Solved: Getting a General SSLEngine problem on a service c...

akashtp · 10-27-2016 03:26 AM

This is the sample API call for which the issue is seen:

curl -X GET -H "Authorization: Bearer TP8Mbyo64LluhTAzrfv4NIKRzm1B" -H "Accept: application/pdf" -H "Cache-Control: no-cache" "https://prod.abc.com/REST/GetInvoice/CO/invoices/88xxxxx8?cycle=26&invoiceSerial=701086032&invoiceRe..."

akashtp

Issue seems to be related to SSL handshake which fails due to "Unknown server certificate" returned by Apigee Message-Processor. This means that ROOT CA certificate is required in Truststore in order to make this setup work.

I`ve downloaded following certificate : https://search.thawte.com/library/VERISIGN/ALL_OTHER/KB_IMAGES/SO26817/Certs/SHA2/thawte_SSL_CA_G2.c... , Uploaded it to Truststore in my dev environment and slightly reconfigured CalloutPolicy :

<SSLInfo> 
  <Enabled>true</Enabled> 
  <TrustStore>Test</TrustStore> 
  <Protocols> 
    <Protocol>TLSv1</Protocol> 
  </Protocols> 
</SSLInfo>

Now I'm able to connect with your backend server and get a response.

View solution in original post

akashtp

Issue seems to be related to SSL handshake which fails due to "Unknown server certificate" returned by Apigee Message-Processor. This means that ROOT CA certificate is required in Truststore in order to make this setup work.

I`ve downloaded following certificate : https://search.thawte.com/library/VERISIGN/ALL_OTHER/KB_IMAGES/SO26817/Certs/SHA2/thawte_SSL_CA_G2.c... , Uploaded it to Truststore in my dev environment and slightly reconfigured CalloutPolicy :

<SSLInfo> 
  <Enabled>true</Enabled> 
  <TrustStore>Test</TrustStore> 
  <Protocols> 
    <Protocol>TLSv1</Protocol> 
  </Protocols> 
</SSLInfo>

Now I'm able to connect with your backend server and get a response.

Getting a General SSLEngine problem on a service callout