WebHook Server setup issue using HTTPS

book

Article ID: 207217

calendar_today

Updated On:

Products

CA Endevor Software Change Manager (SCM)

Issue/Introduction

GitBridge Event-based sync-back does not work,   issue related to webhook server HTTPS configuration. 

Environment

Release : 18.0

Component : BRIDGE FOR GIT

Resolution

To get more information on the HTTPS context,  add following attribute into the tomcat’s environment Java Option variables (IJO) section:

IJO="$IJO -Djavax.net.debug=all"

After restarting the tomcat the STDOUT should have more specific information printed related to security context, this output can be used for analysis.

 

Found the strange path for the keystore in conjunction with the IBMJSSE2 security provider. The [email protected] security provider could possibly override some settings. Suggest temporarily disabling the HTTPS setup on the tomcat running the Webhookserver.  Setup with the keyrings in the server.xml as follows should be commented out and only the plane http connector should be enabled.

        <Connector port="52081" maxHttpHeaderSize="8192"

                maxThreads="150" minSpareThreads="25" maxSpareThreads="75"

                enableLookups="false" disableUploadTimeout="true"

                SSLEnabled="true"

                algorithm="IbmX509"

                acceptCount="100" scheme="https" secure="true"

                clientAuth="false" sslProtocol="TLS"

                sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"

                keystoreType="JCERACFKS"

                keystoreFile="safkeyring://CCIAPPL/CMEWKeyring"

                sslImplementationName="com.ca.sslsocket.CASSLImplementation" />

 

Suggest to run a test with disabled https on the server and with explicit truststore set in the tomcat environment variables member to troubleshoot the payload problem first.