Skip to Main Content
Forums

Cloud Platform

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Handshake failure (SSLException) with REST connector

BaduelMar 31 2016 — edited Apr 18 2016

Hello experts,

I'm trying to test a REST connector with this security policy: oracle/http_basic_auth_over_ssl_client_policy

I have a .pfx certificate that I've imported in my OS (and in Google Chrome) in order to test the direct connection to the service with Postman; in this case everything works fine.

I've converted the .pfx certificate in a .pem format in order to read the base-64 encoded certificate. The certificate looks like the following:

Bag Attributes

    localKeyID: [...]

    friendlyName: [...]

subject=[...]

issuer=[...]

-----BEGIN CERTIFICATE-----

MIID4zCCAsugAwIBAgIEVuvqJDANBgkqhkiG9w0BAQ0FADCBrTEqMCgGCSqGSIb3

[...]

-----END CERTIFICATE-----

Bag Attributes: [...]

subject=[...]

issuer=[...]

-----BEGIN CERTIFICATE-----

MIIEDzCCAvegAwIBAgIEVOxP+DANBgkqhkiG9w0BAQsFADCBrTEqMCgGCSqGSIb3

[...]

-----END CERTIFICATE-----

Bag Attributes

    localKeyID: [...]

    friendlyName: [...]

Key Attributes: [...]

-----BEGIN PRIVATE KEY-----

MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC57SpHJa2BIRNP

[...]

-----END PRIVATE KEY-----

Here the steps I performed:

  1. In Administration > Keys & Certificates > SSL Certificates, I've pasted the part between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- (included) in order to create the certificate. I've performed this step once for each block certificate (first question, why I have two of these blocks?);
  2. In the CSF Keys tab I've created a new key with a username and a password that I've choosen in that moment;
  3. In Applications > Connectors I've created a new connector, with no rule and the security policy oracle/http_basic_auth_over_ssl_client_policy. In the Policy Overrides section, I've selected the csf-key with the key previously created;
  4. In the test section I select the Mobile Backend with the current version, a valid username and password trying to test the connector.

The result is the following:

{

  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",

  "status": 500,

  "title": "Internal exception invoking Rest Connector.",

  "detail": "An unexpected exception occurred internal to the REST Connector. Review the exception and try calling the service again. If the exception occurs again, contact Oracle Support Services.",

  "o:ecid": "005BpJm3XdXA9T3_Rlc9yd0003TG00000y, 0:4:5:1:22:10",

  "o:errorCode": "MOBILE-16202",

  "o:errorPath": "/internal-tools/env/1.0/ui-tooling/endpoint/mobile/connector/[connector_name]",

  "o:errorDetails": [

  {

  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",

  "title": "javax.net.ssl.SSLException",

  "detail": "Received fatal alert: handshake_failure"

  }

  ]

}

Probably I've wrong/missed some steps. Someone can help?

Thanks in advance.

Manuel
Comments
Post Details
Added on Mar 31 2016
#connector, #mobile-intelligent-bot-and-mobile-analytics, #mobile-intelligent-bot-and-mobile-analytics-discussion, #rest, #ssl, #tech-exchange
7 comments
2,140 views