Generating Webservice using HTTPS in XI.

Hi Experts,
I have generated webservice in XI using http , and i have tested using infopath soap client, its working fine. I have generated webservice in XI using htpps using the same scenario, when i am testing using infopath as soap client and tested, its giving error, request is not hitting the XI system at all. do i need to configure any certificate in infopath or in XI server, please can anyone advice. i have configured HPPTS without client authentication in SOAP adapter.
Thanks,
Dhanush

Hi Experts,
I am not able to get exact answer after reading the sap.help.com, sap notes.
My scenario is RFC < ---> SOAP ( webservice) , i have generated webservice with the HTTPS and secured port of XI, When i copy and past in IE browser, its showing status is OK, but request is not hitting the XI system. what are things to be taken care at soap client and XI server side, do i need to install any certificats at client side or server side. please advice me.
Thanks,
Siva

Similar Messages

Problem in calling webservice using https from livecycle designer

I want to call a webservice written in .net(c#) using https from livecycle designer.I can call webservice using http ,but when i try with https it is failing.If there any special configuration have to do in server for this ?I have already put crossdomain in server.
Waiting for your reply
thank's

How did you call from LC? Please help me out either one is fine to me http or https
Srujan

RFC-to-SOAP webservice using HTTPS

Hi experts,
I have a RFC-to-SOAP (sync) and the URL of the webservice is using HTTPS. I'm not the owner of the webservice.
Encountered these errors
- for sender comm :
com.sap.aii.af.ra.ms.api.DeliveryException: Peer sent alert: Alert Fatal: illegal parameter
- receiver comm :
Message processing failed. Cause: com.sap.aii.af.ra.ms.api.RecoverableException: Peer sent alert: Alert Fatal: illegal parameter: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: illegal parameter
We are not using certificate authentication so I don't think that's the cause.
Have checked that the https is running ok for ABAP but I don't think that got anything to do with the errors. Is there something wrong with SSL setting for J2EE? If yes, how may I check?
Are there some parameters to be set up? In the RFC sender comm & SOAP receiver comm, I do not find any special settings for https.
I have read this link : http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm. Is it necessary to set the Exchange Profile Parameters? My BASIS colleague is now checking it.
Thanks for reading and will appreciate any advice!

Thanks Prateek for the quick reply!
Re HTTPS certificate, do you mean the cert for my XI server or the cert from the web service?
I have tested calling the web service using SOAPUI and it works fine without using the cert given by the web service (which is expired anyway)...

Is it possible to call a SOAP webservice using HTTP POST adapter

Hello Experts,
Is it possible to call a webservice using a HTTP adapter with POST method? If yes, how?
Regards,
Diptee

No this will not work since you have additional SOAP information (i.e. SOAP envelope, security information) in addition to the payload. If you need a simple HTTP-Post for example, then you don't need SOAP, you can use the more simple http protocol without the additional features of SOAP.
Also refer to this link for differences: Difference b/w SOAP and HTTP

Consume webservice using HTTP adapter

Hi PI Experts,
Can we consume a webservice using a HTTP adapter?
If yes can anyone share some knowledge, how to do so?
Thanks & REgards,
Krishna

Hi Krishna,
I think this can be done using FLEX.(not sure).
Ref: http://wiki.sdn.sap.com/wiki/display/EmTech/ConsumingABAPWebServicesusing+Flex
Thanks,

Invokation of Webservices using HTTP

Can I invoke webservices in SAP using HTTP instead of SOAP? If so How?

Hi Vijay,
yes we can do it with HTTP
Configuring the Receiver Plain HTTP Adapter
Use
The plain HTTP outbound channel is a service provided by the Integration Engine. The system is addressed when technical routing determines a corresponding communication channel for the logical receiver from logical routing. The system sends the payload of the message to an HTTP address using HTTP, without being enhanced with an envelope.
Integration
You configure the adapter on the Parameters tab page during the definition of a communication channel in the Integration Server.
Activities
The plain HTTP adapter gives the receiver system the following specifications:
Transport Protocol
HTTP 1.0
Message Protocol
XI payload in HTTP body
Adapter Engine
Integration Server
Addressing Type
URL Address
HTTP Destination
Specify the target host, service number, and path prefix including query string:
http://<hostname:port>/<path>?<query-string>
You can identify the target host (HTTP port) of a SAP Web Application Server using the ICM monitor.
Host and port of the HTTP proxy (optional if there is a firewall between the plain HTTP adapter and the receiver system)
Authentication data for the receiver system, see also: transaction Display and Maintain RFC Destinations (SM59)
Specify the RFC destination.
Parameters from the Communication Channel for Technical Routing
●      Content type (the entry text/XML is expected as default)
Specifies the content format (payload) that the message should have.
●      (Optional) header fields for the receiver-specific protocol
●      Select Additional Query String Attributes:
○       Sender party
○       Sender service
○       Receiver interface
○       Message ID
○       Quality of service
○       Queue ID
The queue ID is only required if the quality of service is EOIO.
●      Specifications for payload manipulation
○       XML code (default UTF-8)
Specifies the character set.
○       URL escaping
Presents the XML in a URL-enabled format.
Special characters that could be interpreted as control characters are replaced with escape characters (masked).
○       Prolog
Enhances the payload for particular servers (optional, see below).
○       Epilog
Enhances the payload for particular servers (optional, see below).
Adapter-Specific Message Attributes
●      To evaluate adapter attributes in the message header of the XI message, select Set Adapter-Specific Message Attributes.
●      If you want missing message attributes to trigger an error message, select Fail If Adapter-Specific Message Attributes Missing.
If the indicator is set and the header for adapter-specific message attributes or one of the set attributes is missing from the message, this leads to a system error (red flag).
If you do not set the indicator, and message attributes are missing, the adapter accesses information from the adapter configuration.
●      If you want to use an HTTP destination or URL set by the mapping, select URL orHTTP Destination.
(The indicator displayed depends on the Addressing Type you selected above). If you set the indicator, the URL or HTTP destination set dynamically is called by HTTP.
If the message header does not contain the URL or the HTTP destination, and you have set the Fail If Adapter-Specific Message Attributes Missingindicator, the XI message is set to status System Error.
If you do not set the indicator, the URL or HTTP destination defined statically in the communication channel is used.
The technical names of the fields are:
○       URL: TargetURL
○       HTTP Destination: HTTPDest
●      If you want to use HTTP header fields, select Apply HTTP Header Fields and enter the fields in Field 1 to Field 6.
The fields are embedded in the HTTP request under the names you enter here.
The technical names of the fields are HeaderFieldOne, .... HeaderFieldSix.
●      If you want to use URL parameters, select Apply URL Parameters and enter the parameters in the fields Parameter 1 to Parameter 6.
The parameters are included in the HTTP request under the names specified here.
The technical names of the fields are URLParamOne, u2026, URLParamSix.
●      If you want to save HTTP header fields from the synchronous response in the XI message header, choose HTTP Header Fields (Synchronous Response) and enter the fields in the fields Field 1 to Field 6.
The fields must have the same names as the fields that are also to be sent in the HTTP response.
The technical names of the fields are HeaderFieldOne,...,HeaderFieldSix.
●      The attribute namespace for the adapter is http://sap.com/xi/XI/System/HTTP.

ADF Mobile : Rest call to a webservice using https - Certificate Error

I'm trying to connect to a web service giving json and which uses https. I am using the following code.
Also SalesApp connects to https://abc.com
RestServiceAdapter restServiceAdapter = Model.createRestServiceAdapter();
restServiceAdapter.clearRequestProperties();
restServiceAdapter.setConnectionName("SalesApp");
restServiceAdapter.setRequestType(RestServiceAdapter.REQUEST_TYPE_GET);
restServiceAdapter.setRetryLimit(0);
restServiceAdapter.setRequestURI("/sales/rest/v1/resources");
try {
response = restServiceAdapter.send("");
I am getting an error of " Certificate was issued by an unrecognized entity ".
Is there anyway to ignore the certificate warning ? Any request properties which can help with this?
I'm not looking at adding any private certificates/verfying the certificate issued by server, just want to ignore the warning
and proceed with the rest call.

Hi, sure you will need to register your private certificate with ADF Mobile's embedded JVM. This is a security mechanism - the JVM we embed will only recognize certificates from well-know CA out of box. However, you can register your private certificate with the JVM. The steps are described in the ADF Mobile Developer Guide: http://docs.oracle.com/cd/E35521_01/doc.111230/e24475/security.htm#CDDCCDFF.
Please note that you will need to be very careful when registering the JVM - extra spaces for example will cause certificate error and it could be hard to diagnose. Please ensure all the fields matches exactly with your private certificate's fields.
Thanks,
Joe Huang

Error while generating webservices using Date

I am facing the following problem while generating a web service which is having Date as one its members.
I have serialized a class with the following DataStructure
private String rowId1;
private Date created;
private String name;
private String quoteNum;
private String revNum;
private String curcyCd;
private String activeFlg;
private Number discntAmt;
private Number discntPercent;
When i tried to expose this as webservice, If I use the class oracle.jbo.domain.Date for Date type, the webservice is not generated properly. It is not including the method which contains this call. ie) This method is not present in the WSDL file as well as in the proxy.
When I used java.util.Date instead of oracle.jbo.domain.Date, I am able to expose the method and webservice got generated properly. But When i tried to generate the proxy for the WSDL in the consumer, I go the following error.
oracle.jdeveloper.webservices.model.GenerationException: Proxy generation failed for the following reason:
     at oracle.jdeveloper.webservices.model.proxy.ProxyGenerator.doGeneration(ProxyGenerator.java:608)
     at oracle.jdeveloper.webservices.model.proxy.ProxyGenerator.generateImpl(ProxyGenerator.java:365)
     at oracle.jdeveloper.webservices.model.proxy.ProxyGenerator.mav$generateImpl(ProxyGenerator.java:77)
     at oracle.jdeveloper.webservices.model.proxy.ProxyGenerator$1ThrowingRunnable.run(ProxyGenerator.java:206)
     at oracle.jdeveloper.webservices.model.GeneratorUI$GeneratorAction.run(GeneratorUI.java:446)
     at oracle.ide.dialogs.ProgressBar.run(ProgressBar.java:551)
     at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.RuntimeException: generator error: no encoder for type "{http://www.w3.org/2001/XMLSchema}dateTime" and Java type "java.lang.String"
     at oracle.j2ee.ws.common.processor.Processor.runActions(Processor.java:105)
     at oracle.j2ee.ws.tools.wsa.AssemblerTool.run(AssemblerTool.java:99)
     at oracle.j2ee.ws.tools.wsa.WsdlToJavaTool.createProxy(WsdlToJavaTool.java:354)
     at oracle.j2ee.ws.tools.wsa.Util.createProxy(Util.java:838)
     at oracle.jdeveloper.webservices.model.proxy.ProxyGenerator.doGeneration(ProxyGenerator.java:549)
     ... 6 more
Caused by: generator error: no encoder for type "{http://www.w3.org/2001/XMLSchema}dateTime" and Java type "java.lang.String"
     at oracle.j2ee.ws.common.processor.generator.GeneratorBase.doGeneration(GeneratorBase.java:181)
     at oracle.j2ee.ws.common.processor.generator.GeneratorBase.perform(GeneratorBase.java:137)
     at oracle.j2ee.ws.common.processor.Processor.runActions(Processor.java:97)
     ... 10 more
I am referring to "Entity and view objects based on web service " in the following URL
http://radio.weblogs.com/0118231/stories/2004/09/23/notYetDocumentedAdfSampleApplications.html#93
Thanks and Regards,
James

Hi all,
I have applied the consolidated JRI fixes - patch 17191279 .
Then, when generating Jar, received keypass is tampered error.
re-generated the key using $ adjkey -initialize.
Now, its working fine.
Regards,
Krish.

