I am having trouble Trouble implementing one-way SSL on WebLogic 9.2...

Similar Messages

• Implementing 2-way ssl

  Hi i have configured the keystore as "Custom Identity and Custom Trust", given the key store names for both given the Identity alisa name under the 'SSL' tab, in 'Advanced' i am enforcing for client certificate. But when i start to access the application, i see the following error
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <Alert received from peer, notifying peer we received it: com.certicom.tls.record.alert.Alert@16a86fc>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Warning> <Security> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-090481> <NO_CERTIFICATE alert was received from ASST218297.uk.pri.o2.com - 172.17.247.10. Verify the SSL configuration has a proper SSL certificate chain and private key specified.>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <NO_CERTIFICATE received by peer, checking with TrustManager>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <validationCallback: validateErr = 0>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <Required peer certificates not supplied by peer>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecurityCertPath> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <CertPathTrustManagerUtils.certificateCallback: certPathValStype = 0>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecurityCertPath> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <CertPathTrustManagerUtils.certificateCallback: validateErr = 4>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecurityCertPath> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <CertPathTrustManagerUtils.certificateCallback: returning false because of built-in SSL validation errors>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <weblogic user specified trustmanager validation status 4>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Warning> <Security> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-090508> <Certificate chain received from ASST218297.uk.pri.o2.com - 172.17.247.10 was incomplete.>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <Validation error = 4>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <Certificate chain is incomplete>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <User defined JSSE trustmanagers not allowed to override>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <SSLTrustValidator returns: 68>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <Trust failure (68): CERT_CHAIN_INCOMPLETE>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <NO_CERTIFICATE received by peer, not trusted, sending HANDSHAKE_FAILURE to peer>
  ####<04-Mar-2010 12:18:00 o'clock GMT> <Debug> <SecuritySSL> <ASST218297> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1267705080783> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 40
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.record.alert.AlertHandler.handle(Unknown Source)
       at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
       at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
       at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
       at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  any replies please....

  Hi,
  thanks, actually while searching in the net, i found a blog where there were a few steps for implementing 2-way SSL in weblogic.
  http://huyplus.blogspot.com/2010/02/2-way-ssl-with-weblogic-server-103.html?showComment=1267793234806_AIe9_BGsO6q6ENB4YZWtQyX53CzpN8TWcSn08RqNv6z8W3V7NRI3Qlcf4NuEM35O1niTSsYXd4rxjfUT63J2XFXOHjY8W56_sC-E3MGydylLHxDivVEjR0pQnSPv_Tx7CXOqT64AGNhhs06MEM9CBhpOtHcUHwvQMPtPeDAAJcwP1I9TzEIGNzNEQlWn9INrvLzP9_RAYESO3Wcxbl6b9eRgZt_jktfllVbxcvztIV3zoeQ8XlqgpN4S7Z82yCbUS1E7lFl46FZK#c8740869862805814451
  fortunately, this is working, i mean the server is working as expected, but in the console, it says that the certificate chain is incomplete....
  Anyways thanks for the links and suggestions...
  if possible could you please provide me some reference for resolving this issue.
  Thanks again
  Sharma

• OSB: Implementing 2 way ssl for a particular proxy

  Hi All,
  We have a requirement to implement 2 way ssl support for one of our OSB proxy and 1 way ssl support for all other proxies in our project.
  we have enabled HTTS on OSB and configured 2-way ssl on weblogic server. It is working fine.
  But the 2 way ssl configuration on weblogic server impacts all other proxy services deployed on that node. Because of weblogic configuration "Two Way Client Cert Behavior: Client Certs Requested and Enforced", the server expects all request to present the client certificate..
  But our requirement is, Only 1 proxy service should enforce 2-way ssl, all other proxies should only support 1 -way ssl(server authentication).
  Is there any way to implement our requirement?.
  we want to configure weblogic with "Two Way Client Cert Behavior: Client Certs Requested but not and Enforced OR Client Certs NOT Requested" and then in the proxy service we want to enforce client certificate..
  Is it possible to implement? If so can anyone help to explain the steps?
  Thanks in advance
  Edited by: user13109986 on Oct 24, 2012 9:30 AM

