SSL handshake failure for liberty application using cloudant

Question

I\'ve been stuck on this far longer than I want to admit. I want to connect to cloudant/couchdb using WebSphere Liberty.

I\'m fairly new to Java app development, Lib

Answer 1

You need to add remote server certificate to WAS trustStore

Get remote certificate (e.g: using Linux/Mac): echo "" | openssl s_client -connect YOUR_REMOTE_SERVER:443 -showcerts 2>/dev/null | openssl x509 -out certfile.txt

Import certificate to trustStore file: keytool -import -alias ca -file certfile.txt -keystore trust.jks -storepass changeit

Use this JKS trust store in your WAS server.xml, copy it into your WAS ({WLP}/usr/servers/{YOUR_SERVER}/resources/security) and add these into your server.xml e.g:

<ssl id="defaultSSLSettings" sslProtocol="TLSv1.2" keyStoreRef="defaultKeyStore"
    trustStoreRef="defaultTrustStore" />
<keyStore id="defaultKeyStore" location="${server.config.dir}/resources/security/key.jks"
    password="changeit" />
<keyStore id="defaultTrustStore"
    location="${server.config.dir}/resources/security/trust.jks" password="changeit" />