SSL Implementation

Hi all
I've attempted to make a secure connection between my tomcat server and my Ipaq(running jeode) using Suns JSSE extension. I have seen that JSSE is compatible with this runtime but I keep encountering the error "SSL implementation not available". I have created an entry in the java.security class for the provider com.sun.net.ssl.internal.ssl.Provider, I have also attempted to add the provider dynamically by calling
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
Followed by setting protocol for handling SSL based connecting
System.getProperties().put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
I have noted from a forum message that the problem could be due to the truststore, although I have given a reference to truststore and the password in my class:
     System.getProperties().put("javax.net.ssl.trustStore", "Client\\clienttruststore");
     System.getProperties().put("javax.net.ssl.trustStoreType", "JCEKS");
     System.getProperties().put("javax.net.ssl.trustStorePassword", "PASSWORD");
I really can't see what else I'm missing, perhaps the truststore or the JSSE jars need to be held in a particular location on my Ipaq?? Any comments would be appreciated as this has already eaten alot of time, TIA
Tony

Thanks for the reply Eric but having tried your suggestion I'm still getting the same error. No matter whether I define these variables on the command line or by making calls to the System within my app it still results in the "SSL implementation not available" error. I have expanded this stack trace using the jsse debug features and what I am getting seems to indicate that there is not a problem with the truststore but with the keystore.
keystore is:
keystore type is: jks
init keystore
default context init failed:
java.security.PrivilegedActionException
java.net.SocketException: SSL implementation not available
However when I run the same client on my desktop machine running jdk1.4.1, again with the debug set to 'all' the trace shows the following:
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
So on my desktop the keystore is being initialised but on the ipaq it is failing? any suggestions??
Thanks again
Tony

Similar Messages

JSSE SSL implementation on WLS 10.3.6

Hello.
We are migrating from WLS 10.3.3 to 10.3.6 and I saw in DOC [1] the following note [1]:
"+Support for the Certicom SSL implementation is deprecated and will eventually be removed. For this purpose, this release of WebLogic Server continues to support the Certicom SSLPlus Java version 4.0 SSL implementation.+"
Is there other known advices/advantages in using JSSE instead Certicom implementation for SSL on WLS? Something like performance or new features?
Is there some known side effect when changing certicom to jsse on production env?
[1] http://docs.oracle.com/cd/E23943_01/web.1111/e13707/ssl.htm#BABEFCIA
Thanks.

Tuelho wrote:
Hello.
We are migrating from WLS 10.3.3 to 10.3.6 and I saw in DOC [1] the following note [1]:
"+Support for the Certicom SSL implementation is deprecated and will eventually be removed. For this purpose, this release of WebLogic Server continues to support the Certicom SSLPlus Java version 4.0 SSL implementation.+"
Is there other known advices/advantages in using JSSE instead Certicom implementation for SSL on WLS? Something like performance or new features?
All the new cryptos available in latest java will be available through JSSE, so if you need longer keys or newer/more secure cryptos, then JSSE is the way to go, but of course some things that were hardcoded to use Certicom SSL will break.

Message send failed: SSL implementation not available

Objective: to Jdev version 10.1.3 generate a client proxy for a given URL / wsdl and deploy to Oracle 10q
for use in PL \ SQL package. The problem it is necessary to establish an SSL connection.
After generating the client created AgentConnectClient class
/ / SSL
System.setProperty("ssl.SocketFactory.provider","oracle.security.ssl.OracleSSLSocketFactoryImpl");
System.setProperty("ssl.ServerSocketFactory.provider","oracle.security.ssl.OracleSSLServerSocketFactoryImpl");
System.setProperty("java.protocol.handler.pkgs","HTTPClient");
System.setProperty ("oracle.wallet.location", "/ etc / ORACLE / WALLETS / oracle");
System.setProperty ("oracle.wallet.password", "passw");
/ / Client
c = new AgentConnectClient ();
/ / end_point = "https:// ....";
c.setEndpoint (end_point);
CityListRequest requst = new CityListRequest ();
CityListResponse response = new CityListResponse ();
requst.setTimeStamp (Calendar.getInstance ());
requst.setApiVersion (apiVersion);
requst.setMaxRowsToReturn (new BigInteger (maxRowsToReturn.toString ()));
/ / request - response
response = c.cityList (requst);
Here there is a bug
; Nested exception is:
HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: SSL implementation not available
Can anyone help, any ideas welcome - thank you.
Edited by: tyoma on Oct 6, 2011 6:52 PM

I also have that error for days and still no answer from java people here. I don't think they don't know really what they are talking about even people from sun don't know how to solve this problem.

