SSL implementation in IWS 6.0 ---(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA

Similar Messages

• JSSE SSL implementation on WLS 10.3.6

  Hello.
  We are migrating from WLS 10.3.3 to 10.3.6 and I saw in DOC [1] the following note [1]:
  "+Support for the Certicom SSL implementation is deprecated and will eventually be removed. For this purpose, this release of WebLogic Server continues to support the Certicom SSLPlus Java version 4.0 SSL implementation.+"
  Is there other known advices/advantages in using JSSE instead Certicom implementation for SSL on WLS? Something like performance or new features?
  Is there some known side effect when changing certicom to jsse on production env?
  [1] http://docs.oracle.com/cd/E23943_01/web.1111/e13707/ssl.htm#BABEFCIA
  Thanks.

  Tuelho wrote:
  Hello.
  We are migrating from WLS 10.3.3 to 10.3.6 and I saw in DOC [1] the following note [1]:
  "+Support for the Certicom SSL implementation is deprecated and will eventually be removed. For this purpose, this release of WebLogic Server continues to support the Certicom SSLPlus Java version 4.0 SSL implementation.+"
  Is there other known advices/advantages in using JSSE instead Certicom implementation for SSL on WLS? Something like performance or new features?
  All the new cryptos available in latest java will be available through JSSE, so if you need longer keys or newer/more secure cryptos, then JSSE is the way to go, but of course some things that were hardcoded to use Certicom SSL will break.

• Message send failed: SSL implementation not available

  Objective: to Jdev version 10.1.3 generate a client proxy for a given URL / wsdl and deploy to Oracle 10q
  for use in PL \ SQL package. The problem it is necessary to establish an SSL connection.
  After generating the client created AgentConnectClient class
  / / SSL
  System.setProperty("ssl.SocketFactory.provider","oracle.security.ssl.OracleSSLSocketFactoryImpl");
  System.setProperty("ssl.ServerSocketFactory.provider","oracle.security.ssl.OracleSSLServerSocketFactoryImpl");
  System.setProperty("java.protocol.handler.pkgs","HTTPClient");
  System.setProperty ("oracle.wallet.location", "/ etc / ORACLE / WALLETS / oracle");
  System.setProperty ("oracle.wallet.password", "passw");
  / / Client
  c = new AgentConnectClient ();
  / / end_point = "https:// ....";
  c.setEndpoint (end_point);
  CityListRequest requst = new CityListRequest ();
  CityListResponse response = new CityListResponse ();
  requst.setTimeStamp (Calendar.getInstance ());
  requst.setApiVersion (apiVersion);
  requst.setMaxRowsToReturn (new BigInteger (maxRowsToReturn.toString ()));
  / / request - response
  response = c.cityList (requst);
  Here there is a bug
  ; Nested exception is:
  HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: SSL implementation not available
  Can anyone help, any ideas welcome - thank you.
  Edited by: tyoma on Oct 6, 2011 6:52 PM

  I also have that error for days and still no answer from java people here. I don't think they don't know really what they are talking about even people from sun don't know how to solve this problem.

• Https unsupported: SSL implementation?

