An SSL handshake failure occurs with $WS* HTTP headers in an HTTP binding for WebSphere Process Server (WPS) or WebSphere Enterprise Service Bus (WESB)
When WebSphere Process Server and WebSphere Enterprise Service Bus applications do a handshake with another application on a different Websphere Application Server, an SSL handshake failure occurs.
The following exception exists in the log file:
SECJ0056E: Authentication failed for reason No Client Certificate Available
$WS* headers are standard HTTP headers, such as $WSAT, which stores the Auth Type that is being used to make the request. There are other $WS* headers, such as $WSCC, $WSCS, $WSIS, and $WSSC. By default, the WebSphere Process Server and WebSphere Enterprise Bus HTTP binding will not refactor these $WS* header values when they pass through the process. If the Propagate HTTP header option is enabled, WebSphere Process Server and WebSphere Enterprise Service Bus propagate them from export to import.
The HTTP binding code for WebSphere Process Server and WebSphere Enterprise Service Bus does not refactor the value in the $WS* header. When the handshake takes place with other applications on a different server, the authentication information in the $WS* header is used. This scenario causes the handshake failure.
Resolving the problem
To resolve the issue, complete one of the following options:
- You can write customized code to refactor the values in these $WS* headers. You can find an overview and a code sample in the following information center topics:
- If the $WS* header information is not usable, you can disable the Propagate HTTP header option to work around this issue.
|Business Integration||WebSphere Enterprise Service Bus||Data Binding||AIX, HP-UX, Linux, Solaris, Windows||7.0|
More support for:
WebSphere Process Server
Data Bindings and Data Handlers
Software version: 7.0
Operating system(s): AIX, HP-UX, Linux, Solaris, Windows
Reference #: 1617960
Modified date: 2012-11-29