When WebSphere Process Server and WebSphere Enterprise Service Bus applications do a handshake with another application on a different Websphere Application Server, an SSL handshake failure occurs.
The following exception exists in the log file:
SECJ0056E: Authentication failed for reason No Client Certificate Available
$WS* headers are standard HTTP headers, such as $WSAT, which stores the Auth Type that is being used to make the request. There are other $WS* headers, such as $WSCC, $WSCS, $WSIS, and $WSSC. By default, the WebSphere Process Server and WebSphere Enterprise Bus HTTP binding will not refactor these $WS* header values when they pass through the process. If the Propagate HTTP header option is enabled, WebSphere Process Server and WebSphere Enterprise Service Bus propagate them from export to import.
The HTTP binding code for WebSphere Process Server and WebSphere Enterprise Service Bus does not refactor the value in the $WS* header. When the handshake takes place with other applications on a different server, the authentication information in the $WS* header is used. This scenario causes the handshake failure.
Resolving the problem
To resolve the issue, complete one of the following options:
- You can write customized code to refactor the values in these $WS* headers. You can find an overview and a code sample in the following information center topics:
- If the $WS* header information is not usable, you can disable the Propagate HTTP header option to work around this issue.
|Business Integration||WebSphere Enterprise Service Bus||Data Binding||AIX, HP-UX, Linux, Solaris, Windows||7.0|
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.