It's all about the answers!

Ask a question

getting error "peer not authenticated"


shubham dhorajkar (1115) | asked May 25 '21, 1:38 a.m.

 Hii, 

     I installed JTS and CLM 6.0.6, and JTS is working fine I am able to create workitems too but whenever I am trying to access workitem's via OSLC api through eclipse I am getting following error


javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:574)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:339)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:123)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:147)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
at net.jazz.oslc.utils.HttpUtils.sendGetForSecureDocument(HttpUtils.java:152)
at com.oslc.common.CommonOSLCMethods.getServiceProviderCatalog(CommonOSLCMethods.java:140)
at com.tatasky.ITConfigReports.FetchPCFPackDetails1.doGet(FetchPCFPackDetails1.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:494)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:651)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:407)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:754)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1376)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

I saw some quetions on forum where someone said change sc = SSLContext.getInstance("SSL") to sc = SSLContext.getInstance("TLSv1") but I already have sc = SSLContext.getInstance("TLSv1").

I thought I have issue with JTS instance then I installed jetty but while working with jetty I am still getting same issue, please let me know if anyone have sollution on above issue.

I am using CLM 6.0.6.x version.

Thanks and regards,
Shubham.

One answer



permanent link
Kevin Ramer (4.5k9186201) | answered May 25 '21, 12:16 p.m.

 This is probably an issue of trust between your client and the ssl environment provided by the RTC server. e.g. this post.


As mentioned your run-time will need a key store containing information about the target server.  You can tell your Java app to use said key store using:

-Djavax.net.ssl.trustStore=/path/to/keystore

where /path/to/keystore is a full or relative path to the key store where you have imported the target server's certificate info.  

InstallCert java application makes importing signer certificates into a key store much easier.

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.