Posts JDeveloper 11g: SOA composite referencing 2-way-SSL-enabled webservice at design+deployment time
Post
Cancel

JDeveloper 11g: SOA composite referencing 2-way-SSL-enabled webservice at design+deployment time

I just spent an embarrassingly long time figuring this out.

Design Time
You're designing your composite and you need to integrate it with some external web service over SSL. You attempt to add the partner link and it may fail right away (cannot read WSDL) OR it may read it BUT JDeveloper's schema validator may fail to parse the service' schema.

Review your HTTPS Credentials (Tools -> Preferences -> Credentials -> HTTPS Credential) settings and also make sure you've set up your keystores and truststores correctly. There is plenty of documentation regarding SSL, keystores and keytool (albeit all a bit confusing, at least for me) out there.

Easy.

Deployment Time
This is where you will get the dreaded "received fatal_alert: bad_certificate". This part vexed me. If the above was done right, why is compilation/deployment failing?

The issue is that the HTTPS Credential settings are applied only on the process that performs the schema validation, and not the one that does the final compilation/deployment.

Add these entries to your jdev.conf ($MWHOME/jdeveloper/jdev/bin/jdev.conf):

  • AddVMOption -Dweblogic.security.SSL.enableJSSE=true (this one might not be required)
  • AddVMOption -Djavax.net.ssl.trustStore=PATH_TO_HTTPSCREDENTIAL_TRUSTSTORE
  • AddVMOption -Djavax.net.ssl.trustStorePassword=TRUSTSTORE_PWD
  • AddVMOption -Djavax.net.ssl.keyStore=PATH_TO_HTTPSCREDENTIAL_KEYSTORE
  • AddVMOption -Djavax.net.ssl.keyStorePassword=KEYSTORE_PWD

Restart JDeveloper. You're welcome.
This post is licensed under CC BY 4.0 by the author.