Neither certificate nor password was provided

sreenivas_aravelli · April 5, 2019, 4:10pm

Hello Experts,

I am trying to do an HTTPS call to a client using a pfx Certificate.
I am able to connect to their system but am don’t see a valid response. Instead, the response says “Neither certificate nor password was provided”.

I have clients PKCS 12 certificate imported to the DEFAULT_IS_KEYSTORE and *.der certificates in truststore.

In My floew service i have

pub.security.keystore:getKeyAndChain
pub.client:http

Could anyone help me with the issue??

sreenivas_aravelli · April 8, 2019, 8:26am

Any one who can help me resolve this issue

Vlad_TURIAN · April 8, 2019, 10:02am

Hello,

The following setup worked for me:

adding a new keystore alias in the IS keystore
In the IS service I have the following calls:

pub.security.keystore:setKeyAndChain (keystoreAlias and the keyAlias are the previously configured ones)
pub.client:http
pub.security:clearKeyAndChain

Maybe it will help you.

Ashish_Bania · April 12, 2019, 6:47pm

Hi,

Import the trust certificate from IS → Security → Certificates → Configure Client Certificates. You can set the usage as per your need. SSL Auth if thats what you are looking for.

HTH

Regards,
Ashish Bania

Mirza_Misbahulhaq · May 13, 2019, 8:14am

Hi ,

Could any please share the steps of instaling a pfx certificate in webMethods.

the steps i am folowing are:

installing the pfx certificate
extracting the certificate in DER format from the pfx file
creating a truststore
impoting the DER certificates into trustsore using keytool
create keysore
extract prvate key from PFX in .p12 format.
install the p12 to keystore using keytool
configure the keystore and truststore under Securrity----> keystore
i my flow service invoke below

pub.security.keystore:setKeyAndChain (keystoreAlias and the keyAlias are the previously configured ones)
pub.client:http
pub.security:clearKeyAndChain

Regards

Sanket_Pandey3 · February 10, 2021, 8:39pm

Hi Vlad,

The use case is as below:

We have been doing the HTTPS call to a Microsoft API even before but they never asked for the certificate till now.
Now we have to call them to a new URL and pass our certificate, they have configured the thumbprint of same certificate at their end.
We were doing a custom http call before, but now we are doing the http call as below
1. pub.security.keystore:setKeyAndChain
2. pub.client:http
3. pub.security:clearKeyAndChain
  But still getting the error as : com.wm.net.NetException: [ISC.0064.9314] Authorization Required: Client certificate or AAD Bearer token not found in request.
We have our certificate configured and mapped with our HTTPS port in Security > Keystore and we have CA Cert in truststore.
Even we have configured the certificate of the API which we are making HTTPS call to in Security > Certificates > Configure Client Certificates and mapped to a user which is part of group Administrator .
In Security > Certificates, I have the same Keystore and TrustStore as we have in Security > Keystore.

Still not sure what else required to send them the certificate so that they can verify the HTTPS call with certificate against the thumbprint of same certificate.

Though here from pub.security.keystore:setKeyAndChain no certificate is produced and not sure if it is produced from services like pub.security.keystore:getKeyAndChain or pub.security.keystore:getTrustedCertificates, where to pass it in pub.client:http

So when you say, adding new keystore alias in IS keystore worked for me, which one did you add? Because for us the keystore is already configured having our organization certificate in PKCS12 format.

Regards,

Sanket

system · May 11, 2021, 8:39pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.