After import and trust the certificate from <url>, the Route via Https assertion has following error,
Problem routing to <url>. Error msg: Unable to obtain HTTP response from <url>: java.security.cert.CertificateException: Server cert <CN> found but not trusted for SSL. Caused by: Server cert <CN> found but not trusted for SSL.
The SHA2 certificate requires matching cipher suites.
The Route via HTTPS assertion enable all available cipher suites by default, but fail to pick up the right cipher suite for the SHA2 certificate.
The imported certificate is SHA2 certificate, the key type: RSA, the signature algorithm: SHA256withRSA
For SHA256withRSA certificate, need to manually specify matching cipher suites in route via https assertion, for example, TLS_RSA_WITH_AES_256_CBC_SHA256
open property window of route via https assertion, on "Connection" tab, click "Cipher Suites" button -> click "Uncheck All" button -> find and select only one cipher "TLS_RSA_WITH_AES_256_CBC_SHA256" (using the filter to find the cipher) -> save the changes
There should be other cipher suites that can work, the above just one of the matching cipher suites.
The above cipher is just an example, if the server doesn't support it, there will be an issue.
Run the curl command on gateway server to find out the server preferred cipher,
curl -kv https://<remotehost>:<port>
it should show something like,
* SSL connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Then the route assertion should select the above cipher.