  Hi there,
  II have a web service client that connects to a WLS 8.1.5 server
  through SSL. In fact I have two servers with the same .ear file. I can
  browse to the test pages for the web services on both servers.
  Connecting with the client to one server works perfectly. But
  connecting to the other server gives me the following error.
  java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Failed to send request
  Detail:
  <detail>
  <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">java.io.IOException: https unsupported: SSL implementation not available or not c
  onfigured correctly.
  at weblogic.webservice.client.NullSSLAdapter.createSocket(NullSSLAdapter.java:27)
  at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:44)
  at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:62)
  at weblogic.webservice.binding.soap.HttpClientBinding.send(HttpClientBinding.java:177)
  at weblogic.webservice.core.handler.ClientHandler.handleRequest(ClientHandler.java:37)
  at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
  at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
  at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
  at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
  at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
  at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
  at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
  at com.te.tee.command.CommandBase.execute(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
  at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
  at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
  at java.lang.Thread.run(Unknown Source)
  </bea_fault:stacktrace>
  </detail>; nested exception is:
  javax.xml.rpc.soap.SOAPFaultException: Failed to send request
  at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:551)
  at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
  at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
  at com.te.tee.command.CommandBase.execute(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
  at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
  at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
  at java.lang.Thread.run(Unknown Source)
  Caused by: javax.xml.rpc.soap.SOAPFaultException: Failed to send request
  at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:314)
  at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
  at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
  at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
  ... 8 more
  The client reads the servers URL from a property file. The only thing
  that changes, when I modifiy a client to communicate with the other
  server, is the property file. Since to client hardly changes one would
  think that this problem is due to some incorrect configuration of one
  server. But NullSSLAdapter.createSocket(), where the exception
  originates, is on the client. So as far as I can tell the client never
  connects with the server. If so, the problem can't be on the server
  either. This is realy strange!
  Has anyone seen anything like this before, or have any idea, any at
  all, what the cause could be?
  Regars

  Hi there,
  II have a web service client that connects to a WLS 8.1.5 server
  through SSL. In fact I have two servers with the same .ear file. I can
  browse to the test pages for the web services on both servers.
  Connecting with the client to one server works perfectly. But
  connecting to the other server gives me the following error.
  java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Failed to send request
  Detail:
  <detail>
  <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">java.io.IOException: https unsupported: SSL implementation not available or not c
  onfigured correctly.
  at weblogic.webservice.client.NullSSLAdapter.createSocket(NullSSLAdapter.java:27)
  at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:44)
  at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:62)
  at weblogic.webservice.binding.soap.HttpClientBinding.send(HttpClientBinding.java:177)
  at weblogic.webservice.core.handler.ClientHandler.handleRequest(ClientHandler.java:37)
  at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
  at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
  at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
  at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
  at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
  at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
  at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
  at com.te.tee.command.CommandBase.execute(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
  at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
  at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
  at java.lang.Thread.run(Unknown Source)
  </bea_fault:stacktrace>
  </detail>; nested exception is:
  javax.xml.rpc.soap.SOAPFaultException: Failed to send request
  at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:551)
  at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
  at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
  at com.te.tee.command.CommandBase.execute(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
  at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
  at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
  at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
  at java.lang.Thread.run(Unknown Source)
  Caused by: javax.xml.rpc.soap.SOAPFaultException: Failed to send request
  at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:314)
  at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
  at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
  at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
  ... 8 more
  The client reads the servers URL from a property file. The only thing
  that changes, when I modifiy a client to communicate with the other
  server, is the property file. Since to client hardly changes one would
  think that this problem is due to some incorrect configuration of one
  server. But NullSSLAdapter.createSocket(), where the exception
  originates, is on the client. So as far as I can tell the client never
  connects with the server. If so, the problem can't be on the server
  either. This is realy strange!
  Has anyone seen anything like this before, or have any idea, any at
  all, what the cause could be?
  Regars

• SSL Implementation

  Hi all
  I've attempted to make a secure connection between my tomcat server and my Ipaq(running jeode) using Suns JSSE extension. I have seen that JSSE is compatible with this runtime but I keep encountering the error "SSL implementation not available". I have created an entry in the java.security class for the provider com.sun.net.ssl.internal.ssl.Provider, I have also attempted to add the provider dynamically by calling
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  Followed by setting protocol for handling SSL based connecting
  System.getProperties().put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
  I have noted from a forum message that the problem could be due to the truststore, although I have given a reference to truststore and the password in my class:
       System.getProperties().put("javax.net.ssl.trustStore", "Client\\clienttruststore");
       System.getProperties().put("javax.net.ssl.trustStoreType", "JCEKS");
       System.getProperties().put("javax.net.ssl.trustStorePassword", "PASSWORD");
  I really can't see what else I'm missing, perhaps the truststore or the JSSE jars need to be held in a particular location on my Ipaq?? Any comments would be appreciated as this has already eaten alot of time, TIA
  Tony

