (MichaelT1003)
Anthem

Anthem
US
MichaelT1003 Member since 2015 10 posts
Anthem
Posted: Sep 5, 2019
Last activity: Sep 5, 2019
Posted: 5 Sep 2019 15:43 EDT
Last activity: 5 Sep 2019 18:48 EDT
Closed

Soap Integration with Security issue.

Hi All,

I'm trying to integrate to an HTTPS secure wsdl. I'm receiving below linked issue.

** Security Exception. Check digital certificate. Enable SSL debugging for more details..
** Security exception. Unable to verify an authenticated connection; check digital certificate.

Things we know about the integration. The certificate is stored on the JVM and configured properly. The current endpoint we are using is in use in production as is sending requests and receiving responses.

What they have asked us to do is regenerate the wsdl. When I try to integrate using the The connector integration wizard this is the message that comes up.

Do I absolutely need to have a Keystore rule on the pega side or is having the certificate in truststore.xml ok?

This wsdl is avaible in a browser but not reachable from Pega side.

To see attachments, please log in.
Data Integration

Posted: 5 years ago
Posted: 5 Sep 2019 16:25 EDT
Kevin Zheng (KevinZheng_GCS)
PEGA
Director, Technical Support
Pegasystems Inc.
US

what is your app server (guess WAS?) and Pega version? Did you specify truststore in the connect-soap rule form? (that takes the precedence over JVM/app server level truststores). The wizard code flow is different from that of connect-soap runtime - which may explains why it works for connect-soap. Please attach the full pega rules logs if possible.

To see attachments, please log in.
Posted: 5 years ago
Posted: 5 Sep 2019 16:58 EDT
Michael Talbott (MichaelT1003)
Anthem

Anthem
US

Hi Kevin thanks for the response.

We have a tomcat appserver setup and pega version is 7.1.8. 

We did not have a trust store specified in the connect soap rule at all. 

I've looked through the logs and there is nothing more than the error message shown in the screen cap attached. I can access that endpoint in the browser which is very strange.

To see attachments, please log in.
Posted: 5 years ago
Posted: 5 Sep 2019 18:48 EDT
Michael Talbott (MichaelT1003)
Anthem

Anthem
US

Hi Kevin,

 

Here is a snippet of the log when integrating.

 

Show More

Hi Kevin,

 

Here is a snippet of the log when integrating.

 

