ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unable to connect to virtual service deployed in server via https - javax.net.ssl.SSLException:Unrecognized SSL message, plaintext connection

book

Article ID: 186507

calendar_today

Updated On:

Products

CLOUDTEST CA Application Test CA Cloud Test Mobile MOBILECLOUD Service Virtualization

Issue/Introduction

When we access the virtual service modified to use SSL/Keystore and deployed in server via HTTPS, receiving “javax.net.ssl.SSLException:Unrecognized SSL message, plaintext connection?

When the same service url is accessed via browser receiving “This site can’t provide a secure connection” error.

When using the HTTP call, able to get the response back.

Cause

During investigation of the issue, it was found that there were multiple other services running on same PORT with different base paths with HTTP protocol. Since this service was using the same PORT but was configured to use SSL/HTTPS, it was not able to pick up the relevant changes of SSL and responded from HTTP call as other services.

Environment

Release : 10.x

Component : CA Service Virtualization

Resolution

The basic resolution of this issue is to use a different PORT for HTTP and HTTPS calls. Multiple services can use same port with different base paths only if they are using same protocol - either HTTP or HTTPS.

Additional Information

Based on the version of Java being used, there are few steps that you may need to take in order to make the virtual service works property on https.

- Firstly, make sure that the CN(common name) for the certificate issued is matching the VSE server hostname or get the hostname added to the SAN(Subject Alternative Names) list.

- Next you would need to get the public certs of intermediate and root CA( Certification Authorities) and import them into the DevTest of any other client that runs on Java SSL implementation.

You can download below tool to work with the keystores and certificates.
https://sourceforge.net/projects/portecle/