  Thanks for the reply Eric but having tried your suggestion I'm still getting the same error. No matter whether I define these variables on the command line or by making calls to the System within my app it still results in the "SSL implementation not available" error. I have expanded this stack trace using the jsse debug features and what I am getting seems to indicate that there is not a problem with the truststore but with the keystore.
  keystore is:
  keystore type is: jks
  init keystore
  default context init failed:
  java.security.PrivilegedActionException
  java.net.SocketException: SSL implementation not available
  However when I run the same client on my desktop machine running jdk1.4.1, again with the debug set to 'all' the trace shows the following:
  keyStore is :
  keyStore type is : jks
  init keystore
  init keymanager of type SunX509
  So on my desktop the keystore is being initialised but on the ipaq it is failing? any suggestions??
  Thanks again
  Tony

• SSL implementation on portal development

  Hi, All
  I have implemented SSL on QA using the standard port 443 and it is working fine.I did the same SSL implementation on portal development using the same port 443 and it doesn't work.When I call up the https url from IE for my portal development it seems like it's not connecting it just stays blank and it is not displaying anything.
  However when I change the port to 50001 it works fine nad everything on the web page is displayed but I want it to work on the standard port 443.Please help on rectifying this or any Ideas on how to solve this.
  Thank you

  You need to change the http provider service on your DEV portal dispatcher to use port 443 instead of 50001.
  Also, make sure there are no other web servers using that portal number on the same host as the DEV portal.
  Cheers
  Message was edited by:
          Michael Nicholls

• RE: SSL implementation not available (Https)

  I tried to use https from within a jsp with WLS 5.1
  using Suns JSSE but at least all i could produce
  was an SSL implementation not available exception.
  After converting the jsp to an application
  i get an:
  java.net.SocketException: Socket closed
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a
  Classpath and other installment procedures are the same,
  so i guess it has to do with wl environment.
  Besides:
  Does some support stuff read and care about this stuff?
  Or even anybody else?
  Bye, K

  You mean HTTPS from WLS to somewhere else?
  On your weblogic.policy file, add the following permissions ( the last
  two permissions shown below ):
  grant {
  // Permission "enableSubstitution" needed to run the WebLogic console
  permission java.io.SerializablePermission "enableSubstitution";
  // Permission "modifyThreadGroup" required to run the WebLogic Server
  < .... snip ..... >
  permission java.util.PropertyPermission "javax.net.ssl.trustStore",
  "read,write";
  permission java.util.PropertyPermission
  "java.protocol.handler.pkgs", "read,write";
  Then either dynamically or statically add the providers. I prefer the
  dynamic method:
  Security.addProvider(new sun.security.provider.Sun());
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  Finally, enable HTTS:
  System.setProperty( "java.protocol.handler.pkgs",
  "com.sun.net.ssl.internal.www.protocol" );
  One more note. You can simply put all the jar files of JSSE within your
  WEB-INF/lib directory. No need to modify any CLASSPATH or any
  environment variables.
  John Salvo
  Klaas wrote:
  I tried to use https from within a jsp with WLS 5.1
  using Suns JSSE but at least all i could produce
  was an SSL implementation not available exception.
  After converting the jsp to an application
  i get an:
  java.net.SocketException: Socket closed
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a
  Classpath and other installment procedures are the same,
  so i guess it has to do with wl environment.
  Besides:
  Does some support stuff read and care about this stuff?
  Or even anybody else?
  Bye, K

• SSL Implementation not available

  I am using JSSE1.0.2 and I am trying to create a URLConnection to a HTTPS Site. When I compile the application it throws an IO Exception that returns "SSL implementation not available". So far I have added the reference to the Security Provider in the java.security file, regenerated my keystore. Any Ideas?
  What I am trying to accomplish is a connection to a secured site and get the Response Code....sounds simple enough eh?

  you need to download a package for ssl support (jsse).
  follow the installation instructions( that will include how to make keys), and watch the examples, to see how to work with ssl sockets.

