Configuring SSL certificates for Link Java WEB Client
This documentation explains how to configure an SSL certificate for the Link Java WEB client.
About this task
Note:
- Please note that if you encounter the following error while configuring the
HCH runtime server, you will need to import the Link server certificate into
the JRE keystore or truststore. This problem occurs when java web clients
try to access web servers that have server certificates signed by unknown
authority.
com.hcl.tx.server.impl.ServiceException: An error was encountered when invoking an endpoint: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. - Please note that if you encounter the following license-related SSL errors
when accessing a UNICA platform running on HTTPS, you will need to import
the Unica Link platform certificate into the JRE (Java Runtime Environment)
keystore or truststore. This problem occurs when java web clients try to
access web servers that have server certificates signed by unknown
authority.
SEVERE [https-jsse-nio-8443-exec-5] com.hcl.hip.ws.resources.AuthFilter.checkLicense Invalid license, request GET https://localhost:8443//tx-server/rest/v1/tx/license_check//platform failed, this Link instance is not licensed to execute the request.SEVERE [https-jsse-nio-8443-exec-5] com.hcl.hip.ws.resources.AuthFilter.checkLicense This Link instance is not licensed to execute the REST requests. Error: Internal Server Error
To configure SSL certificates for the Link Java WEB client, complete thefollowing steps:
Procedure
-
Collect the WEB server certificate by executing the following command:
For Link Server openssl s_client -connect <Link server hostname>:<PORT> For Unica Platform openssl s_client -connect <UNICA platform hostname>:<PORT> -
Copy the following content from the generated output after running the earlier
command and save the certificate in either .cer file
format:
------BEGIN CERTIFICATE------ .......... ------END CERTIFICATE------ -
Import the certificate from the file (created in step 2) into JRE (Java Runtime
Environment) keystore using the following command:
For Windows
sudo keytool -import -trustcacerts -keystore <Link installation folder>/java/lib/security/cacerts -storepass changeit -noprompt -alias <Alias> -file <Cert File path>For Linux Nativesudo keytool -import -trustcacerts -keystore <Link installation folder>/tomcat-context/install/java/lib/security/cacerts -storepass changeit -noprompt -alias <Alias> -file <Cert File path - Restart Link.