Https unsupported: SSL implementation?

Hi there,
II have a web service client that connects to a WLS 8.1.5 server
through SSL. In fact I have two servers with the same .ear file. I can
browse to the test pages for the web services on both servers.
Connecting with the client to one server works perfectly. But
connecting to the other server gives me the following error.
java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Failed to send request
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">java.io.IOException: https unsupported: SSL implementation not available or not c
onfigured correctly.
at weblogic.webservice.client.NullSSLAdapter.createSocket(NullSSLAdapter.java:27)
at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:44)
at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:62)
at weblogic.webservice.binding.soap.HttpClientBinding.send(HttpClientBinding.java:177)
at weblogic.webservice.core.handler.ClientHandler.handleRequest(ClientHandler.java:37)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
at com.te.tee.command.CommandBase.execute(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
</bea_fault:stacktrace>
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Failed to send request
at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:551)
at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
at com.te.tee.command.CommandBase.execute(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.xml.rpc.soap.SOAPFaultException: Failed to send request
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:314)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
... 8 more
The client reads the servers URL from a property file. The only thing
that changes, when I modifiy a client to communicate with the other
server, is the property file. Since to client hardly changes one would
think that this problem is due to some incorrect configuration of one
server. But NullSSLAdapter.createSocket(), where the exception
originates, is on the client. So as far as I can tell the client never
connects with the server. If so, the problem can't be on the server
either. This is realy strange!
Has anyone seen anything like this before, or have any idea, any at
all, what the cause could be?
Regars

Hi there,
II have a web service client that connects to a WLS 8.1.5 server
through SSL. In fact I have two servers with the same .ear file. I can
browse to the test pages for the web services on both servers.
Connecting with the client to one server works perfectly. But
connecting to the other server gives me the following error.
java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Failed to send request
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">java.io.IOException: https unsupported: SSL implementation not available or not c
onfigured correctly.
at weblogic.webservice.client.NullSSLAdapter.createSocket(NullSSLAdapter.java:27)
at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:44)
at weblogic.webservice.binding.https.HttpsClientBinding.createSocket(HttpsClientBinding.java:62)
at weblogic.webservice.binding.soap.HttpClientBinding.send(HttpClientBinding.java:177)
at weblogic.webservice.core.handler.ClientHandler.handleRequest(ClientHandler.java:37)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
at com.te.tee.command.CommandBase.execute(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
</bea_fault:stacktrace>
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Failed to send request
at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:551)
at com.te.myapp.generic.command.MyappCommonFacadeProxy.listMunicipals(MyappCommonFacadeProxy.java:251)
at com.te.myapp.generic.command.ListMunicipalsCommand.performExecute(ListMunicipalsCommand.java:50)
at com.te.tee.command.CommandBase.execute(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.executeCommand(Unknown Source)
at com.te.tee.client.application.communication.CfCommandCommunication.doSend(Unknown Source)
at com.te.tee.client.application.communication.CfAbstractCommunication.executeRequest(Unknown Source)
at com.te.tee.client.application.communication.CfRequestQueue.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.xml.rpc.soap.SOAPFaultException: Failed to send request
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:314)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
at com.te.myapp.generic.command.wsclient.MyappCommonFacadePort_Stub.listMunicipals(MyappCommonFacadePort_Stub.java:543)
... 8 more
The client reads the servers URL from a property file. The only thing
that changes, when I modifiy a client to communicate with the other
server, is the property file. Since to client hardly changes one would
think that this problem is due to some incorrect configuration of one
server. But NullSSLAdapter.createSocket(), where the exception
originates, is on the client. So as far as I can tell the client never
connects with the server. If so, the problem can't be on the server
either. This is realy strange!
Has anyone seen anything like this before, or have any idea, any at
all, what the cause could be?
Regars

SSL implementation on portal development

Hi, All
I have implemented SSL on QA using the standard port 443 and it is working fine.I did the same SSL implementation on portal development using the same port 443 and it doesn't work.When I call up the https url from IE for my portal development it seems like it's not connecting it just stays blank and it is not displaying anything.
However when I change the port to 50001 it works fine nad everything on the web page is displayed but I want it to work on the standard port 443.Please help on rectifying this or any Ideas on how to solve this.
Thank you