• SSL implementation not available ... Help!

  Using WLS 7.0 SP2 on HP-UX and when attempting to establish an outoing SSL connection
  I receive an "SSL implementation not available" exception.
  In the International version of WLS 7.0 I am able to establish the SSL connection,
  but when the same application is loaded into the same version of the Domestic
  WLS, it produces the exception.
  Usually I expect that exception when there is no appropriate CSP (Cryptographic
  Service Provider) entry in JAVA_HOME/jre/lib/security/java.security? How does
  one configure a Third Party CSP (Cryptographic Service Provider) for use in WLS?
  I am trying to use the Sun CSP.
  The code snippet that works on International WLS but not in Domestic WLS is below:
  String target = "https://localhost/testApp/NotificationServlet";
  URLConnection urlc = null;
  URL targetWebService;
  // load input file
  // Construct the URL using the HTTPS URL stream handler
  targetWebService = new URL(null, target, new Handler());
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  urlc = targetWebService.openConnection();
  urlc.setRequestProperty("Content-Type" , "text/xml" ) ;
  ((HttpURLConnection)urlc).setRequestMethod("POST") ; // It's a post request
  urlc.setDoOutput(true);
  urlc.setDoInput(true);
  OutputStream os = urlc.getOutputStream() ;
  os.write ( buf ) ;
  os.flush() ;
  os.close() ;
  } catch (IOException ioex) {
  System.out.println("PBM_APPLICATION_0252 Unable to connect to " + target
  + " " + ioex.getMessage());
  } catch (Exception ex) {
  System.out.println("PBM_APPLICATION_0252 Unable to connect to " + target
  + " " + ex.getMessage());
  Thanks.

  In 7.0 SSL implementation used by weblogic tries to use JCE provider before defaulting
  to its own. So, you should be able to make it use Sun's provider by moving it
  in front in java.security file, or doing the same through api. In any case, even
  when no JCE provider is configured, it should not fail. One of the reasons it
  could fail, though, is if you do not have proper SSL license (i.e. trying to do
  domestic strength encryption while having export license), but I think the error
  message would be different in this case.
  Are you passing weblogic.net.https.Handler to URL constructor? If yes, you can
  try to set ssl debug flags on to get more info about the failure: -Dssl.debug=true
  -Dweblogic.StdoutDebugEnabled=true
  Pavel.
  "L Selleck" <[email protected]> wrote:
  >
  Using WLS 7.0 SP2 on HP-UX and when attempting to establish an outoing
  SSL connection
  I receive an "SSL implementation not available" exception.
  In the International version of WLS 7.0 I am able to establish the SSL
  connection,
  but when the same application is loaded into the same version of the
  Domestic
  WLS, it produces the exception.
  Usually I expect that exception when there is no appropriate CSP (Cryptographic
  Service Provider) entry in JAVA_HOME/jre/lib/security/java.security?
  How does
  one configure a Third Party CSP (Cryptographic Service Provider) for
  use in WLS?
  I am trying to use the Sun CSP.
  The code snippet that works on International WLS but not in Domestic
  WLS is below:
  String target = "https://localhost/testApp/NotificationServlet";
  URLConnection urlc = null;
  URL targetWebService;
  // load input file
  // Construct the URL using the HTTPS URL stream handler
  targetWebService = new URL(null, target, new Handler());
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  urlc = targetWebService.openConnection();
  urlc.setRequestProperty("Content-Type" , "text/xml" ) ;
  ((HttpURLConnection)urlc).setRequestMethod("POST") ; // It's a
  post request
  urlc.setDoOutput(true);
  urlc.setDoInput(true);
  OutputStream os = urlc.getOutputStream() ;
  os.write ( buf ) ;
  os.flush() ;
  os.close() ;
  } catch (IOException ioex) {
  System.out.println("PBM_APPLICATION_0252 Unable to connect
  to " + target
  + " " + ioex.getMessage());
  } catch (Exception ex) {
  System.out.println("PBM_APPLICATION_0252 Unable to connect
  to " + target
  + " " + ex.getMessage());
  Thanks.

