Weblogic 4.5 SSL

Hi Listers,
I have Weblogic 4.5 in porduction and I want use SSL.
I have generated certificates with openSSL and installed in Weblogic. Weblogic logs shows all things fines but the browser popups each time the message that the content contains no secure content!
Could anyone help me to figure out what`s wrong?
Thank you in advance and have nice day,
Ben

I suggest taking a look at the documentation on enabling Weblogic SSL in our
online documentation.
This describes completely a background of encryption and key lengths.
Thanks,
Michael Girdley
WLS Product Manager
Manuel Ley <[email protected]> wrote in message
news:8dfq30$r3h$[email protected]..
Do you enable SSL in the following mode:
1. 128-bit key encription?
2. 512-bit key encription?
3. 1024-bit key encription?

Similar Messages

  • Facing problem in installing certificate on Weblogic for the SSL

    I am doing the setup for secure socket layer(SSL) in weblogic server
    .I
    have created the certificate which need for ssl by using the Openssl ,
    after
    that I entered path for all the file relate to setup by using the
    weblogic
    console. Once I have complete all this entries, I restarted the server ,
    at
    the time of restart its giving the following error. I am also sending
    the
    screen short of console and the log files as an attachment.
    <Feb 4, 2002 4:45:46 PM GMT-05:00> <Alert> <WebLogicServer> <Security
    configuration problem with certificat
    e file config/cauvery-key.pem, java.io.EOFException>
    java.io.EOFException
    at weblogic.security.Utils.inputByte(Utils.java:133)
    at
    weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
    at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
    at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
    at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)
    <Feb 4, 2002 4:45:58 PM GMT-05:00> <Notice> <Management> <Starting
    discovery
    of Managed Server... This feat
    Please help us to solve this problem

    Hi.
    Try posting this question in the security newsgroup.
    Thanks,
    Michael
    Ankur wrote:
    I am doing the setup for secure socket layer(SSL) in weblogic server
    I
    have created the certificate which need for ssl by using the Openssl ,
    after
    that I entered path for all the file relate to setup by using the
    weblogic
    console. Once I have complete all this entries, I restarted the server ,
    at
    the time of restart its giving the following error. I am also sending
    the
    screen short of console and the log files as an attachment.
    <Feb 4, 2002 4:45:46 PM GMT-05:00> <Alert> <WebLogicServer> <Security
    configuration problem with certificat
    e file config/cauvery-key.pem, java.io.EOFException>
    java.io.EOFException
    at weblogic.security.Utils.inputByte(Utils.java:133)
    at
    weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
    at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
    at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
    at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)
    <Feb 4, 2002 4:45:58 PM GMT-05:00> <Notice> <Management> <Starting
    discovery
    of Managed Server... This feat
    Please help us to solve this problem--
    Michael Young
    Developer Relations Engineer
    BEA Support

  • Issue porting WebLogic 8.1 SSL Socket code to WebLogic 9.2

    I did not write this code, but am trying to port the code from Weblogic 8.1 to Weblogic 9.2. The code comes from a custom OpenLDAPAuthenticator, that uses a SSL Socket to connect to an LDAP server.
    The following lines are used:
    Socket socket = SSLSocketFactory.getDefaultJSSE().createSocket(host, port);
    if (socket instanceof SSLSocket) {
      SSLContextWrapper sslcontextwrapper = SSLContextManager.getInstance().getDefaultSSLContext();
      sslcontextwrapper.forceHandshakeOnAcceptedSocket((SSLSocket) socket);
    }Does anyone know what this forceHandshakeOnAcceptedSocket method does, and if there is way to write this in WebLogic 9.2?
    Thanks

    I did not write this code, but am trying to port the code from Weblogic 8.1 to Weblogic 9.2. The code comes from a custom OpenLDAPAuthenticator, that uses a SSL Socket to connect to an LDAP server.
    The following lines are used:
    Socket socket = SSLSocketFactory.getDefaultJSSE().createSocket(host, port);
    if (socket instanceof SSLSocket) {
      SSLContextWrapper sslcontextwrapper = SSLContextManager.getInstance().getDefaultSSLContext();
      sslcontextwrapper.forceHandshakeOnAcceptedSocket((SSLSocket) socket);
    }Does anyone know what this forceHandshakeOnAcceptedSocket method does, and if there is way to write this in WebLogic 9.2?
    Thanks

  • Netscape SSL Proxy to Weblogic 6.0 SSL port doesn't work.