You need to change the http provider service on your DEV portal dispatcher to use port 443 instead of 50001.
Also, make sure there are no other web servers using that portal number on the same host as the DEV portal.
Cheers
Message was edited by:
Michael Nicholls

RE: SSL implementation not available (Https)

I tried to use https from within a jsp with WLS 5.1
using Suns JSSE but at least all i could produce
was an SSL implementation not available exception.
After converting the jsp to an application
i get an:
java.net.SocketException: Socket closed
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a
Classpath and other installment procedures are the same,
so i guess it has to do with wl environment.
Besides:
Does some support stuff read and care about this stuff?
Or even anybody else?
Bye, K

You mean HTTPS from WLS to somewhere else?
On your weblogic.policy file, add the following permissions ( the last
two permissions shown below ):
grant {
// Permission "enableSubstitution" needed to run the WebLogic console
permission java.io.SerializablePermission "enableSubstitution";
// Permission "modifyThreadGroup" required to run the WebLogic Server
< .... snip ..... >
permission java.util.PropertyPermission "javax.net.ssl.trustStore",
"read,write";
permission java.util.PropertyPermission
"java.protocol.handler.pkgs", "read,write";
Then either dynamically or statically add the providers. I prefer the
dynamic method:
Security.addProvider(new sun.security.provider.Sun());
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
Finally, enable HTTS:
System.setProperty( "java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol" );
One more note. You can simply put all the jar files of JSSE within your
WEB-INF/lib directory. No need to modify any CLASSPATH or any
environment variables.
John Salvo
Klaas wrote:
I tried to use https from within a jsp with WLS 5.1
using Suns JSSE but at least all i could produce
was an SSL implementation not available exception.
After converting the jsp to an application
i get an:
java.net.SocketException: Socket closed
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a
Classpath and other installment procedures are the same,
so i guess it has to do with wl environment.
Besides:
Does some support stuff read and care about this stuff?
Or even anybody else?
Bye, K

SSL Implementation not available

I am using JSSE1.0.2 and I am trying to create a URLConnection to a HTTPS Site. When I compile the application it throws an IO Exception that returns "SSL implementation not available". So far I have added the reference to the Security Provider in the java.security file, regenerated my keystore. Any Ideas?
What I am trying to accomplish is a connection to a secured site and get the Response Code....sounds simple enough eh?

you need to download a package for ssl support (jsse).
follow the installation instructions( that will include how to make keys), and watch the examples, to see how to work with ssl sockets.

SSL implementation not available ... Help!

Using WLS 7.0 SP2 on HP-UX and when attempting to establish an outoing SSL connection
I receive an "SSL implementation not available" exception.
In the International version of WLS 7.0 I am able to establish the SSL connection,
but when the same application is loaded into the same version of the Domestic
WLS, it produces the exception.
Usually I expect that exception when there is no appropriate CSP (Cryptographic
Service Provider) entry in JAVA_HOME/jre/lib/security/java.security? How does
one configure a Third Party CSP (Cryptographic Service Provider) for use in WLS?
I am trying to use the Sun CSP.
The code snippet that works on International WLS but not in Domestic WLS is below:
String target = "https://localhost/testApp/NotificationServlet";
URLConnection urlc = null;
URL targetWebService;
// load input file
// Construct the URL using the HTTPS URL stream handler
targetWebService = new URL(null, target, new Handler());
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
urlc = targetWebService.openConnection();
urlc.setRequestProperty("Content-Type" , "text/xml" ) ;
((HttpURLConnection)urlc).setRequestMethod("POST") ; // It's a post request
urlc.setDoOutput(true);
urlc.setDoInput(true);
OutputStream os = urlc.getOutputStream() ;
os.write ( buf ) ;
os.flush() ;
os.close() ;
} catch (IOException ioex) {
System.out.println("PBM_APPLICATION_0252 Unable to connect to " + target
+ " " + ioex.getMessage());
} catch (Exception ex) {
System.out.println("PBM_APPLICATION_0252 Unable to connect to " + target
+ " " + ex.getMessage());
Thanks.