• SocketException: SSL implementation not available

  Anyone every see this error? I have the three JSSE1.0.2 jar files in my classpath. Anyone know what I'm missing to get this error? I also get the same error running the Sample SSLSocketClient that comes with JSSE1.0.2

  even i am trying to invoke a servlet through java Client
  using an "https" protcol.i am using jsse 1.0.2 .i got all the three jar files installed in my classpath and my code all contains
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
       System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
       System.setProperty("javax.net.ssl.trustStore","d:\\certificate");
  where d:\\certificate is the path where i have my client side certificate
  but i am getting the Error
  keyStore is :
  keyStore type is : jks
  init keystore
  init keymanager of type SunX509
  trustStore is: d:\certificate
  trustStore type is : jks
  default context init failed: java.security.PrivilegedActionException <<java.io.FileNotFoundExcepti
  on: d:\certificate (Access is denied)>>
  java.net.SocketException: SSL implementation not available
  at javax.net.ssl.DefaultSSLSocketFactory.createSocket([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198
  at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120
  198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-1
  20198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getOutputStream([DashoPr
  o-V1.2-120198])
  at JavaClient.main(JavaClient.java:57)
  can anybody help me out.
  I thank you guys for your help in advanced,
  Taimina

• SSL implementation not available on WebSphere 4.0

  I am hitting a wall. I am trying to make an https connection from my servlet code on WebSphere 4.0 to another server. I've installed the jsse as an extension into the java/jre/lib/ext in the websphere directory. I've updated the java.security to the following:
  security.provider.1=sun.security.provider.Sun
  security.provider.2=com.sun.net.ssl.internal.ssl.Provider
  security.provider.3=com.ibm.crypto.provider.IBMJCE
  security.provider.4=com.ibm.jsse.JSSEProvider
  I have my cacerts configured with the cert for the other system imported. This is killing me because it works without a problem on ServletExec. The stack trace follows...
  java.net.SocketException: SSL implementation not available at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getOutputStream([DashoPro-V1.2-120198]) at testjsp_9._jspService(_test_jsp_9.java:100) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:142) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.ibm.servlet.dynacache.CacheHook.handleFragment(CacheHook.java:245) at com.ibm.servlet.dynacache.CacheHook.handleServlet(CacheHook.java:89) at com.ibm.servlet.dynacache.CacheManager.handleServlet(CacheManager.java:223) at org.apache.jasper.runtime.JspServlet$JspServletWrapper.service(JspServlet.java:299) at org.apache.jasper.runtime.JspServlet.serviceJspFile(JspServlet.java:445) at org.apache.jasper.runtime.JspServlet.service(JspServlet.java:579) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.ibm.servlet.engine.webapp.StrictServletInstance.doService(ServletManager.java:827) at com.ibm.servlet.engine.webapp.StrictLifecycleServlet._service(StrictLifecycleServlet.java:167) at com.ibm.servlet.engine.webapp.IdleServletState.service(StrictLifecycleServlet.java:297) at com.ibm.servlet.engine.webapp.StrictLifecycleServlet.service(StrictLifecycleServlet.java:110) at com.ibm.servlet.engine.webapp.ServletInstance.service(ServletManager.java:472) at com.ibm.servlet.engine.webapp.ValidServletReferenceState.dispatch(ServletManager.java:1012) at com.ibm.servlet.engine.webapp.ServletInstanceReference.dispatch(ServletManager.java:913) at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(WebAppRequestDispatcher.java:665) at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:331) at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:117) at com.ibm.servlet.engine.srt.WebAppInvoker.doForward(WebAppInvoker.java:124) at com.ibm.servlet.engine.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:218) at com.ibm.servlet.engine.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:67) at com.ibm.servlet.engine.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:122) at com.ibm.servlet.engine.oselistener.OSEListenerDispatcher.service(OSEListener.java:315) at com.ibm.servlet.engine.http11.HttpConnection.handleRequest(HttpConnection.java:60) at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:323) at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:252) at com.ibm.ws.util.CachedThread.run(ThreadPool.java:137)

