SSL connection fails with a "Peer not authenticated" error
Connections to an external system over HTTPS results in a certificate chaining
error.
Symptoms
When attempting to connect to an external target over SSL, the connection fails with the following exception:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
Cause
This exception indicates that the Java application's truststore was unable to validate the certificate chain. This can occur when the external target's certificates have not been imported into the truststore or one or more of the certificates have expired.
Resolution
Import the target certificate chain into the application truststore.
Use the steps in Enabling SSL connections with external servers procedure in the Administration Guide.
Logging
If the resolution fails, you can enable detailed logging for SSL connections.
-
Open the file: /opt/IBM/tivoli/wlp/usr/server/<cluster servername>/jvm.options
-
Add the following line:
-Djavax.net.debug=all
-
Save the changes and restart the server.