search cancel

Security error integrating the JCLCheck REST API service with Zowe API Mediation Layer (API ML)


Article ID: 227280


Updated On:


JCLCheck Workload Automation


Trying to integrate the JCLCheck REST API with the Zowe API Mediation Layer, and gets errors when starting the JCLCheck RESP API service. 

First error:

2021-10-22 19:04:45.354 ERROR 33624627 --- [           main] c.n.d.s.t.d.RedirectingEurekaHttpClient  : Request execution error. end 
 point=DefaultEndpoint{ serviceUrl='}                                                                                                                                                                                                     
 com.sun.jersey.api.client.ClientHandlerException: No X 
 509TrustManager implementation available at ...    



Release : 12.0

Component : JCLCheck Workload Automation



The Zowe API Mediation Layer (Zower API ML) is configured for SSL, but JCLCheck is not configured for SSL. 


Enable a secure TLS/HTTPS connection for JCLCheck by following the instructions in the JCLCheck online documentation:

Here's a template for how to configure JCLCheck to specify a Truststore, and Keystore for holding certificates.  These properties are specified in the "jclcheck.yml" configuration file:  

    address: xxx
    port: xxx
        enabled: true
        keyAlias: server
        keyPassword: xxx
        keyStore: config/keystore.p12
        keyStorePassword: xxx
        keyStoreType: PKCS12
        trustStore: config/truststore.p12
        trustStorePassword: xxx
        trustStoreType: PKCS12
Note: One TLS certificate for the JCLCheck server should work for either a direct-to-service connection or when connected through the API ML.   The API ML must have its own certificate.