  It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

• Difference Between One-way SSL and Two Way SSL

  Hi ,
  Can any tell difference between one way and two ssl. apache to weblogic server which type of ssl we can configure. Please provide information on this.
  thanks

  In short below is the difference:
  One Way SSL - Only the client authenticates the server
  - This means that the public cert of the server needs to configured in the trust store of the client for this to happen.
  Two Way SSL - The client authenticates the server & the server also authenticates the client.
  - This means that the public cert of the server needs to configured in the trust store of the client for this to happen.
  - Also the public cert of the client needs to be configured on the server's trust store
  Please refer to http://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/index.jsp?topic=%2Fcom.ibm.mq.csqzas.doc%2Fsy10660_.htm. In case of Two way SSL the step numbers 5 & 6 also occur.
  You can implement either of them between apache and weblogic.
  Hope this helps.
  Thanks,
  Patrick

• Apache 2.2 21 forward Proxy 2 way SSL for weblogic server as a client

  Hi All,
  Currently, i am trying to implement a forward SSL proxy. The client will hit my apache server which in return will hit a IIS Server.
  scenarios 1
  client(weblogic)--*2 way SSL*Apache(forward proxy)*2 way SSL*-- IIS
  If i were to implement 1 way ssl, i am able to see the content of the website.
  client(weblogic) --- Apache(forward proxy) --- IIS
  If i were to launch the web browser from the client machine (with the client certificate imported in the browser), i am able to view the content in the IIS. But if i were to simulate the connection from weblogic server, it just give me end of file exception (response contain no data) on the logs.
  Below is my configuration
  Listen 8080
  <VirtualHost default:8080>
  ServerName serverA
  ErrorLog "logs/ssl_error_log"
  CustomLog "logs/ssl_access_log" common
  SSLProxyEngine On
  SSLProxyMachineCertificateFile /certificate/servercert.cer
  SSLProxyCACertificateFile /certificate/rootCA.cer
  SSLProxyVerify require
  SSLProxyVerifyDepth 10
  ProxyRequests On
  ProxyVia On
  AllowConnect 12345
  <Proxy *>
  Order allow,deny
  Allow from all
  </Proxy>
  </VirtualHost>
  For 2 way SSL, will the client forward their client certificate to my apache proxy server and apache will on the client behalf forward the client certificate to the IIS server for authenication?
  Or the SSL authenication still happen between the client (weblogic) and the end server (IIS) bypassing the proxy server.
  Please help.

  It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

• How to implement 2-way SSL in OSB web services

  Hi ,
  I need to implement secured SSL communication in my OSB web services . For this I have used the self signed certificates in weblogic console and configured them .
  I also enabled the https parameter in my proxy service but now when I am trying to open the proxy wsdl in browser it says unauthorised access.
  Even in SOAP UI when I am trying to access it says "Error loading wsdl" .
  Please help.

  Hi,
  Do you have created a Service Key provider and attached the same to proxy service.
  Oracle Service Bus verifies that you have associated a service key provider with the proxy service and that the service key provider contains a key-pair binding that can be used as a digital signature.
  Service Key Providers
  Regards,
  Abhinav

