Accessing an HTTPS web service from WAS web client
Posted by Albin Joseph | Posted in WebSphere | Posted on 17-04-2008
22
(1 votes, average: 5.00 out of 5)
Accessing an HTTPS web service from WAS web client
Calling an HTTPS web service is a hell, if all our configurations are not correct. Accessing or calling a secured or HTTPS web service from a WAS web client, involves some configuration at the WAS side. If we miss these configurations we will get some nice SSL exceptions.
In order to get rid of all these SSL exceptions we need to import the server certificate to WAS trust store. So first extract the server certificate. To extract the server security certificate enter the URL in the browser (I was using IE). The browser will show the security alert pop up. Click on View Certificate
Now click on the Details tab and click on ‘Copy to File’ button
The certificate export wizard will be open. Click on Next button. From the export file format page accept the default values (DER encoded binary X.509 (.CER) will be selected by default) and click on next.
In the next screen enter the location where we want to store our certificate. (I used d:\wps.cer)
Click next and finish. We will be presented with a dialog box saying ‘The export was successful’. OK. We have done with our certificate export. The next step is to import the SSL certificate to server trust file.
For importing the SSL certificate to WebSphere Application Server’s trust store we need to know the location of the trust store file. To check the SSL setting, login to admin console. Click on SSL under security menu. From the SSL configuration repertoires page click on your SSL settings configuration link. Find out the trust file name and path under Trust file section.
If you are using the default settings the trust file name will be DummyServerTrustFile.jks. The default path will be WAS_INSTALL_DIR/profiles/ /etc/
Now go to WAS_INSTALL_DIR/bin directory and execute the iKeyMan.bat file. The IBM Key Management utility will be opened up. Click on ‘Key Database File’ and select open. From the dialog box opened select Key database type as JKS and enter the Server trust file name and path (DummyServerTrustFile.jks in my case).
Click on OK button. You will be prompted to enter the password. If you are using the default server trust file the default password for DummyServerTrustFile.jks is WebAS. Enter the password and click on OK.
Click on Add and select the server SSL certificate file which we extracted using Internet Explorer. (If you are not able to find the add button, select the Signer certificates under Key database content drop down) Click on OK button. You will be prompted to enter a label for the certificate. Enter the label you want for the certificate and click on OK. The server SSL certificate will be added to the WebSphere Application Server trust store. You are done. Close IBM Key Management tool and restart the application server. Now you will be able to access HTTPS web service from within your WebSphere Application Server without any problems.
thanks .. i have been looking for a reply like this… not tried it yet.. but this should solve my problem.. as i was trying to access an https web-service from my WAS client.. and was getting all sorts of errors…
Thanks for this… I’ve been looking all over for this kind of info.
Excelente Guide Well Done
This was really good. Thanks for sharing this information.
Very useful and now my WS client is working for me. I had tried following other instructions to add the certificate to a dummy cert file and configure javax.ssl proprierties on WAS -> Process -> JVM -> Custom Propertie:
“javax.net.ssl.trustStore” -> “${WAS_INSTALL_ROOT}/profiles/AppSrv01/etc/DummyClientTrustFile.jks”
“javax.net.ssl.trustStorePassword” -> “WebAS”
“javax.net.ssl.keyStore” -> “${WAS_INSTALL_ROOT}/profiles/AppSrv01/etc/DummyClientKeyFile.jks”
“javax.net.ssl.keyStorePassword” -> “WebAS”
but did not work. I would like to know if such configuration would be also valid for WAS or not.
Carlos.
Hi,
Article is Gud enough for a newbie. I’ve done the settings in the websphere application server as mentioned. Next, how to call external https webservice from a JSP page / Servlet via WAS.
Advanced Thanks.
Please follow the steps in the below posts.
http://www.albeesonline.com/blog/2008/01/29/generating-a-web-service-proxy-client/
http://www.albeesonline.com/blog/2008/09/15/invoking-a-web-service-using-web-service-proxy-client/
Hi,
Thanks for giving good explanation. I have followed the steps u have mentioned.I have generated the wsdl file also . But now i have to give this wsdl file to client. But when i access the url in the browser it is not displaying the link to download the wsdl file . Instead it is showing “Hi there, this is a Web service!”. Can you please tell me how to display the download link to the client when he access the link.I have to show this to client with in 2 days..Please as soon as you c this message, please do reply Thanks in advance
can you please reply me as soon as you view this.. Please its very urgent
Sunil,
You need to point the url to the wsdl file. Append “?wsdl” to the url you’ll get the wsdl file
You can export the WSDL file from your workspace and give to the client and that is the best way to share WSDL. Or when you enter the endpoint url in the browser just append ?wsdl which will display the wsdl in the browser instead of Hi this is a web service.
