Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Connection to remote server fails on using OAuth2 authentication

SA-68094

Summary



Connection to a remote server fails when using OAuth2 authentication URL in the REST Connector.

The connection fails when the TrustStore and KeyStore certificates are added in IBM WebSphere Application Server (WAS) 8.5 (even when the TrustStore or KeyStore is removed from Pega connector or OAuth2 rules). The connection works when using TrustStore and KeyStore instances in the Connector and OAuth2 Provider Pega rules.


Error Messages



Exception caught during REST Connector connectivity test : Connection to service failed 
com.pega.pegarules.pub.PRRuntimeException: Connection to service failed 
at com.pegarules.generated.activity.ra_action_pytestconnectivity_d635922153ac73401e27464beddb7a97.step6_circum0(ra_action_pytestconnectivity_d635922153ac73401e27464beddb7a97.java:830)         at com.pegarules.generated.activity.ra_action_pytestconnectivity_d635922153ac73401e27464beddb7a97.perform(ra_action_pytestconnectivity_d635922153ac73401e27464beddb7a97.java:167) 
at
com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3510) 
at
com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10587) 
at com.pegarules.generated.activity.ra_action_pzresttestconnectivitywrapper_9c51604e010c0cf5bc9c3cd7bc376f8c.step3_circum0(ra_action_pzresttestconnectivitywrapper_9c51604e010c0cf5bc9c3cd7bc376f8c.java:372) 
at  com.pegarules.generated.activity.ra_action_pzresttestconnectivitywrapper_9c51604e010c0cf5bc9c3cd7bc376f8c.perform(ra_action_pzresttestconnectivitywrapper_9c51604e010c0cf5

Caused by:

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated 
at
com.ibm.jsse2.ad.getPeerCertificates(ad.java:197)
at
com.pega.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) 
at
com.pega.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:398) 
at
com.pega.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:496) 
at com.pega.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.connectSocket(SchemeSocketFactoryAdaptor.java:62) 
at  com.pega.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)


Steps to Reproduce

  1. Create a REST Connector to invoke an Oauth2 protected Web Service.
  2. Invoke the connector from an activity or a datapage.
  3. Include the Truststore or Keystore in the application server.
  4. Do not specify the Truststore or Keystore in the ruleform.
  5. Run the Connector.


Root Cause



A defect in Pegasystems’ code or rules.


Resolution



Apply HFix-34245.


 

Tags:

Pega Platform 7.2.1 Pega Platform Platform Data Integration

Published December 11, 2018 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Visit the Collaboration Center

Did you find this content helpful?

Yes
No

Want to help us improve this content?
Suggest an edit

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us