Support Article

Connect-REST fails with PeerUnverifiedException in 2 way SSL

SA-25439

Summary



The user is trying to build a REST-Connect rule to connect to another system. It is a 2 way SSL communication and both of the consumer and service provider have installed the necessary SSL certificates on server. However, the REST connectivity is still failing with exception.

Error Messages


** Caught unhandled exception: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

[7/7/16 9:22:27:087 MST] 00000054 SystemOut     O WebContainer : 5, received EOFException: error
[7/7/16 9:22:27:087 MST] 00000054 SystemOut     O WebContainer : 5, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake


Steps to Reproduce

  1. Create a Connect-REST rule after installing the necessary SSL certificates on both consumer and server end.
  2. Try test connectivity.


Root Cause



The keystore used in the connect rule was missing the client system's  key pair. User only imported the client system's  certificate in the truststore

Resolution



For two way SSL one must create and use truststore containing service provider certificate  and Keystore containing the client system key pair and use them in the Connect REST rule.

​Secondly import the client certificate in the server trust store where the REST service is hosted.  After importing the key pair in the
keystore, used in the connect rule, the issue is resolved.

Published July 8, 2016 - Updated August 16, 2016

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.