    Has anyone tried Netscape iPlanet Proxying to Weblogic 6.0 port 7002 using SSL? I'm getting an error reponse when I look at the Netscape error log file. The message: "[12/Apr/2001:15:37:15] failure (29375): for host 191.162.18.16 trying to GET /Login.jsp, wl-proxy reports: Error reading WebLogic Response from 191.162.18.16:7002 at line 764 of proxy.cpp, errMsg='File not found'", but if I use port 7001, it works fine.This is my obj.conf:Service fn="wl-proxy" WebLogicHost="191.162.18.16" WebLogicPort="7002" SecureProxy="ON" TrustedCAFile="/opt/bea_weblogic/wlserver6.0/config/myserver/democert.pem" RequireSSLHostMatch="FALSE"

    The server was stopped at 5:52 pm cst....
    Dec 30, 2008 5:52:40 PM org.apache.coyote.http11.Http11Protocol destroy
    INFO: Stopping Coyote HTTP/1.1 on http-12080
    This is the log at start-up at 8:30 pm cst...
    Dec 30, 2008 8:26:06 PM org.apache.catalina.core.AprLifecycleListener init
    INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin;.;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\j2sdk1.4.2_13
    Dec 30, 2008 8:26:06 PM org.apache.coyote.http11.Http11Protocol init
    INFO: Initializing Coyote HTTP/1.1 on http-12080
    Dec 30, 2008 8:26:06 PM org.apache.catalina.startup.Catalina load
    INFO: Initialization processed in 1098 ms
    Dec 30, 2008 8:26:06 PM org.apache.catalina.core.StandardService start
    INFO: Starting service Catalina
    Dec 30, 2008 8:26:06 PM org.apache.catalina.core.StandardEngine start
    INFO: Starting Servlet Engine: Apache Tomcat/6.0.18
    Dec 30, 2008 8:26:11 PM org.apache.catalina.core.StandardContext start
    SEVERE: Error listenerStart
    Dec 30, 2008 8:26:11 PM org.apache.catalina.core.StandardContext start
    SEVERE: Context [GADXML] startup failed due to previous errors
    Dec 30, 2008 8:26:13 PM org.apache.coyote.http11.Http11Protocol start
    INFO: Starting Coyote HTTP/1.1 on http-12080
    Dec 30, 2008 8:26:13 PM org.apache.jk.common.ChannelSocket init
    INFO: JK: ajp13 listening on /0.0.0.0:8009
    Dec 30, 2008 8:26:13 PM org.apache.jk.server.JkMain start
    INFO: Jk running ID=0 time=0/187 config=null
    Dec 30, 2008 8:26:13 PM org.apache.catalina.startup.Catalina start
    INFO: Server startup in 7488 ms

  • Two way SSL issue in weblogic

    Hi All,
    we have enabled 2 way SSL in weblogic, we have one Admin Server and one managed (soa) server version 11.1.1.5
    steps we have followed:
    we have imported identity certificate and key file to a custom identity store
    improted trust certificates to a custom trust keystore
    in weblogic consile: soa_server1-> keystires : we have updated custom identity and trust details
    in weblogic consile: soa_server1-> ssl - we have updated required custom identity details and selected " Client Certs Requested And Enforced" for Two Way Client Cert Behavior.
    but while testing our process we are getting below error:
    we have tried openssl to test the connectivity but not sure about the output, is there any way to trace the SSL connection?
    any input will be really helpful.
    <AIASessionPoolManagerFault xmlns="http://xmlns.oracle.com/AIASessionPoolManager">
    -<part name="summary">
    <summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    com.oracle.bpel.client.BPELFault: faultName: {{http://xmlns.oracle.com/AIASessionPoolManager}AIASessionPoolManagerFault}
    messageType: {{http://schemas.oracle.com/bpel/extension}RuntimeFaultMessage}
    parts: {{
    summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
    ,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
         SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+:443/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&amp;SWEExtCmd=Execute&amp;WSSOAP=1 ]
         java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
         javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
         </detail>
    ,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
    </summary>
    </part>
    -<part name="detail">
    <detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    Error on AIASessionPoolManager.bpel: Operation=Get.
         SessionPoolHost.getSession(Siebel,170006): getSession(Siebel,170006) failed: Thread [weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4] faild to initialize the session pool. SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@107d5bb4]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://+<host>+/ngbeai_enu/start.swe?SWEExtSource=SecureWebService&SWEExtCmd=Execute&WSSOAP=1 ]
         java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
         javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure.
    </detail>
    </part>
    TIA,
    Vivek
    Edited by: 909283 on Apr 15, 2013 12:07 AM

    Hi Kishor/Rene,
    Thanks for the reply, we have already referred to the mentioned Oracle Note and enabled SSL debugging.
    while starting Admin server we are getting below output:
    Can you please confirm from below logs that SSL connection is correct, i have also provided below the error message we are getting in our process.
    <Apr 2, 2013 6:49:56 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 316588026>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 105197569742293346305268
    Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN= Test AD Objects CA1
    Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN= xyz>.com.au, EMAIL=<abcd>@<.com>
    Not Valid Before:Thu Oct 11 11:00:23 EST 2012
    Not Valid After:Sat Oct 11 11:00:23 EST 2014
    Signature Algorithm:SHA1withRSA
    >
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 458601664052503175495693
    Issuer:CN=<xyz> Test Policy CA
    Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
    Not Valid Before:Thu Nov 10 15:24:24 EST 2011
    Not Valid After:Thu Nov 10 15:34:24 EST 2016
    Signature Algorithm:SHA1withRSA
    >
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 105197569742293346305268
    Issuer:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
    Subject:C=AU, ST=NSW, L=Sydney, O=<xyz>, OU=Operations and Shared Services, CN=<abcd>.<.com>, EMAIL=<abcd>@<.com>
    Not Valid Before:Thu Oct 11 11:00:23 EST 2012
    Not Valid After:Sat Oct 11 11:00:23 EST 2014
    Signature Algorithm:SHA1withRSA
    >
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 458601664052503175495693
    Issuer:CN=<xyz> Test Policy CA
    Subject:DC=com, DC=<xyz>, DC=dir, DC=test, DC=testcore, CN=<xyz> Test AD Objects CA1
    Not Valid Before:Thu Nov 10 15:24:24 EST 2011
    Not Valid After:Thu Nov 10 15:34:24 EST 2016
    Signature Algorithm:SHA1withRSA
    >
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (0): NONE>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: <abcd>.<.com>>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerKeyExchange RSA>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHelloDone>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 70>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 16>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received CHANGE_CIPHER_SPEC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received HANDSHAKE>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Finished>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 8>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 26>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 26>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 26>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 24>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 45>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 45>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 45>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 15>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 30>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 30>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 30>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 18>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 23>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 23>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 23>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 20>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 41>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 41>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 41>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 7>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read(offset=0, length=8192)>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 SSL3/TLS MAC>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316569006 received APPLICATION_DATA: databufferLen 0, contentLength 13>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read databufferLen 13>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <316565651 read A returns 13>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <avalable(): 316565651 : 0 + 0 = 0>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
    java.lang.Exception: New alert stack
    at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
    at javax.net.ssl.impl.SSLLayeredSocket.close(Unknown Source)
    at weblogic.nodemanager.client.NMServerClient.disconnect(NMServerClient.java:276)
    at weblogic.nodemanager.client.NMServerClient.done(NMServerClient.java:138)
    at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:423)
    at weblogic.nodemanager.mbean.NodeManagerRuntime.getState(NodeManagerRuntime.java:440)
    at weblogic.server.ServerLifeCycleRuntime.getStateNodeManager(ServerLifeCycleRuntime.java:752)
    at weblogic.server.ServerLifeCycleRuntime.getState(ServerLifeCycleRuntime.java:584)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.management.jmx.modelmbean.WLSModelMBean.getAttribute(WLSModelMBean.java:525)
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:666)
    at com.sun.jmx.mbeanserver.JmxMBeanServer.getAttribute(JmxMBeanServer.java:638)
    at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.getAttribute(FederatedMBeanServerInterceptor.java:308)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
    at weblogic.management.mbeanservers.internal.JMXContextInterceptor.getAttribute(JMXContextInterceptor.java:157)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
    at weblogic.management.mbeanservers.internal.SecurityInterceptor.getAttribute(SecurityInterceptor.java:299)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServer.getAttribute(WLSMBeanServer.java:279)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5$1.run(JMXConnectorSubjectForwarder.java:326)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5.run(JMXConnectorSubjectForwarder.java:324)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.getAttribute(JMXConnectorSubjectForwarder.java:319)
    at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1404)
    at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
    at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
    at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
    at javax.management.remote.rmi.RMIConnectionImpl.getAttribute(RMIConnectionImpl.java:600)
    at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
    at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
    at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.getAttribute(Unknown Source)
    at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.getAttribute(RMIConnector.java:878)
    at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:263)
    at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:504)
    at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)
    at $Proxy138.getState(Unknown Source)
    at com.bea.console.actions.core.server.ServerTableAction.populateServerRuntimeTableBean(ServerTableAction.java:365)
    at com.bea.console.actions.core.server.ServerTableAction$ServerTableWork.run(ServerTableAction.java:498)
    at weblogic.work.commonj.CommonjWorkManagerImpl$WorkWithListener.run(CommonjWorkManagerImpl.java:203)
    at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    >
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 316565651>
    <Apr 2, 2013 6:49:57 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 316588026>
    error in bpel process:
    summary=<summary xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel when attempting Get operation</summary>
    ,detail=<detail xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error on AIASessionPoolManager.bpel: Operation=Get.
    SessionPoolHost.getSession(Siebel,190001): SessionPoolHost.create() thread[weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@16670d1d]: Failed to obtain a session after 3 attempts. SPM cannot successfully connect to web server Login credentials [endpoint: https://<host>:443/eai_enu/start.swe?SWEExtSource=SecureWebService&amp;SWEExtCmd=Execute&amp;WSSOAP=1 ].
    java.lang.Throwable: SOAPException occured when requesting : javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure
    javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Received fatal alert: handshake_failure</detail>
    ,code=<code xmlns:def="http://www.w3.org/2001/XMLSchema" xsi:type="def:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Error</code>}
    </summary>
    TIA,
    Vivek
    Edited by: 909283 on Apr 15, 2013 12:08 AM

