Https port set up

Hi,

I want to set up https port for my Integration Server.
I created a https port with access mode as allow and IP access as allow.
I have created default keystore, trustsore on the same IS.
But when I try to open the IS Admin console using the secure port, it pops the security certificate warning.
I say continue for this website, it prompts for the user/pass.
But when I enter the default password or AD user/pass, it does not let me in.
It prompts back the same user/pass window.

Below are the error messages in the server log.

[1126]2017-01-10 11:25:02 GMT [ISS.0053.0002C] Access denied for user sesrvac115 on port 5556 → ‘’ from 153.88.245.151.
[1125]2017-01-10 11:24:57 GMT [ISS.0012.0012W] Authentication of user “sesrvac115” failed with exception: Login Failure: all modules ignored.
[1124]2017-01-10 11:24:36 GMT [ISS.0053.0002C] Access denied for user Administrator on port 5556 → ‘’ from 153.88.245.151.
[1123]2017-01-10 11:24:34 GMT [ISS.0012.0012W] Authentication of user “Administrator” failed with exception: Login Failure: all modules ignored

Why is the authentication not happening with https?
What seems to be missing?

What’s the “Client Authentication” property of this https port?

Hi,

Please verify the Client Authentication part once again.
If you have set it to UserName/Password or any other thing.

Regards,
Syed Faraz Ahmed
HTTPS_Port.JPG

Hi,

Yes, client authentication is UserName/Password only.
Still it does not work.

Regards,
Revathi

Hi Revathi,

Can you please take a screenshot of the port details and paste it here.
Also, try increasing the log level for HTTPS Listeners and see if you are able to track any thing from there.

Regards,
Syed Faraz Ahmed

attaching screen shot of https port

Error messages with a high level of logging produces below logs when I try to log into https port via browser –

[15154]2017-01-11 08:02:09 GMT [ISS.0053.0002C] Access denied for user Administrator on port 5556 → ‘’ from 153.88.245.151.
[15153]2017-01-11 08:02:06 GMT [ISS.0012.0008T] User “local/Administrator” already authenticated in session caed496094061ae39279a7441e1196c1; skipping authentication.
[15152]2017-01-11 08:02:06 GMT [ISS.0012.0006T] Client provided session ID caed496094061ae39279a7441e1196c1 for an existing session.
[15151]2017-01-11 08:02:06 GMT [ISS.0012.0008T] User “local/Administrator” already authenticated in session caed496094061ae39279a7441e1196c1; skipping authentication.
[15150]2017-01-11 08:02:06 GMT [ISS.0012.0006T] Client provided session ID caed496094061ae39279a7441e1196c1 for an existing session.
[15149]2017-01-11 08:02:06 GMT [ISS.0012.0009D] Successfully authenticated user “local/Administrator”.
[15148]2017-01-11 08:02:06 GMT [ISS.0012.9999D] AuthnCacheManager caching record for user Administrator
[15147]2017-01-11 08:02:06 GMT [ISS.0012.0047T] No X509 certificate chain found.
[15146]2017-01-11 08:02:06 GMT [ISS.0012.0036D] No user found corresponding to the passed SAML assertion.
[15145]2017-01-11 08:02:06 GMT [ISS.0012.0006T] Client provided session ID caed496094061ae39279a7441e1196c1 for an existing session.
[15144]2017-01-11 08:02:03 GMT [ISS.0012.0012W] Authentication of user “Administrator” failed with exception: Login Failure: all modules ignored.
[15143]2017-01-11 08:02:03 GMT [ISS.0012.0050T] Basic authentication, no user found.
[15142]2017-01-11 08:02:03 GMT [ISS.0012.0047T] No X509 certificate chain found.
[15141]2017-01-11 08:02:03 GMT [ISS.0012.0036D] No user found corresponding to the passed SAML assertion.

From the Screenshot i got it like you are using Digest as Client Authentication.

Attaching the same screenshot you sent highlighting the part that should be made as username/password.

Regards,
Syed Faraz Ahmed
Hppts.JPG

1 Like

hey thanks.
Now I can open the https url when I set to username/password via browser.

Next, I want to invoke a RESTful service on IS via a REST client using the https port.

Is there any additional setting I need to do on the IS / Rest client?

Just cross verify the following things.

  1. watt.server.RESTDirective is set
  2. Provide basic authentication and give the credentials there.

Regards,
Syed Faraz Ahmed

watt.server.RESTDirective=rest

This has been set by default.

Rest service is working over http port.

But not over https port, via the Chrome Advanced Rest Client.

It initially complained for a plug-in.
After installing the Chrome plug-in, the it says https URL is unreachable.

How to crack this?

It’s supposed need no extra plugin. Could you attache some screenshots?
Sometimes Chrome will complain for a low level encryption in communication. Have you tried other web browsers?

I worked using chrome for testing most of the rest services.
There will be many client similar to Advanced Rest Client which can be added from chrome apps. I used Postman client.

Can you share the screenshot while you are sending the request along with the error that you are getting.

Regards,
Syed Faraz Ahmed

Hi,

Attached is the screenshot of the error which we get while trying with https port.
Please advice.

Thanks,
Monica
httpsError.PNG

Hi Monica,

Are you using any client for invoking the Rest API’s?

Regards,
Syed Faraz Ahmed

Yes… We are testing from advanced rest client.

Can you share the Https port details?

Also, please share the rest client screenshot.

Regards,
Syed Faraz Ahmed

Attaching screenshot


Configuration seems to be correct.

Some Rest Client will not work with invalid certificates. So for Advanced rest client you need to install and add-on ARC Cookie extension.

After installing add-on just enable “USE HDR” setting in Advanced rest client.

This should enable you to send and receive content.

Regards,
Syed Faraz Ahmed

Thanks Faraz.

After installing cookie extension and enabling the XHR, getting error as below