Troubleshooting: Receive SSL handshake error on WebSphere Commerce Developer

When running configuration or administration scripts on Websphere Commerce Developer, such as enabling a feature, an SSL handshake failure error is displayed.

Problem

An attempt to run a configuration or administration script on Websphere Commerce Developer fails with an SSL handshake failure error message similar to the following:

[publishEar] CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN "CN=imt109.cn.ibm.com, OU=localhost, OU=localhost, O=IBM, C=US" was sent from target host:port "localhost:9633". The signer may need to be added to local trust store "C:/IBM/SDP/runtimes/base_stub/etc/trust.p12" located in SSL configuration alias "DefaultSSLSettings" loaded from SSL configuration file "file:C:\IBM\SDP/runtimes/base_stub/properties/ssl.client.props". The extended error message from the SSL handshake exception is: "No trusted certificate found".

[publishEar] CWPKI0040I: An SSL handshake failure occurred from a secure client. The server's SSL signer has to be added to the client's trust store. A retrieveSigners utility is provided to download signers from the server but requires administrative permission. Check with your administrator to have this utility run to setup the secure environment before running the client. Alternatively, the com.ibm.ssl.enableSignerExchangePrompt can be enabled in ssl.client.props for "DefaultSSLSettings" in order to allow acceptance of the signer during the connection attempt.

Solution

  1. Right-click the server and select Open.
  2. Navigate to the Security panel.
  3. Select Security is enabled on this server.
  4. Enter the user ID and password for the currently active authentication settings.
    Note: The user ID and password must be the same as the WebSphere® Application Server Primary Administrative User ID and password provided by the WebSphere Commerce Integration wizard.
  5. Select Automatically trust server certificate during SSL handshake.
  6. Click Test connection to test the connection.
  7. Close the WebSphere Commerce Developer toolkit.
  8. Try again to run the configuration or administration script.