• Ldapbind failed over SSL  (U2 – "one way", "U3-two way") from Oracle DB to

  Hi
  I am facing the below error when I try ldapbind (database server to OID) over SSL (U2 – “one way”, “U3-two way”)
  *** ACTION NAME:() 2010-09-29 07:09:46.691
  *** MODULE NAME:(sqlplus@alddbux01 (TNS V1-V3)) 2010-09-29 07:09:46.691
  *** SERVICE NAME:(SYS$USERS) 2010-09-29 07:09:46.691
  *** SESSION ID:(121.274) 2010-09-29 07:09:46.691
  kzld_discover received ldaptype: OID
  KZLD_ERR: DB-OID SSL auth failed. Err=0
  KZLD is doing LDAP unbind
  KZLD_ERR: found err from kzldini
  Environment details:
  OID Server:
  OS: Enterprise Linux Enterprise Linux AS release 5.3
  Hostname : aldidmux02
  Oracle Internet Directory 11.1.1.2.0
  Realm in this OID is “dc=mycmsc,dc=com”
  Oracle Database Server:
  OS: Sun Solrais 5.10
  Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
  Hostname: alddbux01
  Key points:
  1.     As per metalink notes 466662.1, I am trying to setup EUS between DB - OID.
  First difference I see here is OID version (10.1.4.0.1) in notes & using OID 11g (11.1.1.2.0) in my environment for testing.
  a)     Are these steps applicable for OID11g(11.1.1.2.0) version?
  b)     If not please provide me the references for achieving ldap authentication from Oracle database server with OID 11g as ldap user repository.
  c)     As per task1 > step3 For the first time oidctl command is used to connect & start the instance before starting services using opmnctl. What is the procedure to do the same in OID11g?
  2.     Wallet certificates in my environment OID & Database server status shows “Ready”

  Is it possible to get an answer on this one from someone who knows?
  "Leif Kristian Vadseth" <[email protected]> wrote in
  message news:[email protected]..
  In WLS 6.0 I was able to configue the server SSL protocol so that when
  accessing the server (web application) from a web browser over https, the
  browser showed a list of matching installed client certificates that the
  client can choose, but the client could choose not to present his/hers
  certificate and still continue to access the requested resources.
  In WLS 6.1 I have not been able to repeat this behaviour, even if the SSL
  configuration is exactly the same.
  The project I work in wants to have both one-way SSL (using only username
  and password for authentication) and two-way SSL (using both
  username/password and certificate for authentication) in the same server.
  Is it possible to configure the server the way I want or do we have to
  configue two servers; one that does not require mutual authentication, and
  one that requires this?
  Leif Kristian Vadseth

• Two way SSL issue in weblogic

  Hi All,
  we have enabled 2 way SSL in weblogic, we have one Admin Server and one managed (soa) server version 11.1.1.5
  steps we have followed:
  we have imported identity certificate and key file to a custom identity store
  improted trust certificates to a custom trust keystore
  in weblogic consile: soa_server1-> keystires : we have updated custom identity and trust details
  in weblogic consile: soa_server1-> ssl - we have updated required custom identity details and selected " Client Certs Requested And Enforced" for Two Way Client Cert Behavior.
  but while testing our process we are getting below error:
  we have tried openssl to test the connectivity but not sure about the output, is there any way to trace the SSL connection?
  any input will be really helpful.
  <AIASessionPoolManagerFault xmlns="http://xmlns.oracle.com/AIASessionPoolManager">
  -<part name="summary">
  <summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  com.oracle.bpel.client.BPELFault: faultName: {{http://xmlns.oracle.com/AIASessionPoolManager}AIASessionPoolManagerFault}
  messageType: {{http://schemas.oracle.com/bpel/extension}RuntimeFaultMessage}
  parts: {{
  summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
  ,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
       SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+:443/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&amp;SWEExtCmd=Execute&amp;WSSOAP=1 ]
       java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
       javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
       </detail>
  ,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
  </summary>
  </part>
  -<part name="detail">
  <detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  Error on AIASessionPoolManager.bpel: Operation=Get.
       SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&SWEExtCmd=Execute&WSSOAP=1 ]
       java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
       javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
  </detail>
  </part>
  TIA,
  Vivek
  Edited by: 909283 on Apr 15, 2013 12:07 AM

