Support Article
Rule-SOAP-Connect rule throws "Invalid keystore format" error
SA-2594
Summary
User was trying to run Rule-SOAP-Connect rule to invoke a custom service that was SSL enabled. Though user has security certificate installed correctly, an error, “Invalid keystore format” was thrown.
Error Messages
12:38:31,780 [ http-8443-35] (a.PegaSSLProtocolSocketFactory) ERROR your_server.your_domain.com|127.0.0.1|Rule-Connect-SOAP.MYORG-Int-ESL-InfoService-.getHistory User002 - Invalid keystore format
Steps to Reproduce
Invoke the SOAP Connect rule, it throws the error.
Root Cause
1. From the Advanced tab of Connect SOAP rule, there was no WS Security Profile specified, which should have a keystore and truststore linked to it. Due to this misconfiguration, user was getting following warning message in the log file:
12:06:51,600 [ http-8443-35] (Axis2.Rule_Connect_SOAP.Action) WARN your_server.your_domain.com|127.0.0.1|Rule-Connect-SOAP.MYORG-Int-ESL-InfoService-.getHistory User001- Unable to find Data-Admin-Security-WSSecurityProfile while trying to access a SSL endpoint without WS-Security Profile configured.
2. User was experiencing following error due to format of keystore specified.
12:03:43,735 [ http-8443-1] (a.PegaSSLProtocolSocketFactory) ERROR your_server.your_domain.com|127.0.0.1|Rule-Connect-SOAP.MYORG-Int-ESL-InfoService-.getHistory User002 - Invalid keystore format
java.io.IOException: Invalid keystore format
Resolution
Follow the below procedure to invoke Connector with HTTPS without any issues.
- Create a WS Security Profile and map the same in Advanced tab of Connect SOAP rule.
- Add a Keystore to the Profile.
- Upload the Keystore file, and set the type and password.
Published January 31, 2016 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.