Security error the JCLCheck REST API with Zowe API Mediation Layer
search cancel

Security error the JCLCheck REST API with Zowe API Mediation Layer


Article ID: 227280


Updated On:


JCLCheck Workload Automation


Trying to integrate the JCLCheck REST API with the Zowe API Mediation Layer, and gets errors when starting the JCLCheck RESP API service. 

First error:

yyyy-mm-dd hh:mm:ss.354 ERROR 33624627 --- [           main] c.n.d.s.t.d.RedirectingEurekaHttpClient  : Request execution error. end 
 point=DefaultEndpoint{ serviceUrl='} 
 com.sun.jersey.api.client.ClientHandlerException: No X 
 509TrustManager implementation available at ...



Release : 12.0

Component : JCLCheck Workload Automation



The Zowe API Mediation Layer (Zowe API ML) is configured for SSL, but JCLCheck is not configured for SSL. 


Enable a secure TLS/HTTPS connection for JCLCheck by following the instructions in the JCLCheck online documentation:

Configure and Deploy the JCLCheck REST API

Here's a template for how to configure JCLCheck to specify a Truststore, and Keystore for holding certificates.  These properties are specified in the "jclcheck.yml" configuration file:  

  address: xxx
  port: xxx
    enabled: true
    keyAlias: server
    keyPassword: xxx
    keyStore: config/keystore.p12
    keyStorePassword: xxx
    keyStoreType: PKCS12
    trustStore: config/truststore.p12
    trustStorePassword: xxx
    trustStoreType: PKCS12
Note: One TLS certificate for the JCLCheck server should work for either a direct-to-service connection or when connected through the API ML.   The API ML must have its own certificate.