  Hi Kishor/Rene,
  Thanks for the reply, we have already referred to the mentioned Oracle Note and enabled SSL debugging.
  while starting Admin server we are getting below output:
  Can you please confirm from below logs that SSL connection is correct, i have also provided below the error message we are getting in our process.
  <Apr 2, 2013 6:49:56 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 316588026>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 105197569742293346305268
  Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN= Test AD Objects CA1
  Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN= xyz>.com.au, EMAIL=<abcd>@<.com>
  Not Valid Before:Thu Oct 11 11:00:23 EST 2012
  Not Valid After:Sat Oct 11 11:00:23 EST 2014
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 458601664052503175495693
  Issuer:CN=<xyz> Test Policy CA
  Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
  Not Valid Before:Thu Nov 10 15:24:24 EST 2011
  Not Valid After:Thu Nov 10 15:34:24 EST 2016
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 105197569742293346305268
  Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
  Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN=<abcd>.<.com>, EMAIL=<abcd>@<.com>
  Not Valid Before:Thu Oct 11 11:00:23 EST 2012
  Not Valid After:Sat Oct 11 11:00:23 EST 2014
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 458601664052503175495693
  Issuer:CN=<xyz> Test Policy CA
  Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
  Not Valid Before:Thu Nov 10 15:24:24 EST 2011
  Not Valid After:Thu Nov 10 15:34:24 EST 2016
  Signature Algorithm:SHA1withRSA
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (0): NONE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: <abcd>.<.com>>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerKeyExchange RSA>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHelloDone>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 70>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 16>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received CHANGE_CIPHER_SPEC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Finished>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 8>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 26>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 26>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 26>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 24>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 45>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 45>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 45>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 15>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 30>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 30>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 30>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 18>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 23>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 23>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 23>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 20>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 41>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 41>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 41>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 7>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 13>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 13>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 13>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
  java.lang.Exception: New alert stack
  at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
  at javax.net.ssl.impl.SSLLayeredSocket.close(Unknown Source)
  at weblogic.nodemanager.client.NMServerClient.disconnect(NMServerClient.java:276)
  at weblogic.nodemanager.client.NMServerClient.done(NMServerClient.java:138)
  at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:423)
  at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:440)
  at weblogic.server.ServerLifeCycleRuntime.getStateNodeManager(ServerLifeCycleRuntime.java:752)
  at weblogic.server.ServerLifeCycleRuntime.getState(ServerLifeCycleRuntime.java:584)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at weblogic.management.jmx.modelmbean.WLSModelMBean.getAttribute(WLSModelMBean.java:525)
  at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:666)
  at com.sun.jmx.mbeanserver.JmxMBeanServer.getAttribute(JmxMBeanServer.java:638)
  at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.getAttribute(FederatedMBeanServerInterceptor.java:308)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.mbeanservers.internal.JMXContextInterceptor.getAttribute(JMXContextInterceptor.java:157)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.getAttribute(SecurityInterceptor.java:299)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServer.getAttribute(WLSMBeanServer.java:279)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5$1.run(JMXConnectorSubjectForwarder.java:326)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5.run(JMXConnectorSubjectForwarder.java:324)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.getAttribute(JMXConnectorSubjectForwarder.java:319)
  at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1404)
  at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
  at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
  at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
  at javax.management.remote.rmi.RMIConnectionImpl.getAttribute(RMIConnectionImpl.java:600)
  at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
  at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
  at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.getAttribute(Unknown Source)
  at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.getAttribute(RMIConnector.java:878)
  at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:263)
  at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:504)
  at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)
  at $Proxy138.getState(Unknown Source)
  at com.bea.console.actions.core.server.ServerTableAction.populateServerRuntimeTableBean(ServerTableAction.java:365)
  at com.bea.console.actions.core.server.ServerTableAction$ServerTableWork.run(ServerTableAction.java:498)
  at weblogic.work.commonj.CommonjWorkManagerImpl$WorkWithListener.run(CommonjWorkManagerImpl.java:203)
  at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  >
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 316565651>
  <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 316588026>
  error in bpel process:
  summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
  ,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
  SessionPoolHost.getSession(Siebel,190001): SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@16670d1d]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://<host>:443/eai_enu/start.swe?SWEExtSource=SecureWebService&amp;SWEExtCmd=Execute&amp;WSSOAP=1 ].
  java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
  javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure</detail>
  ,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
  </summary>
  TIA,
  Vivek
  Edited by: 909283 on Apr 15, 2013 12:08 AM

• 1 WAY SSL issue.

