Thursday, 4 February 2016

IBM BPM - General SSLEngine problem

I saw this earlier today: -

... <soapenv:Body xmlns:soapenv="" xmlns:soapenc="" xmlns:xsd="" xmlns:xsi=""><soapenv:Fault><faultcode>soapenv:Server</faultcode><faultstring> General SSLEngine problem</faultstring></soapenv:Fault></soapenv:Body>

whilst trying to test a newly created IBM BPM component.

I'm using IBM Integration Designer (IID), which has a built-in Integration Test Environment (ITE), which is really just a standalone, single server BPM Process Server.

My BPM component, an SCA module, makes a call to a Web Service hosted on a separate, external, IBM ODM Rules Decision Server ( aka Hosted Transparent Decision Service ) : -

Given that I was making a call from one WAS to another, I worked on the assumption that SSL was the problem - yes, the message does kinda imply that.

I proved this by updating the binding of the BPM SCA Import component from the HTTPS URL to: -

This, of course, worked, thus validating my hypothesis.

I then retrieved the SSL Signer Certificate that the ODM Decision Server  presented into the WAS trust store: -

AdminTask.retrieveSignerFromPort('[-keyStoreName NodeDefaultTrustStore -keyStoreScope (cell):'+cellID+' -host -port 9444 -certificateAlias ODM -sslConfigScopeName (cell):'+cellID+' ]') 

and re-tried my BPM process.

This time, of course, it worked OK :-)

Easy when you know how :-)

No comments: