SSL錯誤而在IBM MobileFirst適配器使用內部CA

Question

環境：

1. WebSphere平臺8.5.5.0 [BASE 8.5.5.0 gm1319.01]與工序名稱Node01Cell \ NODE01 \ server1的運行和進程id 9392
2. 主機操作系統是Windows Server 2012中，6.2版本
3. Java版本1.6.0 =，Java編譯器= j9jit26，Java虛擬機的名稱= IBM J9 VM
4. IBM MobileFirst 6.3.0.00.20141127- 1357

HTTP適配器用於連接通過內部CA發出的HTTPS的WebService。

爲了訪問Webserivce內部根CA & Webserivce根據以下步驟，在WAS中手動添加公共證書。

SSL證書和密鑰管理>密鑰庫和證書> 節點默認>簽署者證書>添加>輸入別名 名稱&文件路徑。

但相同的是通過失敗，提示以下錯誤：從端口檢索。

ErrorReceived fatal alert: handshake_failure 

然而，我在

$覈實了內部CA & Web服務端點證書可{} CONFIG_ROOT /cells/Node01Cell/nodes/Node01/trust.p12

那些在MFP default.keystore中也添加了相同的證書，並啓用了worklight.properties文件中的密鑰庫。

雖然上面的配置似乎沒問題，但是當適配器的請求發送到webservice時，會記錄下面的錯誤。

[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, setSoTimeout(120000) called 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O 
Is initial handshake: true 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O %% No cached client session 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O *** ClientHello, TLSv1 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O RandomCookie: GMT: 1473400159 bytes = { 246, 214, 135, 72, 132, 51, 89, 33, 32, 31, 239, 155, 210, 120, 83, 221, 214, 84, 136, 207, 132, 51, 172, 126, 33, 192, 150, 43 } 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O Session ID: {} 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_RC4_128_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_RENEGO_PROTECTION_REQUEST] 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O Compression Methods: { 0 } 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O *** 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O [write] MD5 and SHA1 hashes: len = 81 

[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, WRITE: TLSv1 Handshake, length = 81 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O [Raw write]: length = 86 

[3/22/17 14:09:35:744 ] 000000ae SystemOut  O [Raw read]: length = 5 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O 0000: 15 03 01 00 02          ..... 

[3/22/17 14:09:35:744 ] 000000ae SystemOut  O [Raw read]: length = 2 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O 0000: 02 28            .. 

[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, READ: TLSv1 Alert, length = 2 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, RECV TLSv1 ALERT: fatal, handshake_failure 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, called closeSocket() 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, called close() 
[3/22/17 14:09:35:744 ] 000000ae SystemOut  O WebContainer : 4, called closeInternal(true) 
[3/22/17 14:09:35:744 ] 000000ae DataAccessSer E logError FWLSE0099E: An error occurred while invoking procedure [project mobile]SampleAdapter/HttpRequestFWLSE0100E: parameters: [project mobile] 
Http request failed: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
FWLSE0101E: Caused by: [project mobile]javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failurejava.lang.RuntimeException: Http request failed: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
    at com.worklight.adapters.http.HTTPConnectionManager.execute(HTTPConnectionManager.java:236) 
    at com.worklight.adapters.http.HttpClientContext.doExecute(HttpClientContext.java:185) 
    at com.worklight.adapters.http.HttpClientContext.execute(HttpClientContext.java:169) 
    at com.worklight.adapters.http.HTTP.execRequest(HTTP.java:145) 
    at com.worklight.adapters.http.HTTP.invoke(HTTP.java:134) 

Webserivce URL是從瀏覽器訪問，在綠色，沒有錯誤或警告顯示SSL鎖顯示器。

Answer 1

應用最新的iFix爲IBM MobileFirst Platform Foundation (6.3.0.0)

這是因爲它包含了APAR PI42320修復應該解決的問題。