In 7.0 SSL implementation used by weblogic tries to use JCE provider before defaulting
to its own. So, you should be able to make it use Sun's provider by moving it
in front in java.security file, or doing the same through api. In any case, even
when no JCE provider is configured, it should not fail. One of the reasons it
could fail, though, is if you do not have proper SSL license (i.e. trying to do
domestic strength encryption while having export license), but I think the error
message would be different in this case.
Are you passing weblogic.net.https.Handler to URL constructor? If yes, you can
try to set ssl debug flags on to get more info about the failure: -Dssl.debug=true
-Dweblogic.StdoutDebugEnabled=true
Pavel.
"L Selleck" <[email protected]> wrote:
>
Using WLS 7.0 SP2 on HP-UX and when attempting to establish an outoing
SSL connection
I receive an "SSL implementation not available" exception.
In the International version of WLS 7.0 I am able to establish the SSL
connection,
but when the same application is loaded into the same version of the
Domestic
WLS, it produces the exception.
Usually I expect that exception when there is no appropriate CSP (Cryptographic
Service Provider) entry in JAVA_HOME/jre/lib/security/java.security?
How does
one configure a Third Party CSP (Cryptographic Service Provider) for
use in WLS?
I am trying to use the Sun CSP.
The code snippet that works on International WLS but not in Domestic
WLS is below:
String target = "https://localhost/testApp/NotificationServlet";
URLConnection urlc = null;
URL targetWebService;
// load input file
// Construct the URL using the HTTPS URL stream handler
targetWebService = new URL(null, target, new Handler());
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
urlc = targetWebService.openConnection();
urlc.setRequestProperty("Content-Type" , "text/xml" ) ;
((HttpURLConnection)urlc).setRequestMethod("POST") ; // It's a
post request
urlc.setDoOutput(true);
urlc.setDoInput(true);
OutputStream os = urlc.getOutputStream() ;
os.write ( buf ) ;
os.flush() ;
os.close() ;
} catch (IOException ioex) {
System.out.println("PBM_APPLICATION_0252 Unable to connect
to " + target
+ " " + ioex.getMessage());
} catch (Exception ex) {
System.out.println("PBM_APPLICATION_0252 Unable to connect
to " + target
+ " " + ex.getMessage());
Thanks.

SocketException: SSL implementation not available

Anyone every see this error? I have the three JSSE1.0.2 jar files in my classpath. Anyone know what I'm missing to get this error? I also get the same error running the Sample SSLSocketClient that comes with JSSE1.0.2

even i am trying to invoke a servlet through java Client
using an "https" protcol.i am using jsse 1.0.2 .i got all the three jar files installed in my classpath and my code all contains
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.ssl.trustStore","d:\\certificate");
where d:\\certificate is the path where i have my client side certificate
but i am getting the Error
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: d:\certificate
trustStore type is : jks
default context init failed: java.security.PrivilegedActionException <<java.io.FileNotFoundExcepti
on: d:\certificate (Access is denied)>>
java.net.SocketException: SSL implementation not available
at javax.net.ssl.DefaultSSLSocketFactory.createSocket([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198
at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120
198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-1
20198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getOutputStream([DashoPr
o-V1.2-120198])
at JavaClient.main(JavaClient.java:57)
can anybody help me out.
I thank you guys for your help in advanced,
Taimina

SSL implementation not available on WebSphere 4.0

I am hitting a wall. I am trying to make an https connection from my servlet code on WebSphere 4.0 to another server. I've installed the jsse as an extension into the java/jre/lib/ext in the websphere directory. I've updated the java.security to the following:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
security.provider.3=com.ibm.crypto.provider.IBMJCE
security.provider.4=com.ibm.jsse.JSSEProvider
I have my cacerts configured with the cert for the other system imported. This is killing me because it works without a problem on ServletExec. The stack trace follows...
java.net.SocketException: SSL implementation not available at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getOutputStream([DashoPro-V1.2-120198]) at testjsp_9._jspService(_test_jsp_9.java:100) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:142) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.ibm.servlet.dynacache.CacheHook.handleFragment(CacheHook.java:245) at com.ibm.servlet.dynacache.CacheHook.handleServlet(CacheHook.java:89) at com.ibm.servlet.dynacache.CacheManager.handleServlet(CacheManager.java:223) at org.apache.jasper.runtime.JspServlet$JspServletWrapper.service(JspServlet.java:299) at org.apache.jasper.runtime.JspServlet.serviceJspFile(JspServlet.java:445) at org.apache.jasper.runtime.JspServlet.service(JspServlet.java:579) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.ibm.servlet.engine.webapp.StrictServletInstance.doService(ServletManager.java:827) at com.ibm.servlet.engine.webapp.StrictLifecycleServlet._service(StrictLifecycleServlet.java:167) at com.ibm.servlet.engine.webapp.IdleServletState.service(StrictLifecycleServlet.java:297) at com.ibm.servlet.engine.webapp.StrictLifecycleServlet.service(StrictLifecycleServlet.java:110) at com.ibm.servlet.engine.webapp.ServletInstance.service(ServletManager.java:472) at com.ibm.servlet.engine.webapp.ValidServletReferenceState.dispatch(ServletManager.java:1012) at com.ibm.servlet.engine.webapp.ServletInstanceReference.dispatch(ServletManager.java:913) at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(WebAppRequestDispatcher.java:665) at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:331) at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:117) at com.ibm.servlet.engine.srt.WebAppInvoker.doForward(WebAppInvoker.java:124) at com.ibm.servlet.engine.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:218) at com.ibm.servlet.engine.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:67) at com.ibm.servlet.engine.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:122) at com.ibm.servlet.engine.oselistener.OSEListenerDispatcher.service(OSEListener.java:315) at com.ibm.servlet.engine.http11.HttpConnection.handleRequest(HttpConnection.java:60) at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:323) at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:252) at com.ibm.ws.util.CachedThread.run(ThreadPool.java:137)

I think my problem is with the keystore/truststore....
previous postings made it sound like you could do this programatically by pointing to truststore rather than adding certs to cacerts with keytool? In this case I a just running a main pgm from wsad-ide.
Oh yeah, we are behind a firewall and use a proxy-server to get out. the settings provided were gotten from ie:tools:options:connections tab, lan settings; I am not sure if that is what is supposed to be supplied for https:proxyport and https:proxyhost parms.
(I get the dreaded "untrusted server cert chain")
thanks in advance for any help.
-Rick V.
public static void performTaskTest() {
StringBuffer outXML = null;
StringBuffer url = null;
String responseString = null;
StringBuffer responseSB = new StringBuffer();
java.net.URL urlClass = null;
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection urlConn = null;
java.io.DataOutputStream printout = null;
java.io.DataInputStream input = null;
try {
     responseSB = new StringBuffer();
     outXML = new StringBuffer();
     url = new StringBuffer();
     url.append("https://blah.com/blahServlet");
     System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
     Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
     System.getProperties().put( "https.proxyHost", "www-proxy.myco.com" );
     System.getProperties().put( "https.proxyPort", "80" );
     System.setProperty("javax.net.ssl.trustStore","C:\\Program Files\\IBM\\Application Developer\\jre\\lib\\security\\cacerts");
     System.setProperty("javax.net.ssl.keyStorePassword","changeit");
     urlClass = new java.net.URL(url.toString());
     urlConn = (com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection) urlClass.openConnection();
     urlConn.setDoInput(true);
     urlConn.setDoOutput(true);
     urlConn.setUseCaches(false);
     urlConn.setRequestMethod("POST");
     urlConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
     printout = new java.io.DataOutputStream(urlConn.getOutputStream());
     StringBuffer content = new StringBuffer();
     content.append("?");
     content.append("&");
     content.append("XMLData");
     content.append("=");
     content.append(java.net.URLEncoder.encode("aaaaaaaaaa"));
     printout.writeBytes(content.toString());
     printout.flush();
     printout.close();
     java.io.BufferedReader outXMLBR =
               new java.io.BufferedReader(
                    new java.io.InputStreamReader(urlConn.getInputStream()));
     String str;
     while (null != ((str = outXMLBR.readLine()))) {
          responseSB.append(str);
     outXMLBR.close();
          // the result!!!!
     System.out.println(responseSB);
} catch (Throwable e) {
     System.out.println(e.getMessage());

