Ssl handshake error

Hello the community,
We are trying to connect to Yokoy API using a Webservice Connector, we added the certificates (PEM format) for the API/oauth2 url to the VA and restarted ccg.
Despite of the installation of the certificates, the test connection is not working on ISC.

Error Details :
“Error: Exception occurred while generating access token: Unable to generate access token. Response returned: javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake”

The credentials are correct, we used Postman to test and it worked.
We tried to CURL Yokoy on the VA (even google) and it didn’t worked, error 443 ssl.
So is there some firewall configuration to set or VA configuration to change for the ssl handshake to work?

Thanks in Advance.

Can you do a curl -v (verbose logging)? That way you can see if it actually hits the url or something else in between.

Do you have a proxy configured?

Hi, i tried the verbose on curl, i put the screenshot there.

image969×293 98.2 KB

I’m assuming you’re not connecting to google.com as the web service? It’s clear that google.com is not added in the certificates file.

Can you try for the actual webservice you are trying to connect to? Please obfuscate any values that are sensitive.

it’s the exact same error :

image967×227 54.7 KB

That tells me that the exact certificate path or CA hasn’t been properly imported (yet). You mentioned you have imported the certificates but:
a) where did you import them
b) did you only import the certificate or the whole chain

i imported them in the home/sailpoint/certificates folder.
I imported the certificates “api.test.yokoy.ai” for the api calls and “accounts.test.yokoy.ai” for the token call.

Have you tried openssl to connect to the end point via the VA and grab the certificates that way?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.