Hi Shalini
Please let me know the timezone that you are in. Will do a webex
on Monday to sort this out.
Regards.
Sankar
On Sat, 4 Nov, 2023, 15:53 Shalini Murukes via Broadcom, <
mail@broadcom.com>
wrote:
> Hi Sankar, Few more information for your reference, My project uses both
> REST API call for one section of our application and SOAP API call...
> [image: Broadcom] <https: community.broadcom.com="">
> Service Virtualization
> <https: community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer?communitykey="94bda077-625b-4914-8ac3-c88a06c2cc23">
> Post New Message <
broadcom-servicevirtualization@connectedcommunity.org>
> Re: How to use SSL Certificate for REST API call
> <https: community.broadcom.com/enterprisesoftware/discussion/how-to-use-ssl-certificate-for-rest-api-call#bma96ecfe6-4bc0-4a83-b801-018b99cc529d="">
> Reply to Group
> <
broadcom_servicevirtualization_a96ecfe6-4bc0-4a83-b801-018b99cc529d@connectedcommunity.org?subject=re:+how+to+use+ssl+certificate+for+rest+api+call> Reply
> to Sender
> <https: community.broadcom.com/enterprisesoftware/communities/all-discussions/postreply?messagekey="a96ecfe6-4bc0-4a83-b801-018b99cc529d&ListKey=d4484a56-be7e-428f-99d1-26cc0f5a617e&SenderKey=65e1ec20-76b9-4608-92ca-171ed3297893">
> [image: Shalini Murukes]
> <https: community.broadcom.com/network/members/profile?userkey="65e1ec20-76b9-4608-92ca-171ed3297893">
> Nov 4, 2023 6:24 AM
> Shalini Murukes
> <https: community.broadcom.com/network/members/profile?userkey="65e1ec20-76b9-4608-92ca-171ed3297893">
>
> Hi Sankar,
>
> Few more information for your reference,
>
> My project uses both REST API call for one section of our application and
> SOAP API call for another section of the application . We have been using
> certificate for the SOAP API section since a long time. But the SSL
> certificate for the REST API is being implemented recently.
>
> The Endpoint for the REST API call will be of this format ,
>
> {{Endpoint_Rest_Protocol}}://{{Username}}:{{Password}}@
> {{Endpoint_Rest}}/ws/svc/cxcsampletest/
>
> {{Endpoint_Rest_Protocol}} = https
>
> {{Endpoint_Rest}} = sampleurl-samplecheck.com
>
> In the local.properties of the workstation , if I provide the values as
> below,
>
> ssl.client.cert.path=C:\\Users\\1234567\\DevTest\\Projects\\RestAPI.jks
> ssl.client.cert.pass=password
>
> and
>
> lisa.net.trustStore=C:\\Users\\1234567\\DevTest\\Projects\\RestAPI.jks
> lisa.net.trustStore.password=password
>
> Both the .jks file are the same and have the same password. SInce you
> mentioned that we need to pass the JKS format in the truststore, I tried
> this way, and it gives the below handshake error,
>
> | Trapped Exception: sun.security.validator.ValidatorException: PKIX path
> building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
>
> | Trapped Message: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
>
> But,
>
> In the local.properties, if I provide the values as below,
>
>
> ssl.client.cert.path=C:\\Users\\1234567\\DevTest\\Projects\\certificateRestAPI
> (1).pfx
> ssl.client.cert.pass=certpassword
>
> and
>
> lisa.net.trustStore=C:\\Users\\1234567\\DevTest\\Projects\\RestAPI.jks
> lisa.net.trustStore.password=password
>
> Note that the password for the .pfx format is different from the password
> of the .jks format.