  I think my problem is with the keystore/truststore....
  previous postings made it sound like you could do this programatically by pointing to truststore rather than adding certs to cacerts with keytool? In this case I a just running a main pgm from wsad-ide.
  Oh yeah, we are behind a firewall and use a proxy-server to get out. the settings provided were gotten from ie:tools:options:connections tab, lan settings; I am not sure if that is what is supposed to be supplied for https:proxyport and https:proxyhost parms.
  (I get the dreaded "untrusted server cert chain")
  thanks in advance for any help.
  -Rick V.
  public static void performTaskTest() {
  StringBuffer outXML = null;
  StringBuffer url = null;
  String responseString = null;
  StringBuffer responseSB = new StringBuffer();
  java.net.URL urlClass = null;
  com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection urlConn = null;
  java.io.DataOutputStream printout = null;
  java.io.DataInputStream input = null;
  try {
       responseSB = new StringBuffer();
       outXML = new StringBuffer();
       url = new StringBuffer();
       url.append("https://blah.com/blahServlet");
       System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
       Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
       System.getProperties().put( "https.proxyHost", "www-proxy.myco.com" );
       System.getProperties().put( "https.proxyPort", "80" );
       System.setProperty("javax.net.ssl.trustStore","C:\\Program Files\\IBM\\Application Developer\\jre\\lib\\security\\cacerts");
       System.setProperty("javax.net.ssl.keyStorePassword","changeit");
       urlClass = new java.net.URL(url.toString());
       urlConn = (com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection) urlClass.openConnection();
       urlConn.setDoInput(true);
       urlConn.setDoOutput(true);
       urlConn.setUseCaches(false);
       urlConn.setRequestMethod("POST");
       urlConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
       printout = new java.io.DataOutputStream(urlConn.getOutputStream());
       StringBuffer content = new StringBuffer();
       content.append("?");
       content.append("&");
       content.append("XMLData");
       content.append("=");
       content.append(java.net.URLEncoder.encode("aaaaaaaaaa"));
       printout.writeBytes(content.toString());
       printout.flush();
       printout.close();
       java.io.BufferedReader outXMLBR =
                 new java.io.BufferedReader(
                      new java.io.InputStreamReader(urlConn.getInputStream()));
       String str;
       while (null != ((str = outXMLBR.readLine()))) {
            responseSB.append(str);
       outXMLBR.close();
            // the result!!!!
       System.out.println(responseSB);
  } catch (Throwable e) {
       System.out.println(e.getMessage());

• Getting standard Java SSL implementation to work with Weblogic

  JDK 1.3.1
  Weblogic 7.03
  I need to allow for code within my WLS application to act as a SSL client to a remote Web service.
  For standalone (non-WLS) code, I am using the standard Sun provided SSL implementation libraries (using jsse.jar, jcert.jar, and jnet.jar place in JRE_HOME/lib/ext), along with the appropriate changes to the JRE_HOME/lib/security/java.security file (security.provider.3=com.sun.net.ssl.internal.ssl.Provider) and the -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol setting on the Java command line. That works fine.
  However, if I attempt to provide the -D option on my Weblogic server Java command line, it gives me an out of memory error. My thinking was that the settings for the JRE would work but they don't seem to.
  My question is how does one set up Weblogic server apps. to successfully act as SSL clients in a static way via configuration files? Can this only be done dynamically?
  Thanks,
  Wes