Weblogic WebServices Client: how to use HTTP 1.1 protocol ?

Hi,
I generated a stub ( jar file) to call a weblogic webservice from a client, both in weblogic workshop 8.1.4 and weblogic workshop 10.3.
It seems that both jars (generated by weblogic) use HTTP 1.0 protocol (I can see the HTTP 1.0 requests from access log file)
I would like to use HTTP 1.1 protocol : can I set some property ? Which property ? Can you help me ?

Weblogic 10.3 generated client use HTTP 1.1 protocol

Invoking Webservice over HTTPS

Hi all,
I'm using Weblogic 9.2 with default configuration of Keystore & SSL. The webservice client is generated using 'Clientgen' Ant task, I can invoke the webservice using http without problem, but when using https it's always rejected, basically I'm not sure what system properties to put for the client, here's my last desperate attempt:
System.setProperty("weblogic.webservice.verbose", "true");
System.setProperty("java.protocol.handler.pkgs", "weblogic.net");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "config/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.security.SSL.TrustKeyStore", "DemoTrust");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
System.setProperty("ssl.debug", "true");
PaymentGateway service = new PaymentGateway_Impl();
PaymentGatewayPort port = service.getPaymentGatewayPort();
Stub.class.cast(port)._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "https://192.168.56.3:7002/ws/PaymentGateway?WSDL");
Stub.class.cast(port)._setProperty(Stub.USERNAME_PROPERTY, "weblogic");
Stub.class.cast(port)._setProperty(Stub.PASSWORD_PROPERTY, "weblogic");
ISODocument isoDoc = new ISODocument();
isoDoc.setMti(new Integer(200));
port.balanceInquery(isoDoc);And here's the exception thrown in client:
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Not in server, Certicom SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE KeyAgreement: SunJCE version 1.5 for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm ECDH
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DESede/CBC/NoPadding
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm AES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RC4
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA/ECB/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL Session TTL :90000

URL        : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
Headers    :
Authorization: [Basic d2VibG9naWM6d2VibG9naWM=]
SOAPAction: [""]
Content-Type: [text/xml]
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><env:Header></env:Header><env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><m:balanceInquery xmlns:m="http://www.telkomsel.com/PaymentGateway"><iSODocument xmlns:n1="java:com.visitek.pgi.models" xsi:type="n1:ISODocument"><amount xsi:nil="true"></amount><audit_number href="#ID_2"></audit_number><bank_code xsi:type="xsd:string">000151</bank_code><currency_code href="#ID_2"></currency_code><data href="#ID_2"></data><encrypted_pin href="#ID_2"></encrypted_pin><expiration_date href="#ID_2"></expiration_date><institution_code href="#ID_2"></institution_code><institution_data xsi:type="xsd:string">62812006002616</institution_data><local_tracking_id xsi:type="xsd:string">080722163229082127.0.0.1:9595</local_tracking_id><mti xsi:type="xsd:int">200</mti><network_information_code xsi:type="xsd:short">0</network_information_code><original_data_element href="#ID_2"></original_data_element><pan_null_true xsi:type="xsd:string">yes</pan_null_true><pos_entry href="#ID_2"></pos_entry><primary_acc_number xsi:nil="true"></primary_acc_number><response_code href="#ID_2"></response_code><response_terminal_number href="#ID_2"></response_terminal_number><service_code xsi:type="xsd:int">6016</service_code><settlement_date href="#ID_2"></settlement_date><terminal_number href="#ID_2"></terminal_number><transaction_code xsi:type="xsd:int">380000</transaction_code><transaction_data href="#ID_2"></transaction_data><transaction_date href="#ID_2"></transaction_date><transaction_sequence href="#ID_2"></transaction_sequence><transaction_time href="#ID_2"></transaction_time><transaction_timestamp href="#ID_2"></transaction_timestamp></iSODocument></m:balanceInquery><xsd:string xsi:type="xsd:string" id="ID_2"></xsd:string></env:Body></env:Envelope>

Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Trusted CA keystore: config/DemoIdentity.jks
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Filtering JSSE SSLSocket
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLIOContextTable.addContext(ctx): 24864323
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLSocket will NOT be Muxing
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: write SSL_20_RECORD
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: ServerHello
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: Certificate
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Cannot complete the certificate chain: No trusted cert found
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Validating certificate 0 in the chain: Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: validationCallback: validateErr = 16
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE:   cert[0] = Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Warning> <Security> <BEA-090542> <Certificate chain received from 192.168.56.3 - 192.168.56.3 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Validation error = 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Certificate chain is untrusted>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <SSLTrustValidator returns: 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
     at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
     at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
     at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
     at com.certicom.tls.record.WriteHandler.write(Unknown Source)
     at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
     at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
     at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
     at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
     at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:153)
     at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:367)
     at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
     at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:705)
     at java.net.URLConnection.getContentType(URLConnection.java:479)
     at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:230)
     at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:64)
     at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:238)
     at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:246)
     at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:147)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:473)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:459)
     at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:306)
     at com.visitek.pgi.client.PaymentGatewayPort_Stub.balanceInquery(PaymentGatewayPort_Stub.java:48)
     at com.visitek.test.pg.TestPGWebservice.testWebserviceSSLInvocation(TestPGWebservice.java:70)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:585)
     at junit.framework.TestCase.runTest(TestCase.java:164)
     at junit.framework.TestCase.runBare(TestCase.java:130)
     at junit.framework.TestResult$1.protect(TestResult.java:106)
     at junit.framework.TestResult.runProtected(TestResult.java:124)
     at junit.framework.TestResult.run(TestResult.java:109)
     at junit.framework.TestCase.run(TestCase.java:120)
     at junit.framework.TestSuite.runTest(TestSuite.java:230)
     at junit.framework.TestSuite.run(TestSuite.java:225)
     at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:130)
     at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <write ALERT, offset = 0, length = 2>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <close(): 19097823>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>

URL           : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Info> <WebService> <BEA-220025> <Handler weblogic.webservice.core.handler.ClientHandler threw an exception from its handleResponse method. The exception was:
javax.xml.rpc.JAXRPCException: java.io.EOFException: Response contained no data.> I'm a total stranger to this HTTPS & SSL thing & I've googled around only to find partial answers. My plan is to use custom identity, but firstly I want to make sure that using the default works.
Any help would be greatly appreciated.
Regards,
Setya

