Resolution:
The attached document (Filename: Common_Errors_in_BW_related_to_SSL.pdf) outlines some of the common errors that show up as technical support service requests (SR’s) when configuring BW for SSL communication. The objective of this document is to allow BW users to identify and attempt to troubleshoot the problem.

The document has following sections:

Section-I: Enabling Tracing

Section-II: COMMON ERRORS

A). Error message: - “iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier”.

B). Error Message: - No PrivateKeyInfo: iaik.asn1.CodingException: ASN.1 creation error:Length: Too large ASN.1 object.

C). Error: - com.tibco.security.AXSecurityException: RSA signature failed to initialize for verifying: Unsupported keysize or algorithm parameters.

D) Error: - iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: unexpected Message.

E). Error: - SSLException while handshaking: Peer sent alert: Alert Fatal: decrypt error.

F). Error: - SSLException while handshaking: Certificate verify message signature error!

G). Error:- com.tibco.security.AXSecurityException: Extension error: Certificate [n] does not have a basic constraints extension!

H). Error: - com.tibco.security.AXSecurityException: Extension error: certificate at index 0 is marked CA certificate.

J). Error: - com.tibco.security.AXSecurityException: No certificates encoded in supported ways were found.

K). Error: - java.io.IOException: An AXSecurityException was thrown while trying to create the server socket on the port: [xxxx].

L). Error: - java.lang.IllegalArgumentException: Child resource has null name.

M). Error: - ssl_debug(2): No client certificate available, sending empty certificate message...