I'm trying to set up SSL on my Websphere-Liberty server with a self-sigend CA, but I keep getting a SSLHandshakeException. I'm no SSL expert, so probably I'm just forgetting something.
Here are some details about my setup:
product = WebSphere Application Server 8.5.5.0 (wlp-1.0.3.20130510-0831)
java.version = 1.7.0_51
os = Windows 8 (6.2; amd64) (en_US)
I managed to deploy the worklight application center war, and this is accessible via the browser. When I try to access the application center via https, I get the following exception:
[9/1/14 19:07:11:799 EEST] 00000021 com.ibm.ws.channel.ssl.internal.SSLHandshakeErrorTracker E CWWKO0801E: Unable to initialize SSL connection. Unauthorized access was denied or security settings have expired. Exception is javax.net.ssl.SSLHandshakeException: no cipher suites in common
I have the following configuration in my server.xml
<feature>ssl-1.0</feature>
<keyStore id="defaultKeyStore" password="trasys" />
Once I add the keystore property, Websphere generates a keystore file (key.jks) with a default certificate. I removed the certificate with the java keytool utility and added my own self-signed CA certificate. This certificate was generated in cygwin using the following openssl command (as indicated in the following stackoverflow ticket: Is a signed SSL certificate required for Worklight development?):
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
To add the certificate to the empty keystore I used the following command:
keytool -import -trustcacerts -alias mydomain -file certificate.crt -keystore keystore.jks
So this is basically what I tried so far, does anyone know what I'm missing?