2019-09-05 11:04:29,314 [97.6.30-8557-exec-11] [TABTHREAD4] [                    ] [       FICR:02.01.01] (ateURLSource._baseclass.Action) ERROR <ip redacted> af77800 - Caught exception when connecting to https<IP redacted>
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
at com.pega.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at com.pega.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:398)
at com.pega.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at com.pega.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at com.pega.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at com.pega.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
at com.pega.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
at com.pega.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:825)
at com.pega.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:759)
at com.pega.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:737)
at com.pegarules.generated.activity.ra_action_pyvalidateurlsource_7ed25a914720005314d9b758dc04974d.step8_circum0(ra_action_pyvalidateurlsource_7ed25a914720005314d9b758dc04974d.java:845)
at com.pegarules.generated.activity.ra_action_pyvalidateurlsource_7ed25a914720005314d9b758dc04974d.perform(ra_action_pyvalidateurlsource_7ed25a914720005314d9b758dc04974d.java:188)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3500)
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10521)
at com.pegarules.generated.activity.ra_action_pyvalidatesourcelocation_ca032eb4a7cfe916fc73eeb9b0a1077c.step5_circum0(ra_action_pyvalidatesourcelocation_ca032eb4a7cfe916fc73eeb9b0a1077c.java:585)
at com.pegarules.generated.activity.ra_action_pyvalidatesourcelocation_ca032eb4a7cfe916fc73eeb9b0a1077c.perform(ra_action_pyvalidatesourcelocation_ca032eb4a7cfe916fc73eeb9b0a1077c.java:140)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3500)
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10521)
at com.pegarules.generated.activity.ra_action_pxparsewsdl_0fbd508ccb43f4cfed125bf88e56183f.step5_circum0(ra_action_pxparsewsdl_0fbd508ccb43f4cfed125bf88e56183f.java:650)
at com.pegarules.generated.activity.ra_action_pxparsewsdl_0fbd508ccb43f4cfed125bf88e56183f.perform(ra_action_pxparsewsdl_0fbd508ccb43f4cfed125bf88e56183f.java:139)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3500)
at com.pegarules.generated.callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.callActivity07_10_17(callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.java:122)
at com.pegarules.generated.callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.invoke(callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.java:82)
at com.pega.pegarules.generation.internal.library.LibraryRuntime.resolveAndinvokeFunctionViaReflection(LibraryRuntime.java:133)
at com.pega.pegarules.generation.internal.library.LibraryRuntime.invokeLibraryRuntime(LibraryRuntime.java:110)
at com.pega.pegarules.session.internal.mgmt.Executable.invokeLibraryRuntime(Executable.java:8954)
at com.pega.pegarules.priv.generator.LibrarySupport.resolveAndInvokeFunctionViaReflection(LibrarySupport.java:181)
at com.pegarules.generated.pega_rules_utilities.callActivity(pega_rules_utilities.java:1744)
at com.pegarules.generated.flowaction.ra_action_pxloadwsdl_b6f839d4bb47a5fbe5addabf97686aac.RunFlowActionActivity_circum0(ra_action_pxloadwsdl_b6f839d4bb47a5fbe5addabf97686aac.java:364)
at com.pegarules.generated.flowaction.ra_action_pxloadwsdl_b6f839d4bb47a5fbe5addabf97686aac.perform(ra_action_pxloadwsdl_b6f839d4bb47a5fbe5addabf97686aac.java:72)
at com.pega.pegarules.session.internal.mgmt.Executable.doAction(Executable.java:3305)
at com.pegarules.generated.activity.ra_action_runflowactionactivity_58efc1b6f854c94714f657cadaebe7ff.step3_circum0(ra_action_runflowactionactivity_58efc1b6f854c94714f657cadaebe7ff.java:383)
at com.pegarules.generated.activity.ra_action_runflowactionactivity_58efc1b6f854c94714f657cadaebe7ff.perform(ra_action_runflowactionactivity_58efc1b6f854c94714f657cadaebe7ff.java:103)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3500)
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10521)
at com.pegarules.generated.activity.ra_action_completeassignment_8fd843cab8c8d0313a5515ca79f06e62.step9_circum0(ra_action_completeassignment_8fd843cab8c8d0313a5515ca79f06e62.java:1339)
at com.pegarules.generated.activity.ra_action_completeassignment_8fd843cab8c8d0313a5515ca79f06e62.perform(ra_action_completeassignment_8fd843cab8c8d0313a5515ca79f06e62.java:225)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3500)
at com.pegarules.generated.callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.callActivity07_10_17(callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.java:122)
at com.pegarules.generated.callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.invoke(callActivity_071017_xvj4o_pyNDBZ4Gy293rekg.java:82)
at com.pega.pegarules.generation.internal.library.LibraryRuntime.resolveAndinvokeFunctionViaReflection(LibraryRuntime.java:133)
at com.pega.pegarules.generation.internal.library.LibraryRuntime.invokeLibraryRuntime(LibraryRuntime.java:110)
at com.pega.pegarules.session.internal.mgmt.Executable.invokeLibraryRuntime(Executable.java:8954)
at com.pega.pegarules.priv.generator.LibrarySupport.resolveAndInvokeFunctionViaReflection(LibrarySupport.java:181)
at com.pegarules.generated.pega_rules_utilities.callActivity(pega_rules_utilities.java:1744)
at com.pegarules.generated.activity.ra_action_performflowaction_dcc0518232737c778d7b712de85b2ed5.step18_circum0(ra_action_performflowaction_dcc0518232737c778d7b712de85b2ed5.java:1706)
at com.pegarules.generated.activity.ra_action_performflowaction_dcc0518232737c778d7b712de85b2ed5.perform(ra_action_performflowaction_dcc0518232737c778d7b712de85b2ed5.java:365)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3500)
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10521)
at com.pegarules.generated.activity.ra_action_finishassignment_d0045083e1b45f7e2330fe3464a87513.step10_circum0(ra_action_finishassignment_d0045083e1b45f7e2330fe3464a87513.java:1435)
at com.pegarules.generated.activity.ra_action_finishassignment_d0045083e1b45f7e2330fe3464a87513.perform(ra_action_finishassignment_d0045083e1b45f7e2330fe3464a87513.java:229)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3500)
at com.pega.pegarules.session.internal.mgmt.base.ThreadRunner.runActivitiesAlt(ThreadRunner.java:646)
at com.pega.pegarules.session.internal.mgmt.PRThreadImpl.runActivitiesAlt(PRThreadImpl.java:461)
at com.pega.pegarules.session.internal.engineinterface.service.HttpAPI.runActivities(HttpAPI.java:3322)
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequestInner(EngineAPI.java:385)
at sun.reflect.GeneratedMethodAccessor85.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.pega.pegarules.session.internal.PRSessionProviderImpl.performTargetActionWithLock(PRSessionProviderImpl.java:1248)
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:986)
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:819)
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequest(EngineAPI.java:331)
at com.pega.pegarules.session.internal.engineinterface.service.HttpAPI.invoke(HttpAPI.java:850)
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl._invokeEngine_privact(EngineImpl.java:315)
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:263)
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:240)
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngineInner(JNDIEnvironment.java:278)
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngine(JNDIEnvironment.java:223)
at com.pega.pegarules.web.impl.WebStandardImpl.makeEtierRequest(WebStandardImpl.java:574)
at com.pega.pegarules.web.impl.WebStandardImpl.doPost(WebStandardImpl.java:374)
at sun.reflect.GeneratedMethodAccessor84.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethod(PRBootstrap.java:367)
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethodPropagatingThrowable(PRBootstrap.java:408)
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingThrowable(AppServerBridgeToPega.java:223)
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethod(AppServerBridgeToPega.java:272)
at com.pega.pegarules.internal.web.servlet.WebStandardBoot.doPost(WebStandardBoot.java:121)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:612)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1736)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1695)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Unknown Source)

Show Less
To see attachments, please log in.
Posted: 5 years ago
Posted: 5 Sep 2019 17:44 EDT
Kevin Zheng (KevinZheng_GCS)
PEGA
Director, Technical Support
Pegasystems Inc.
US

You can refer to this link: https://collaborate.pega.com/question/configuring-two-way-ssl-pega-74-apache-tomcat. For you, you only need to configure truststore if it is just one way SSL to the endpoint. You said it was already done at JVM level, can you share the current JVM arguments? It should work either way (server.xml or JVM).

To see attachments, please log in.
Posted: 5 years ago
Posted: 5 Sep 2019 18:47 EDT
Michael Talbott (MichaelT1003)
Anthem

Anthem
US

We dont have direct access to the server nor the configurations of the environments. Another team handles it. I will have to get back to tommorow for the JVM arguments or the server.xml file. I will let you know in the morning. Thanks alot for the help.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice