I have two javascript adapter:adapterA、adapterB
And I need call adapterA after that the adapterA will call adapterB(use MFP.Server.invokeProcedure, in the same mfp server) using this API
when I call in mfp localhost, it works
http://localhost:9080/mfp/api/adapters/AdapterA/test
then I call https after I import mfp cer to jre cacerts
It works fine too
https://localhost:443/mfp/api/adapters/AdapterA/test
My question is I have IHS Server to redirect mfp services
when I call api by IHS http url
http://{domain}/mfp/api/adapters/AdapterA/test
It works
when I call api by IHS https url
https://{domain}/mfp/api/adapters/AdapterA/test
mfp server will get error like this:
com.ibm.mfp.server.js.adapter.internal.JavascriptManagerImpl E FWLST0904E: Exception was thrown while invoking procedure: test in adapter: adapterB java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: PKIX path building failed: com.ibm.security.cert.IBMCertPathBuilderException: unable to find valid certification path to requested target at com.ibm.mfp.server.js.adapter.internal.invocation.JavaScriptIntegrationLibraryImplementation.invokeProcedure(JavaScriptIntegrationLibraryImplementation.java:255)
but my IHS plugin only set http
how can I resolve this issue and avoid this issue
thanks
When the MobileFirst server creates the request to reach adapter B, the default behaviour is to frame the request, based on the URL of the currently executing request. That is, it uses the request originally used to reach adapter A, to frame the request to reach the target adapter B.
It works well in case 1, where the webserver is accessed using a "http://.." URL. In case 2, where MFP1 has to make an outbound call to the webserver using the "https://.." URL, it needs to first complete a SSL Handshake with the webserver. In case the MFP1 JVM lacks the certificates of the webserver, it fails to establish SSL Handshake and can lead to the error you saw.
In your case, there are two approaches you can take:
mfp.adapter.invocation.url
. For instance, if you set the value of this property to "http://localhost:9080/mfp", adapter B will be invoked as "http://localhost:9080/mfp/api/adapters/adapterB". The call stays local. More details on this property here.