Why does it throw SSLKeyException: SSL handshake failure? I have printed the contents of DemoIdentity.jks and DemoTrust.jks files.Can you please find out what I need to do for it?
I added the following code ,but it did not help me to resolve this issue.
private static void callSSLService() {
System.setProperty("weblogic.webservice.verbose", "false");
System.setProperty("ssl.debug", "false");
// System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoTrust.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
SOAP Fault:javax.xml.rpc.soap.SOAPFaultException:
Exception during processing: javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr-ccc.tsl.xxxx.com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure. (see Fault Detail for stacktrace)
Detail:
<detail><bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr- com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure.
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
     at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
     at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
     at com.certicom.tls.record.WriteHandler.write(Unknown Source)
     at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
     at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
     at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
     at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
     at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
     at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
     at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
     at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:832)
     at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:238)
     at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:63)
     at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:237)
     at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:243)
     at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
     at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
I executed keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: demoidentity
Creation date: 21-Jan-2011
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=L020658, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: -657037958f4825551ebcae3bc2a3349c
Valid from: Thu Jan 20 09:56:28 PST 2011 until: Wed Jan 21 09:56:28 PST 2026
Certificate fingerprints:
MD5: 89:30:08:A6:5F:4F:05:83:D2:1D:B4:B3:EB:B3:CF:F2
SHA1: 1D:E1:1F:93:30:64:CD:DC:C4:60:78:12:23:55:25:FF:FD:19:6A:2B
I executed keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 4 entries
Alias name: certgenca
Creation date: 22-Mar-2002
Entry type: trustedCertEntry
Owner: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 33f10648fcde0deb4199921fd64537f4
Valid from: Thu Mar 21 12:12:27 PST 2002 until: Tue Mar 22 13:12:27 PDT 2022
Certificate fingerprints:
MD5: 8E:AB:55:50:A4:BC:06:F3:FE:C6:A9:72:1F:4F:D3:89
SHA1: E2:CB:88:9D:C5:09:F9:0A:AA:0D:3C:F6:75:7B:5F:1D:2B:A1:F7:F0
Alias name: wlsdemocanew2
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California,
C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:22 PST 2002 until: Mon Oct 16 13:02:22 PDT 2006
Certificate fingerprints:
MD5: 5B:10:D5:3C:C8:53:ED:75:43:58:BF:D5:E5:96:1A:CF
SHA1: 4E:FB:1D:2F:58:EA:D4:0C:FC:2A:86:91:2D:43:4F:C1:79:D0:A6:4E
Alias name: wlsdemocanew1
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=Californi
a, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:11 PST 2002 until: Mon Oct 16 13:02:11 PDT 2006
Certificate fingerprints:
MD5: A1:17:A1:73:9B:70:21:B9:72:85:4D:83:01:69:C8:37
SHA1: 84:13:A2:63:D6:74:75:3B:25:15:6F:62:8C:18:79:87:62:5B:9A:0C
Alias name: wlscertgencab
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 234b5559d1fa0f3ff5c82bdfed032a87
Valid from: Thu Oct 24 08:54:45 PDT 2002 until: Tue Oct 25 08:54:45 PDT 2022
Certificate fingerprints:
MD5: A2:18:4C:E0:1C:AB:82:A7:65:86:86:03:D0:B3:D8:FE
SHA1: F8:5D:49:A4:12:54:78:C7:BA:42:A7:14:3E:06:F5:1E:A0:D4:C6:59
*******************************************

How to use HTTPS for my Webservices

Hello,
I'm devoloping one SIte of a Webservice-based Interface.
- My Webservices have to to consumed using HTTPS
- My Invoker(Oracle 10g PL/SQL-Procedure) has to invoke a Webservice over HTTPS
So i have seen how to create Secure-SOAP-Webservices, but I don't find a tutorial, which shows the whole Process: Create the Webserver-Certificate (SAP WAS 6.40), tell the Webservice to use this certificates, etc...)
It would also be graet, to get a link to tutorial..
Greetings,
Chris

I don't use Oracle PL/SQL, but I can give you an idea how it can be done via eg PHP (pear soap in this case) consumer.
I presume that you you have on the WAS already an FM which is webservice enabled.
First you need to set up an array with all credentials
$proxy = array('user'=>'someuser', 'pass'=>'somepass','proxy_user'=>'someuser', 'proxy_pass'=>'somepass');
Then you set up the client with the wsdl and this proxy info
$wsdl=new SOAP_WSDL("https://someuser:somepass@someurl",$proxy);
$wsdl->proxy=$proxy
$client->$wsdl->getProxy();
$result=$client->someFMonWAS();
It's that easy.