Thanks a lot Andrew.. Thank you for your reply…. It is working….But the same when we give to client ,, what he is expecting was……… As soon as we click on the link https://localhost:10035/TestPOCWeb/services/HelloWorld , then he is expecting an hyperlink and when he clicks on that link he should be able to download the same wsdl file ….. So can u please help me in this regard..
Thanks a lot Albin….the same i have given to client …..but he said i dont want the wsdl file from workspace.. he told when he types that link https://localhost:10035/TestPOCWeb/services/HelloWorld he has to get one link so that from there he can download that wsdl file.. this is what he is expecting… so please guide me to move further as i am new to webspheres.. the same i have successfully done using BEA weblogic…..It has given me the hyperlink and i have downloaded it ??? Thaks in advance
Do they have access to admin console? If yes go to
under ‘Web Services Properties’ click on ‘Publish WSDL files’. From here you can publish your WSDL as a zip file. Hope this helps. I do not know any other way to publish a WSDL file after deployment in WAS.
I am sorry I do not know WebSphere content management.
One more thing i want to ask you…….do u know abount webspheres content management?? I also need some help regarding that… Thanks in advance
Hi Albin,
Thanks for your reply….One more small help i needed from you..when we are appending ?wsdl in IE, i am able to get the wsdl file contents… But when i c the URL in that wsdl file it is mentioning as
https://localhost:10035/TestPOCWeb/services/HelloWorld ,,, but i want it to come with my IP Address.. say for eg : https://192.168.1.34:10035/TestPOCWeb/services/HelloWorld,, so that the client can copy this url and he can access from his clientmachine… can u help me in this situation wy i am not able to get my ipaddress?
I guess it shows the address present in your original WSDL file. So you may need to change the hosted WSDL file.
Thanks a lot albin .. It worked for me
..Thanks a lot.. Really ur postings has helped me a lot.. Good work.. Keep it up 
Hi,
Am trying to call a 3rd party webservice (Axis) from a stand-alone client & it worked well.
But, when trying to call the same webservice via JSP deployed in websphere server, it throws the following error
00000fae SystemOut O 2009-12-15 16:02:03,217 DEBUG [WebContainer : 2050] ConfigurationException: Exception:
org.apache.axis.ConfigurationException: No service named is available
org.apache.axis.ConfigurationException: No service named is available
at org.apache.axis.configuration.FileProvider.getService(FileProvider.java:233)
at org.apache.axis.AxisEngine.getService(AxisEngine.java:311)
at org.apache.axis.MessageContext.setTargetService(MessageContext.java:756)
at org.apache.axis.client.Call.invoke(Call.java:2708)
at org.apache.axis.client.Call.invoke(Call.java:1910)
Can you pls tell us what is the problem ?
i’m trying to connect to a 3rd party developed web service from a jsp page.
The 3rd party web service is deployed in Axis and is working.
However, trying to use the webservice from within a JSP page, it results in the following exception.
SystemOut O 2009-12-15 16:02:03,217 DEBUG [WebContainer : 2050] ConfigurationException: Exception:
org.apache.axis.ConfigurationException: No service named is available
org.apache.axis.ConfigurationException: No service named is available
at org.apache.axis.configuration.FileProvider.getService(FileProvider.java:233)
at org.apache.axis.AxisEngine.getService(AxisEngine.java:311)
at org.apache.axis.MessageContext.setTargetService(MessageContext.java:756)
at org.apache.axis.client.Call.invoke(Call.java:2708)
at org.apache.axis.client.Call.invoke(Call.java:1910)
Albin,
I’ve sent an email to ur gmail. Can you check and reply back.
Thankx
It was so helpful, I was looking for the same issue, I have seen in IBM articles, but was hesitating to do.
Thanks a lot, U saved me atleast an hour. :