>
> I get the below error,
>
> | Message: javax.net.ssl.SSLHandshakeException: Remote host closed
> connection during handshake
>
> ----------------------------------------------------------------------------
> | Trapped Exception: Remote host closed connection during handshake
> | Trapped Message: javax.net.ssl.SSLHandshakeException: Remote host
> closed connection during handshake
>
> ----------------------------------------------------------------------------
> STACK TRACE
> javax.net.ssl.SSLHandshakeException: Remote host closed connection during
> handshake
> *Reply to Group Online
> <https: community.broadcom.com/enterprisesoftware/communities/all-discussions/postreply?messagekey="a96ecfe6-4bc0-4a83-b801-018b99cc529d&ListKey=d4484a56-be7e-428f-99d1-26cc0f5a617e">*
> *Reply to Group via Email
> <
broadcom_servicevirtualization_a96ecfe6-4bc0-4a83-b801-018b99cc529d@connectedcommunity.org?subject=re:+how+to+use+ssl+certificate+for+rest+api+call>*
> *View Thread
> <https: community.broadcom.com/enterprisesoftware/discussion/how-to-use-ssl-certificate-for-rest-api-call#bma96ecfe6-4bc0-4a83-b801-018b99cc529d="">*
> *Recommend
> <https: community.broadcom.com:443/enterprisesoftware/discussion/how-to-use-ssl-certificate-for-rest-api-call?messagekey="a96ecfe6-4bc0-4a83-b801-018b99cc529d&cmd=rate&cmdarg=add#bma96ecfe6-4bc0-4a83-b801-018b99cc529d">*
> *Forward
> <https: community.broadcom.com/enterprisesoftware/communities/all-discussions/forwardmessages?messagekey="a96ecfe6-4bc0-4a83-b801-018b99cc529d&ListKey=d4484a56-be7e-428f-99d1-26cc0f5a617e">*
> *Flag as Inappropriate
> <https: community.broadcom.com/enterprisesoftware/discussion/how-to-use-ssl-certificate-for-rest-api-call?markappropriate="a96ecfe6-4bc0-4a83-b801-018b99cc529d#bma96ecfe6-4bc0-4a83-b801-018b99cc529d">*
>
> -------------------------------------------
> Original Message:
> Sent: Nov 03, 2023 01:20 PM
> From: Sankar Natarajan
> Subject: How to use SSL Certificate for REST API call
>
> Hi Shalini
> USER_HOME refers typically to the windows folder
> c:\users\
>
>
>
> You are subscribed to "Service Virtualization" as
>
sankar.natarajan@broadcom.com. To change your subscriptions, go to My
> Subscriptions
> <http: community.broadcom.com/preferences?section="Subscriptions">. To
> unsubscribe from this community discussion, go to Unsubscribe
> <http: community.broadcom.com/higherlogic/egroups/unsubscribe.aspx?userkey="36e7cc73-528a-48f6-8c4b-455a0e4cdb59&sKey=KeyRemoved&GroupKey=d4484a56-be7e-428f-99d1-26cc0f5a617e">.
>
>
> Copyright © 2005-2023 Broadcom. All Rights Reserved. The term "Broadcom"
> refers to Broadcom Inc. and/or its subsidiaries.
>
> Hosted by Higher Logic, LLC on the behalf of Broadcom - Privacy Policy
> <https:
www.broadcom.com/company/legal/privacy-policy=""> | Cookie Policy
> <https:
www.higherlogic.com/legal/privacy=""> | Supply Chain Transparency
> <https:
www.broadcom.com/company/citizenship/governance-and-ethics#supply="">> | Terms of Use <http: termsandconditions="">
>
--
This electronic communication and the information and any files transmitted
with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain
information that is confidential, legally privileged, protected by privacy
laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use,
copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error,
please return the e-mail to the sender, delete it from your computer, and
destroy any printed copy of it.
Original Message:
Sent: 11/4/2023 6:24:00 AM
From: Shalini Murukes
Subject: RE: How to use SSL Certificate for REST API call
Hi Sankar,
Few more information for your reference,
My project uses both REST API call for one section of our application and SOAP API call for another section of the application . We have been using certificate for the SOAP API section since a long time. But the SSL certificate for the REST API is being implemented recently.
The Endpoint for the REST API call will be of this format ,
{{Endpoint_Rest_Protocol}}://{{Username}}:{{Password}}@{{Endpoint_Rest}}/ws/svc/cxcsampletest/
{{Endpoint_Rest_Protocol}} = https
{{Endpoint_Rest}} = sampleurl-samplecheck.com
In the local.properties of the workstation , if I provide the values as below,
ssl.client.cert.path=C:\\Users\\1234567\\DevTest\\Projects\\RestAPI.jks
ssl.client.cert.pass=password
and
lisa.net.trustStore=C:\\Users\\1234567\\DevTest\\Projects\\RestAPI.jks
lisa.net.trustStore.password=password
Both the .jks file are the same and have the same password. SInce you mentioned that we need to pass the JKS format in the truststore, I tried this way, and it gives the below handshake error,
| Trapped Exception: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
| Trapped Message: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
But,
In the local.properties, if I provide the values as below,
ssl.client.cert.path=C:\\Users\\1234567\\DevTest\\Projects\\certificateRestAPI (1).pfx
ssl.client.cert.pass=certpassword
and
lisa.net.trustStore=C:\\Users\\1234567\\DevTest\\Projects\\RestAPI.jks
lisa.net.trustStore.password=password
Note that the password for the .pfx format is different from the password of the .jks format.
I get the below error,
| Message: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
----------------------------------------------------------------------------
| Trapped Exception: Remote host closed connection during handshake
| Trapped Message: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
----------------------------------------------------------------------------
STACK TRACE
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
Original Message:
Sent: Nov 03, 2023 01:20 PM
From: Sankar Natarajan
Subject: How to use SSL Certificate for REST API call
Hi Shalini
USER_HOME refers typically to the windows folder
c:\users\</http:></https:></https:></https:></http:></http:></https:></https:></https:></https:></broadcom_servicevirtualization_a96ecfe6-4bc0-4a83-b801-018b99cc529d@connectedcommunity.org?subject=re:+how+to+use+ssl+certificate+for+rest+api+call></https:></https:></https:></https:></broadcom_servicevirtualization_a96ecfe6-4bc0-4a83-b801-018b99cc529d@connectedcommunity.org?subject=re:+how+to+use+ssl+certificate+for+rest+api+call></https:></broadcom-servicevirtualization@connectedcommunity.org></https:></https:></mail@broadcom.com>