  JDK 1.3.1
  Weblogic 7.03
  I need to allow for code within my WLS application to act as a SSL client to a remote Web service.
  For standalone (non-WLS) code, I am using the standard Sun provided SSL implementation libraries (using jsse.jar, jcert.jar, and jnet.jar place in JRE_HOME/lib/ext), along with the appropriate changes to the JRE_HOME/lib/security/java.security file (security.provider.3=com.sun.net.ssl.internal.ssl.Provider) and the -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol setting on the Java command line. That works fine.
  However, if I attempt to provide the -D option on my Weblogic server Java command line, it gives me an out of memory error. My thinking was that the settings for the JRE would work but they don't seem to.
  My question is how does one set up Weblogic server apps. to successfully act as SSL clients in a static way via configuration files? Can this only be done dynamically?
  Thanks,
  Wes

• Secured webservice java net socketexception ssl implementation not avail

  Hi all,
  i am trying to call a secured webservice (which has authentication and trusted certificate) from plsql by using a java stub generated using JDeveloper 10.1.
  I called the java method using a wrapper procedure for the java class in plsql.
  While trying to call the webservice i am gettting the following exception
  SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.net.SocketException: SSL >>implementation not available; targetException=java.lang.IllegalArgumentException: Error opening socket: >>java.net.SocketException: SSL implementation not available
  *** 2010-02-06 18:32:14.155
  at org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.java:436)
  at org.apache.soap.messaging.Message.send(Message.java:125)
  The problem happens only when i call a secured webservice, whereas i can able to call the certificate less common webservices. Please provide a way to proceed.
  Thanks,
  Ramesh.R

  The name of this forum is "Database - General" not "Java and SOAP and stuff"
  Please change the subject to "Please Ignore" and post in the correct Java group.
  Thank you.

• SSL implementation on iplanet web server 6.0

  Hi,
  we've successfully implemented verisign SSL certificate on iplanet web server 6.0 and we have configured the a parent directory to non-ssl class and the a sub directory to the ssl-class. when we tried to run a JSP page, we are getting an error that the page is not found.
  if both are configured for the same directory (ie.. the parent directory then its working fine)....
  can anybody tell me what went wrong with the implementation...
  thanks in advance,
  regards
  Ramachandran

  How did you configure one directory use ssl and another director not? Are you using only one listener?
  I would like to configure my iws to work like this:
  a directory like server/app uses ssl3
  another directory like server/appler uses ssl3 without client authentication. Important: I�m not able to create another listener. I must use listerners already created.

• How do I use an SSL Accelerator with iWS 6?

  I have an application that uses iWS 6 sp2 and iAS 6 sp4. The web server exposes a https port. I can get this port to work fine with a certificate requested against the internal module. When I use the module supplied by the SSL accelerator (Sun Crypto Accelerator 1) I can install and view a certificate, but I cannot start the web server. I get the following error in my logs:
  [18/Mar/2002:15:57:17] failure ( 2820): Invalid configuration: File /usr/local/iplanet/servers/https-www.exsel.org.uk/config/server.xml, line 22, column 390: SEC_ERROR_BAD_DER - Certificate is improperly DER encoded : unable to find certificate Server-Cert
  I can see a certificate by this name in the cerfticate database for the additional module. I can view it and it looks good (I'm generating my own certificates at the moment - so I know that the internal and external certificates were generated in the same way).
  Has anyone any experience of using this combination of things?

  I think you are getting your certificates crossed up some how. "Server-Cert" is normally the name of the internal certificate. See what the name of the one installed on your accelerator is and change the name in server.xml to match that. Be sure to backup up all your files first!