  Our Domain has one proxy server and a weblogic cluster with 2 managed server running on Weblogic Integration Server 8.1 SP5.
  The proxy will forward the request to the cluster in a round robin.
  The environment is configured for 2 way SSL and the configuration works fine.
  The authorization used is perimeter authorization using HttpClusterServlet.
  Now I need one way ssl.
  Since the managed servers are configured for 1 way ssl I am trying to access the managed servers by bypassing the proxy.
  I am getting the following error.
  "Error 401--Unauthorized xxx
  From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
  10.4.2 401 Unauthorized
  I cehcked the server logs are getting the following error.
  Any help?
  Thanks && Regards,
  Rajeev
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 10330858>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLSocket will be Muxing>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLIOContextTable.findContext(is): 20100894>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 readRecord()>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 SSL3/TLS MAC>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 received HANDSHAKE>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientHello>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 length = 58>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 length = 2120>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 length = 4>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 readRecord()>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 SSL3/TLS MAC>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 received HANDSHAKE>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientKeyExchange>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ClientKeyExchange RSA>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 readRecord()>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 SSL3/TLS MAC>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 received CHANGE_CIPHER_SPEC>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <isMuxerActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 readRecord()>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 SSL3/TLS MAC>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <31630577 received HANDSHAKE>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Finished>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <write CHANGE_CIPHER_SPEC offset = 0 length = 1>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <write HANDSHAKE offset = 0 length = 40>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLIOContextTable.findContext(sock): 9712642>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <activateNoRegister()>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <avalable(): 31630577 : 0 + 0 = 0>
  <Nov 27, 2006 4:33:45 PM EST> <Debug> <TLS> <000000> <SSLFilter.activate(): activated: 20100894 31630577>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 read( offset: 0 length: 4080 )>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <isMuxerActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <hasSSLRecord()>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <hasSSLRecord returns true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 readRecord()>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 SSL3/TLS MAC>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 received APPLICATION_DATA>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 APPDATA databufferLen 0>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 APPDATA contentLength 572>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 read databufferLen 572>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 read A returns 572>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 read( offset: 572 length: 3508 )>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <isMuxerActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <hasSSLRecord()>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 Rethrowing InterruptedIOException>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLIOContextTable.findContext(sock): 9712642>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <activateNoRegister()>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <avalable(): 31630577 : 0 + 0 = 0>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLFilter.activate(): activated: 20100894 31630577>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 read( offset: 572 length: 3508 )>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <isMuxerActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLFilter.isActivated: true>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <hasSSLRecord()>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <hasSSLRecord returns false 1>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <31630577 Rethrowing InterruptedIOException>
  *** ServletRequestImpl.setClientCertProxy.x509ProxyClientCert ***null
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <write APPLICATION_DATA offset = 0 length = 339>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <write APPLICATION_DATA offset = 6 length = 1526>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <NEW ALERT: com.certicom.tls.record.alert.Alert@89314f Severity: 1 Type: 0
  java.lang.Throwable: Stack trace
  at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
  at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
  at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
  at weblogic.socket.SocketMuxer.closeSocket(SocketMuxer.java:267)
  at weblogic.socket.SocketMuxer.cleanupSocket(SocketMuxer.java:605)
  at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:569)
  at weblogic.socket.SocketMuxer.deliverEndOfStream(SocketMuxer.java:513)
  at weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:1221)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2637)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
  >
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <avalable(): 31630577 : 0 + 0 = 0>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <write ALERT offset = 0 length = 2>
  <Nov 27, 2006 4:33:46 PM EST> <Debug> <TLS> <000000> <SSLIOContextTable.removeContext(ctx): 10330858>

  I have exactly the same problem, except that I regularly open up the npr site. But here is the real problem. I open firefox>preferences>advanced>encryption>view certificates>add exception. But here is the problem. I can not click on the box to permanently store exception. This box appears permanently closed.
  I am currently running firefox 9.01, and I've got to say I never had any problems with firefox in all the years I've used it. But ever since it went through this dizzying series of upgrades from 3.6 to the present it has given me problems.
  I am a regular npr listener, and so this annoying error message is really making me consider permanently leaving firefox for chrome or safari.

