Force IS to Accept Expired Certificates?

Curtis_Ling · November 23, 2007, 1:54am

Has anyone come across an easy method (flow or config) to force Integration Server to accept an expired certificate?

We’re working on an integration to a third-party website (xml over https) and their certificate expired earlier this week (Integration Server is returning iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier).

We’ve called their attention to it, but they haven’t been particularly quick about addressing the situation, and we’d like to continue to test while they get their house in order.

Thanks in advance,
Curtis Ling

wMusers.Com1 · November 25, 2007, 8:10am

You will often find helpful information about errors like these by searching Advantage for the error message. The first match in this case turned up a useful answer.

Mark

Curtis_Ling · November 26, 2007, 8:02pm

Wow … thanks Mark!
Believe it or not, I did troll through Advantage, but somehow I missed that one.
Much appreciated.

Edit:
Unfortunately, doesn’t seem to work.
We didn’t initially have the attribute (watt.security.cert.wmChainVerifier.trustByDefault) set, and the default is true.

Also tried
watt.security.ssl.ignoreExpiredChains=true
which seemed like it might have been promising.