Use HTTPS to access webservice on standalone OC4J

I have followed the instructions in the Oracle Containers for J2EE Security Guide for setting up SSL (Chapter 15) on standalone OC4J. I have also looked at Tugs blog about using HTTPS with web services. I believe I have everything setup right but have a problem.
BTW, I am using a standalone OC4J instance that is also an ESB server. Prior to doing the SSL setup I already had 2 test web services running that could be accessed via http just fine.
Here is my default-web-site.xml file contents:
<web-site xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/web-site-10_0.xsd" port="8888" display-name="OC4J 10g (10.1.3) Default Web Site" schema-major-version="10" schema-minor-version="0" >
<default-web-app application="default" name="defaultWebApp" />
<web-app application="system" name="dms0" root="/dmsoc4j" />
<web-app application="system" name="dms0" root="/dms0" />
<web-app application="system" name="JMXSoapAdapter-web" root="/JMXSoapAdapter" />
<web-app application="default" name="jmsrouter_web" load-on-startup="true" root="/jmsrouter" />
<web-app application="javasso" name="javasso-web" root="/jsso" />
<web-app application="ascontrol" name="ascontrol" load-on-startup="true" root="/em" ohs-routing="false" />
<web-app application="esb-test" name="esb-test" load-on-startup="true" root="/esbtest" />
<web-app application="esb-dt" name="esb_console" load-on-startup="true" root="/esb" />
<web-app application="orainfra" name="orainfra" load-on-startup="true" root="/orainfra" />
<web-app application="esb-rt" name="provider-war" load-on-startup="true" root="/event" />
<web-app application="Test-elexnet_service-WS" name="WebServices" load-on-startup="true" root="/Test-elexnet_service-context-root" />
<web-app application="Test-elexnet_service2-WS" name="WebServices" load-on-startup="true" root="/Test-elexnet_service2-context-root" />
<access-log path="../log/default-web-access.log" split="day" />
</web-site>
Here is my secure-web-site.xml file contents:
<web-site xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/web-site-10_0.xsd" secure="true" port="4443" display-name="OC4J 10g (10.1.3) Secure Web Site" schema-major-version="10" schema-minor-version="0" >
<default-web-app application="default" name="defaultWebApp" />
<web-app application="Test-elexnet_service-WS" name="WebServices" load-on-startup="true" root="/Test-elexnet_service-context-root" />
<web-app application="Test-elexnet_service2-WS" name="WebServices" load-on-startup="true" root="/Test-elexnet_service2-context-root" />
<access-log path="../log/secure-web-access.log" split="day" />
<ssl-config keystore="C:\OracleESB\j2ee\home\oc4jkeystore.jks" keystore-password="xxx" />
</web-site>
I also have the following in my server.xml file:
<application name="javasso" path="../../home/applications/javasso.ear" parent="default" start="false" />
<application name="ascontrol" path="../../home/applications/ascontrol.ear" parent="system" start="true" />
<application name="esb-dt" path="../applications/oraesb-dt.ear" parent="default" start="true" />
<application name="orainfra" path="../applications/orainfra.ear" parent="default" start="true" />
<application name="esb-rt" path="../applications/oraesb-rt.ear" parent="esb-dt" start="true" />
<application name="esb-test" path="../applications/oraesb-test.ear" parent="default" start="true" />
<application name="Test-elexnet_service-WS" path="../applications\Test-elexnet_service-WS.ear" parent="default" start="true" />
<application name="webapp" path="../applications\webapp.ear" parent="default" start="true" />
<application name="Test-elexnet_service2-WS" path="../applications\Test-elexnet_service2-WS.ear" parent="default" start="true" />
<global-web-app-config path="global-web-application.xml" />
<transaction-manager-config path="transaction-manager.xml" />
<web-site default="true" path="./default-web-site.xml" />
<web-site path="./secure-web-site.xml" />
<cluster id="31671846181898" />
All I really want is to access the 2 web services via HTTPS. I can access the default applciation via https just fine but when I try to use https to access the web services I get a 404 Not found error (after first getting a security alert popup). I can still access the services via http though. In the log of the server I have the following errors that occured on startup of OC4J. They pertain to the secure web site and there is an error for each web service. I don't understand what they mean/what the problem is:
<MSG_TEXT>Internal error raised tyring to instantiate web-application: WebServices defined in web site OC4J 10g (10.1.3) Secure Web Site. Error compiling :C:\OracleESB\j2ee\home\applications\Test-elexnet_service2-WS\WebServices: Error instantiating compiler: IO error writing cache: C:\OracleESB\j2ee\home\application-deployments\Test-elexnet_service2-WS\WebServices\deployment-cache.jar</MSG_TEXT>
<MSG_TEXT>Internal error raised tyring to instantiate web-application: WebServices defined in web site OC4J 10g (10.1.3) Secure Web Site. Error compiling :C:\OracleESB\j2ee\home\applications\Test-elexnet_service-WS\WebServices: Error instantiating compiler: IO error writing cache: C:\OracleESB\j2ee\home\application-deployments\Test-elexnet_service-WS\WebServices\deployment-cache.jar</MSG_TEXT>
Anyone know what is going on? TIA!
Nick