Getting standard Java SSL implementation to work with Weblogic

JDK 1.3.1
Weblogic 7.03
I need to allow for code within my WLS application to act as a SSL client to a remote Web service.
For standalone (non-WLS) code, I am using the standard Sun provided SSL implementation libraries (using jsse.jar, jcert.jar, and jnet.jar place in JRE_HOME/lib/ext), along with the appropriate changes to the JRE_HOME/lib/security/java.security file (security.provider.3=com.sun.net.ssl.internal.ssl.Provider) and the -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol setting on the Java command line. That works fine.
However, if I attempt to provide the -D option on my Weblogic server Java command line, it gives me an out of memory error. My thinking was that the settings for the JRE would work but they don't seem to.
My question is how does one set up Weblogic server apps. to successfully act as SSL clients in a static way via configuration files? Can this only be done dynamically?
Thanks,
Wes

JDK 1.3.1
Weblogic 7.03
I need to allow for code within my WLS application to act as a SSL client to a remote Web service.
For standalone (non-WLS) code, I am using the standard Sun provided SSL implementation libraries (using jsse.jar, jcert.jar, and jnet.jar place in JRE_HOME/lib/ext), along with the appropriate changes to the JRE_HOME/lib/security/java.security file (security.provider.3=com.sun.net.ssl.internal.ssl.Provider) and the -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol setting on the Java command line. That works fine.
However, if I attempt to provide the -D option on my Weblogic server Java command line, it gives me an out of memory error. My thinking was that the settings for the JRE would work but they don't seem to.
My question is how does one set up Weblogic server apps. to successfully act as SSL clients in a static way via configuration files? Can this only be done dynamically?
Thanks,
Wes

Secured webservice java net socketexception ssl implementation not avail

Hi all,
i am trying to call a secured webservice (which has authentication and trusted certificate) from plsql by using a java stub generated using JDeveloper 10.1.
I called the java method using a wrapper procedure for the java class in plsql.
While trying to call the webservice i am gettting the following exception
SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.net.SocketException: SSL >>implementation not available; targetException=java.lang.IllegalArgumentException: Error opening socket: >>java.net.SocketException: SSL implementation not available
*** 2010-02-06 18:32:14.155
at org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.java:436)
at org.apache.soap.messaging.Message.send(Message.java:125)
The problem happens only when i call a secured webservice, whereas i can able to call the certificate less common webservices. Please provide a way to proceed.
Thanks,
Ramesh.R

The name of this forum is "Database - General" not "Java and SOAP and stuff"
Please change the subject to "Please Ignore" and post in the correct Java group.
Thank you.

SSL implementation in Java

Hi to all
I am new to SSL topic and i am trying to implement SSL,so,please help me in this regard.
I am implementing SSL in JSSE(Java).We are developing our Application through self-signed certificate.
The client is implementing SSL on C Language and server on Java language.
How to communicate between these client and server .First i want to know how to generate keys,Certificates and how to exchange the certificates between client and server.
Give me one example in this regard.
Thank you

Thanks for your reply........
I already studied the whole JSSE Reference guide. But there is no explanation when the client is implementing SSL on C Language and server on Java language.
How to communicate between these client and server
Please please help in this regard.
Thank u in advance.

SSL implementation on iplanet web server 6.0

Hi,
we've successfully implemented verisign SSL certificate on iplanet web server 6.0 and we have configured the a parent directory to non-ssl class and the a sub directory to the ssl-class. when we tried to run a JSP page, we are getting an error that the page is not found.
if both are configured for the same directory (ie.. the parent directory then its working fine)....
can anybody tell me what went wrong with the implementation...
thanks in advance,
regards
Ramachandran

How did you configure one directory use ssl and another director not? Are you using only one listener?
I would like to configure my iws to work like this:
a directory like server/app uses ssl3
another directory like server/appler uses ssl3 without client authentication. Important: I�m not able to create another listener. I must use listerners already created.

Unable to Start Oracle Apache after SSL implementation

Hi,
We are on Oracle EBS 11i(11.5.10.2) on Windows 2003(32-Bit)
We want to implement SSL for HTTP server. I tried this on our test instance by following +11i: A Guide to Understanding and Implementing SSL for Oracle Applications [ID 123718.1]+
After implementing SSL, Oracle Apache is not starting and gives "Service didnt report error". I expected the adapcctl.cmd to prompt for password. I understand that in Unix Apache must be started as root in SSL mode. Is there any specific I need to do for Windows? After reverting the context file to the original file and running autoconfig Apache is starting normally.
Please let me know if I had to anything Windows specific.
Rgds,
Thiru.

Thanks.
I did all that is mentioned in Note: +11i: A Guide to Understanding and Implementing SSL for Oracle Applications [ID 123718.1]+. Also referred to +Troubleshooting SSL with Oracle Applications 11i [ID 300969.1]+.
After enabling Trace in httpd.conf I am getting the following error in ssl_engline_log
+[24/ÇÈÑíá/2011 16:50:15 00624] [info] Server: Oracle HTTP Server Powered by Apache/1.3.19, Interface: mod_ssl/2.8.1, Library: OpenSSL/0.9.5a+
+[24/ÇÈÑíá/2011 16:50:15 00624] [info] Init: 1st startup round (still not detached)+
+[24/ÇÈÑíá/2011 16:50:15 00624] [info] Init: Initializing OpenSSL library+
+[24/ÇÈÑíá/2011 16:50:15 00624] [info] Init: Loading certificate & private key of SSL-aware server dvlp003.imtac.com:443+
+[24/ÇÈÑíá/2011 16:50:15 00624] [trace] Init: (dvlp003.imtac.com:443) unencrypted RSA private key - pass phrase not required+
+[24/ÇÈÑíá/2011 16:50:15 00624] [info] Init: Loading certificate & private key of SSL-aware server dvlp003.imtac.com:10010+
+[24/ÇÈÑíá/2011 16:50:15 00624] [trace] Init: (dvlp003.imtac.com:10010) unencrypted RSA private key - pass phrase not required+
+[24/ÇÈÑíá/2011 16:50:15 00624] [info] Init: Seeding PRNG with 136 bytes of entropy+
+[24/ÇÈÑíá/2011 16:50:15 00624] [info] Init: Generating temporary RSA private keys (512/1024 bits)+
+[24/ÇÈÑíá/2011 16:50:16 00624] [info] Init: Configuring temporary DH parameters (512/1024 bits)+
+[24/ÇÈÑíá/2011 16:50:16 00624] [trace] Inter-Process Session Cache (DBM) Expiry: old: 0, new: 0, removed: 0+
+[24/ÇÈÑíá/2011 16:50:16 00624] [info] Init: Seeding PRNG with 136 bytes of entropy+
+[24/ÇÈÑíá/2011 16:50:16 00624] [info] Init: Configuring temporary RSA private keys (512/1024 bits)+
+[24/ÇÈÑíá/2011 16:50:16 00624] [info] Init: Configuring temporary DH parameters (512/1024 bits)+
+[24/ÇÈÑíá/2011 16:50:16 00624] [info] Init: Initializing (virtual) servers for SSL+
+[24/ÇÈÑíá/2011 16:50:16 00624] [info] Init: Configuring server dvlp003.imtac.com:443 for SSL protocol+
+[24/ÇÈÑíá/2011 16:50:16 00624] [trace] Init: (dvlp003.imtac.com:443) Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1)+
+[24/ÇÈÑíá/2011 16:50:16 00624] [trace] Init: (dvlp003.imtac.com:443) Configuring RSA server certificate+
+[24/ÇÈÑíá/2011 16:50:16 00624] [trace] Init: (dvlp003.imtac.com:443) Configuring RSA server private key+
+[24/ÇÈÑíá/2011 16:50:16 00624] [trace] Init: (dvlp003.imtac.com:443) Configuring server certificate chain (3 CA certificates)+
+[24/ÇÈÑíá/2011 16:50:16 00624] [info] Init: Configuring server dvlp003.imtac.com:10010 for SSL protocol+
+[24/ÇÈÑíá/2011 16:50:16 00624] [error] Init: (dvlp003.imtac.com:10010) Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!)+
I am using port 443. The changes made to application tier context file is:
set the %s_url_protocol variable to https
set the %s_local_url_protocol variable to https
set the %s_webentryurlprotocol variable to https
set the %s_frmConnectMode variable to https
set the %s_webssl_port variable to the Apache SSL port required
set the %s_active_webport variable to the same value as that for the %s_webssl_port variable
set the %s_webport variable to the same value as that for the %s_webssl_port variable
set the %s_web_ssl_directory variable to point to the full directory path of the directory that is to contain the .crt and .key files that you are using for Apache
set %s_apps_portal_url variable to https
AutoConfig completed sucessfully. Our env is 11.5.10.2 on Windows 2003.
Rgds,
Thiru

SSL Implementation

Similar Messages

Maybe you are looking for