This page last changed on Apr 07, 2015 by klaus1.
I am using http calls from my controller to an https beckhof control.
Getting the following error in my controller LOG:
IOException when executing HTTP method javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
What exactly do I need to authenticate ? I have basic authentication with username and password.
With http connection all is ok, but https makes that problem.
This is an issue with the key certificate used in encrypted HTTPS connection from the Beckhof system.
First you will need to try to retrieve the certificate to inspect it.
The certificate could have expired, for example (in which case Beckhof would need to issue a new certificate).
Other possibility is that the certificate is valid but has not been approved by a CA (Certificate Authority) that is trusted by the Java virtual machine which the controller uses.
If the latter is the case, you could try to add the Beckhoff's certificate as a trusted certificate in the JVM you are using. You will have to find a way to extract the certificate first though.
Some related info how to do this is shared here: http://blog.nerdability.com/2013/01/tech-how-to-fix-sslpeerunverifiedexcept.html
1. Extract the certificate:
echo -n | openssl s_client -connect <IP-ADDRESS-OF-YOUR-BECKHOFF-SYSTEM>:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/beckhoff.cert
2. Find the JVM certificate trust store:
For example, in your JRE or JDK directory there should be something similar to:
3. Add new trusted certificate to JVM:
> cd lib/security
> keytool -importcert -alias "beckhoff" -file /tmp/beckhoff.cert -keystore ./cacerts -storepass changeit
Posted by juha at Apr 08, 2015 21:51