I found that when I REMOVED the following from the default-web-site.xml
<web-app application="Test-elexnet_service-WS" name="WebServices" load-on-startup="true" root="/Test-elexnet_service-context-root" />
<web-app application="Test-elexnet_service2-WS" name="WebServices" load-on-startup="true" root="/Test-elexnet_service2-context-root" />
and restarted OC4J, then everything is ok and I don't get any errors. However I can only access the web services via HTTPS and not HTTP.
Anybody got any ideas?

Webservice to grab the files using HTTP

Hi,
Can any one guide me how to create a webservice to grab a file using HTTP? The scenario is that a webservice call should contact a system through HTTP to grab the file.
Please help.
Thanks,
Sunny
Edited by: Sunny1890 on Apr 2, 2009 7:00 PM

Use classes available in java.net package.

Using HTTP basic auth in WebService

Hi,
I am writing a flex app that needs to talk to a pre-existing
SOAP web service. Unfortunately the web service uses http basic
auth to authenticate a user. I am trying to figure out exactly how
this is accomplished but I cannot find any substantive data on the
subject. So I was hoping someone here could point me in the right
direction or possibly answer the question outright.
I DID find reference to using the useProxy attribute on the
WebService element (and that I would need to make some changes to a
flex-config.xml) but I could not get this to work, nor could I find
any explanation as to what exactly I was doing. I, as a workaround,
attempted to place the auth info in the url (e.g.
http://user:passwordhash@host:port/wsdl)
but this did not work either as the request never made it to the
server, I am assuming actionscript doesn't like this format?
Anyway, does anyone have any advice/pointers? Any help would
be appreciated.

Hi,
I am writing a flex app that needs to talk to a pre-existing
SOAP web service. Unfortunately the web service uses http basic
auth to authenticate a user. I am trying to figure out exactly how
this is accomplished but I cannot find any substantive data on the
subject. So I was hoping someone here could point me in the right
direction or possibly answer the question outright.
I DID find reference to using the useProxy attribute on the
WebService element (and that I would need to make some changes to a
flex-config.xml) but I could not get this to work, nor could I find
any explanation as to what exactly I was doing. I, as a workaround,
attempted to place the auth info in the url (e.g.
http://user:passwordhash@host:port/wsdl)
but this did not work either as the request never made it to the
server, I am assuming actionscript doesn't like this format?
Anyway, does anyone have any advice/pointers? Any help would
be appreciated.

WLS 8.1.4 - Generating WebService client with HTTP 1.1 protocol

I tried to generated a web service client (Weblogic Workshop 8.1.4) from a WSDL.
When I run this client I found that it uses HTTP 1.0 protocol (from access log)
Is there a way (flag,...) to force the client to use HTTP 1.1 protocol ?
Thanks
Andrea

martin ng wrote:
any reply so far?....seems to me weblogic need to improve their support. Whenever i make a query eveything goes to Forum.Hi. I hope it's documented somewhere that these forums are not
official BEA/WebLogic support. For quick official support, open
a case with them at:
http://www.bea.com/framework.jsp?CNT=index.htm&FP=/content/support/contacts/
Joe

Generating Webservice using HTTPS in XI.

Similar Messages

Maybe you are looking for