Blogs   »   Security   »   Post:

webMethods step by step https communication from Integration server
Jan 27, 2012 10:01 0 Comments Security Vikram

 

Task: Https communication from wM Integration server

 

OS: WindowsOS

 

Platform: webMethods 6.1

 

Here we are having a scenario where in which we need to communicate/send a message to an Https URL using pub.client.http service.

 

Sample Scenario: 

Communication from webMethods to xyzlogistics(sending data to a Tibco system) using Https URL.

1)      First we need to check weather the firewalls between the two communicating servers were open or not.

 

If the firewalls between the two servers were not open then we will be getting “connection timedout” or

“Connection refused” Error.

 

alt

 

2)      Once the firewalls were open then check it weather we can ping the destination server or not,  for this log on to putty and do telnet

 

 

If the firewalls are open then you will get a response else there u will get the following error:

 

alt

 

 

Once you confirm the firewall openings, still u find problem while sending the data to https url using pub.client.http service.

 

alt

 

 

3) Then you have to get the client certificate.

In order to get the xyzlogistics client certificate we have followed the procedure

 

openssl s_client –connect B2B.edc.xyzlogistics.com:443 > ~/test.cert

 

Then we can find the client certificate/xyzlogistics certificate at our root directory.

 

alt

 

 

4) It usually comes as .cert extension, rename it to .der then we can find this

 

alt

 

 

5) Copy the certificate to /webMeth/webMethods61/IntegrationServer/config/ClientCertificates

 

alt

 

 

6) Then go to security -> Certificates

 

alt

 

 

Then give the path where the actual physical certificate is located

 

alt

 

 

And then click on import certificate

 

Then we can find the certificate installed and appears in the certificates list

 

alt

 

 

7) Restart webmethods server

 

8) Then again try doing client.http.

 

9) It should work, if it does not works and again throws ssl exception or  server certificate rejected by chain verifier exception then it’s a slef signed certificate not a CA

 

alt

The above mentioned certificate is a self signed certificate since its issuer is xyzlogistics, were as in a CA certificate you can find the issuer as virisign or other party.

 

10) If we have self signed certificate then place the certificate at config/CACertificates folder then restart the server

 

Now you can successfully do pub.client.http using the https url followed by  data,username and password.

 

Prev Next
About the Author
client name
Vikram Forums Topics4 Blog Posts7 IQs Posts5 Video Posts0
DOJ:  19 Jun 2014
Topic Replies (0)
Leave a Reply
Guest User
You might also like

Not sure what course is right for you?

Choose the right course for you.
Get the help of our experts and find a course that best suits your needs.

Let`s Connect