The SSLPeerUnverifiedException arises when a client is trying to access a service on a secured webserver. It indicates that the peer’s identity has not been verified.
When You’ll See It:
You’re likely to come across this error if you use the integration activity while developing your workflows in designer.
What To Check:
When you get this error, this is one way you can quickly identify the root cause: Depending on the webserver (in my case, it was jboss) you can enable SSL debugging and restart the webserver. When you re-run the workflow, you’ll get additional information around the exception. E.g. “The server certificate is not trusted”. This is going to be the most probable cause of the error.
(In case you don’t get additional information around the exception then you can enable debug level trace in User App on the com.novell.soa.af.impl and com.novell.soa.ws.impl packages to see if you get any additional info on the exception)
What To Do:
Now that you’ve identified the cause of the exception, the next step is to ensure that the necessary keystores have the CA’s certificate installed and that the certificates are valid. Then ensure that the jboss cert in the userapp keystore exists in the jboss server’s keystore (In my case, the certificate didn’t exist on the jboss server).
When you’ve figured out the issue, you can re-import the missing certificate into the server’s keystore and restart the server. (You can get the missing certificate by exporting it from a web browser after accessing the userapp page on that browser)
Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.