I am trying to configure our WSDL (https://servername/sc62server/PWS/IncidentManagement.wsdl) to use HTTPS. We have a 3rd party vendor we want to expose our WSDL to so they can push tickets over a bridge and tickets will be generated in our HP SM system. We have a w2k8 server running HP SM 9.21 along with the WSDL. We have a web tier running on websphere and desktop client users as well. We are not using SSL for any of these other connections and don't want to. We only want to use SSL for our exposed WSDL to our vendor. I started out by updating the SM.ini to the following so the app would listen on port 443.
Going to (https://servername/sc62server/PWS/IncidentManagement.wsdl) now works but I get a certificate error.
I will outline what I've done to this point below for attempting to create a cert We would like to use a verisign cert, not a self signed cert but will take help on either way.
1. created keys
keytool -genkey -alias server.domain.com -keyalg RSA -keystore server.keystore
keytool -certreq -alias server.domain.com -keyalg RSA -file servernamekeystore.csr -keystore server.keystore
3. sent .csr off to verisign and received signed cert back
4.Imported cert into keystore
keytool -import -keystore server.keystore -storepass password -keyalg "RSA" -trustcacerts -file cert.cer
5. I moved the server.keytore into the RUN directory where HP SM is installed. Updated SM.ini with the following.
I tried testing from i.e. explorer and still get cert error. Installed cert from i.e. explorer but that didn't do anything.
I've also tried running the cert gernerator provided by HP but I was able to run it once successfully but after that I can not. Get all kinds of errors.
Getting the following error:
There is a problem with this website's security certificate.
This CA Root Certificate is not trusted. To enable trust, install this certificate in the trusted root certification authorities store.
This doesn't really sound like a SM issue but rather a certificate issue.
Try viewing the certificate and confirm who the root authority is (should be Verisign as you mentioned earlier)
Then in IE, go into Tools > Internet Options > Content tab
Click the "Certificates" button then view the "Trusted Root Certification Authorities" tab.
Ensure that Verisign is listed here and the details match exactly. If the root certificate is not here you will get the warning message you mentioned earlier.
Your are missing the port in the url. It shall look like this http://localhost:13080/SM/7/IncidentManagement.wsdl
and i you case https://localhost:443/SM/7/IncidentManagement.wsdl
And by the way, don't use the old web-service interface sc62server/pws
i have a similer kind of requirement where in i have created a self singed certificate by using open ssl for server.
but i need to publish my WSDL and third party tool need to consume with SSL enabled on my WSDL.
do you have any idea which certificate i will give to third party pendor so that they will be able to access my WSDL?
i am really stuck with this.
I created the cert via the following in Open SSL
openssl x509 -req -days 365 -in yourfile.crs -CA mycacert.pem -CAkey yourkey.pem -CAcreateserial -out certtosend.cer
I have purchased a certificate from CA for HPSM. COuld you please let me know how to import signed certificate. I believe first we need to import root CA and then the signed certificate. Can someone please give me the steps.?
Were you able to expose WSDL to use https after setting up certificates? I have configured SSL but am unable to use https?
Could you please let me know how did you resolve the issue?