• 2 way SSL in web services [using Axis]

  Hi,
  Can anyone tell me how to implement 2 way SSL handshake before making a web service call , using Axis.
  This is what i have to start off with:
  1. wsdl, which i use to create the client side files [using eclipse] do meet the business needs.
  2. I also have my [client] key and cert and the servers root cert, required for SSL handshake
  Thanks for the help,
  Sandy

  Hi,
  Do you have created a Service Key provider and attached the same to proxy service.
  Oracle Service Bus verifies that you have associated a service key provider with the proxy service and that the service key provider contains a key-pair binding that can be used as a digital signature.
  Service Key Providers
  Regards,
  Abhinav

• WebLogic 10.3.3 - 2-Way SSL setup between WLS JMS Foregin Server & IBM MQ 6

  Hi,
  I am trying to configure 2-Way SSL between WebLogic 10.3.3 using JMS Foreign Server and IBM MQ 6. I could not find any documentation on this.
  Can someone provide with steps for setting up 2-Way between WebLogic and IBM MQ?
  Also I want to use SSLPEERNAME attribute in MQ Connection Factory and generate bindings so that I can connect to correct queuemanager on MQ side. Please let me know the configuration steps and check's that have to be done on WLS and IBM MQ side on this.
  Thanks in advance
  - BoyelT

  Check this:
  http://www.ibm.com/developerworks/websphere/library/techarticles/0510_fehners/0510_fehners.html

• Two way ssl with self signed certificate?

  How can I use a self signed certificate with two-way SSL with weblogic 7sp4?
  Specfically, I don't want to use any CA authority.
  Is it possible to simply have the clients certificate in the servers truststore or not?
  I pull out the certificate via
  javax.servlet.request.X509Certificate
  but when I use a self signed certificate it's never there.
  If I instead use a certificate that was created with CertGen it works. But CertGen uses the GenCertCA to create the certificate chain.

  How can I use a self signed certificate with two-way SSL with weblogic 7sp4?
  Specfically, I don't want to use any CA authority.
  Is it possible to simply have the clients certificate in the servers truststore or not?
  I pull out the certificate via
  javax.servlet.request.X509Certificate
  but when I use a self signed certificate it's never there.
  If I instead use a certificate that was created with CertGen it works. But CertGen uses the GenCertCA to create the certificate chain.

• I'm having some trouble transferring audio books to my iPhone.  It usually takes 3 or 4 tries to get all the parts transferred.  I didn't use to have this problem - all parts would transfer in one try.

  I'm having some trouble transferring audio books to my iPhone.  It usually takes 3 or 4 tries to get all the parts transferred.  I didn't use to have this problem - all parts would transfer in one try.

  carolinechx wrote:
  i know the description may be a little bit too confusing
  Mostly because you are not using any capital letters or paragraph returns and your post is difficult to read.

• I am having trouble activating my one to one membership, any suggestions?

  I am having trouble activating my One to One membership, any suggestions?

  Hello,
  Try Apple's Express Lane...
  https://expresslane.apple.com/

• I'm running Windows XP and FF 8.0. I'm having more trouble than ever with intermittent streaming and videos not playing all the way through. What is the easiest way to fix this?

  . I'm running Windows XP and FF 8.0. I'm having more trouble than ever with intermittent streaming and videos not playing all the way through. What is the easiest way to fix this?

  That may be a problem with the VLC plugin. VLC has never worked for me properly on the occasions that I've tried it on Windows and Linux, so I have stop using it. There are usually other plugins or media players available that work better.
  What kind of media files are that?
  For WMP files you can install the new Windows Media Player plugin you can also try RealPlayer and QuickTime if it is about media that those programs can handle to see if that works better.
  * https://support.mozilla.com/kb/Using+the+Windows+Media+Player+plugin+with+Firefox
  * http://kb.mozillazine.org/Windows_Media_Player#Missing_plugin
  * http://www.interoperabilitybridges.com/windows-media-player-firefox-plugin-download