Monday, January 26, 2009

How to configure Standalone Fuego BEA Aqualogic Oracle BPM Studio to work with Secure Web Services?

While evaluating BEA BPM Studio I had to struggle a bit with how to configure Standalone Fuego BEA Aqualogic Oracle BPM Studio .... I am trying to give credit to all companies here :) to work with Secure Web Services?
Now I have secured web services orchestrated and also using encryption in my BPM Processes. Here is the meat of the matter ...
In order to communicate with secured webservices using SSL encryption (those with WSDL end point starting as https:// ) you need to have certificates from those servers installed in your keystore.
For BPM Standalone these are the steps. And before you begin set JAVA_HOME to C:\OraBPMStudioHome\eclipse\jre if you have not done so already.
1. Download the .cer file from server. (One way is you can use IE browser to get that file and export it from browser to a local directory)
2. Put this file in %JAVA_HOME%\jre\lib\security. You can put it anywhere you want.
3. Run the following command at a command prompt:
C:\Program Files\Java\jre1.6.0_02\bin>keytool -import -trustcacerts -alias <CERT ALIAS NAME> -keystore ..\lib\security\cacerts -file ..\lib\security\gd_<cert file name>.cer
4. You will be prompted for a password. If you have not changed the password, it will be "changeit".
5. You will then get the following message if all is successful - "Certificate was added to keystore".
6. Restart Tomcat (inbuilt server in BPM Studio).
This should solve your problem.
Pls note that if you have not configured your keyStore then first do so. you will find this document handy to do so.
Quick tip: To see a list of keys in keystore
%JAVA_HOME%\bin\keytool -list -keystore ..\lib\security\cacerts
Arvind

4 comments:

Nick said...

Thanks for the Post Arvind ! We are using the Aqualogic BPM tool and needed to switch on SSL and Basic Auth for the BPM Studio. This post worked first time for us!
Regards,
Nick

Sarat said...

Hi Arvind,

I followed the steps specified in you blog to import Certificates into BPM Studio. We would like to have a sample Tomcat server.xml config for SSL Configuration. We also would like to know if restarting Studio would signify restarting Tomcat or should something else be done on top of it ?


I have posted the error messages, I received while trying to catalog https Webservices deployed on ALSB.

Introspecting...
downloading /sbresource?PROXY/AuditingService_9.07/Proxies/AuditingProxy
[Error] Instrospection exception: Web Service WSDL parse exception: http://pasunesbdevf1a1:17101/sbresource?PROXY/AuditingService_9.07/Proxies/AuditingProxy...


I would really appreciate your help in this regard.

Sarat

Yaseen said...

Great article..saved lot of time for me to figure this out while working with secure webservices using OBPM.

Ray said...

hi very good this post, but when I test the web service call again, now I get this error:
HTTPS hostname wrong: should be <10.36.15.100>
this ip is the one where the WSO2 Carbon is running with the web service Im calling, I dont know how to solve this?
thanks