If you are receiving SSL handshake issues when connecting to a webservice you need to import the SSL certificate into WebSphere.
- Open WebSphere console
- SSL certificate and key management
- Key stores and certificates
- NodeDefaultTrustStore (or maybe CellDefaultTrustStore)
- Signer Certificates
- Retrieve from port
- Host: your.host.name (without https:// and any endpoints)
- Port: 443
- Retrieve signer information
- Click Ok
- Restart WebSphere
I’m still fairly new to Websphere, but this seemed like a pretty common problem someone would have and I couldn’t find anything that properly explained the issue to me. I was running into an issue where WebSphere kept saying it was unable to check if application exists when it was being deployed. I thought initially this was a permissions problem, so I fooled around with permissions but had the same issue. If you scroll down a ways on the stack trace it says
insufficient or empty credentials
I double checked my configuration in Hudson/Jenkins and testing the connection worked fine, so I continued searching for other solutions. There are literally 3 search results on google for “unable to check if application exists” and 0 results on bing. Most of the other articles I found offered no help. Eventually I circled back around and decided to look at the access level my user had in WebSphere. Turns out it wasn’t listed as a user! I’m still not sure how testing the connection in Hudson worked but I wasn’t listed as a user in WebSphere. I checked this half a dozen times just to make sure I wasn’t mistaken.
To add a user in WebSphere
- Users and Groups
- Administrative user roles
- Select the Administrator role
- Enter the user to search for
- Use the arrow to move the user to the Mapped to role box
- Click OK
- Click Save
Step 7 is super important because it requires an additional save than most programs do and I find myself forgetting to do the second confirmation too often. After you’ve added the appropriate permissions redeploy your ear and you should be all set.
Full stack trace of the error I was getting
[INFO] No custom module-to-server mappings found -- using default configuration.
com.insertcompanynamehere.websphere.deployment.client.DeploymentException: Unable to check if application exists 'NewBusiness'
Caused by: com.ibm.websphere.management.exception.AdminException:
... 11 more
Caused by: javax.management.JMRuntimeException: ADMN0022E: Access is denied for the checkIfAppExists operation on AppManagement MBean because of insufficient or empty credentials.
at $Proxy43.invoke(Unknown Source)
... 13 more
Build step 'IBM WebSphere v8.0 Deployment' changed build result to FAILURE