  • Apache Proxy Plugin with SSL in Weblogic Cluster

    Hi,
    I have configured a weblogic cluster and configured SSL. Then I configured the apache plugin to work with the cluster machines with non ssl and worked succesfull but when I configured the ssl communication between apache and weblogic I´m having problems.
    The actual configuration is:
    <Location /spmlws>
    SetHandler weblogic-handler
    WLLogFile /var/log/httpd/tmpweblogic1.log
    DebugConfigInfo ON
    Debug ALL
    KeepAliveEnabled ON
    KeepAliveSecs 15
    WebLogicPort 7002
    SecureProxy ON
    TrustedCAFile /opt/freeware/etc/httpd/conf/trustedCA35cert.pem
    TrustedCAFile /opt/freeware/etc/httpd/conf/trustedCA36cert.pem
    WLProxySSL ON
    RequireSSLHostMatch false
    WebLogicCluster machine35:7002,machine36:7002
    EnforceBasicConstraints false
    </Location>
    The problem is that the plugin always takes the last TrustedCAFile. In this way if machine36 is down the plugin tries to send all the request to machine35 but it takes the TrustedCAFile for the machine36 (/opt/freeware/etc/httpd/conf/trustedCA36cert.pem) hence the apache complains
    [Wed Jun 30 11:13:56 2010] [error] [client 10.19.232.249] ap_proxy: trying GET /spmlws/OIMProvisioning at backend host '10.19.232.97/7002; got exception 'WRITE_ERROR_TO_SERVER [os error=0,  line 796 of ../nsapi/URL.cpp]: '
    What can I do to have multiple TrustedCAFile or to have working the communication between apache and weblogic cluster using SSL?
    thanks in advance

    Acording to the documentation this is not possible.
    One way to achieve the load balancing of n-weblogic servers in cluster using ssl is to configure de HttpClusterServlet.

  • Weblogic server 9.2 and SSL server certificate for the wrong site

    I turned on SSL service for a weblogic 9.2 server and later on changed the hostname of the machine that weblogic was running on. So the hostname that my SSL server certificate was issued to has now became an invalid hostname. But my weblogic server continues to run SSL service without any exception. I can still access my web applications thru the SSL port (except of course I get a warning for the server certificate every time that it is for the "wrong site"). My question is this: should weblogic 9.2 verify the hostname in the server certificate and stop SSL service if the certificate is for the wrong site? Or is verifying the certificate strictly the job of the browser? Just want to make sure there is nothing wrong with my SSL configuration. Thanks.

    So you are saying that something is wrong with my weblogic 9.2 ssl configuration? And that given a server certificate issued to a different hostname, my weblogic server should NOT be servicing ssl request and/or it should throw some sort of exception during startup? Thanks for clarifying.

  • Apache 2.2 21 forward Proxy 2 way SSL for weblogic server as a client

    Hi All,
    Currently, i am trying to implement a forward SSL proxy. The client will hit my apache server which in return will hit a IIS Server.
    scenarios 1
    client(weblogic)--*2 way SSL*Apache(forward proxy)*2 way SSL*-- IIS
    If i were to implement 1 way ssl, i am able to see the content of the website.
    client(weblogic) --- Apache(forward proxy) --- IIS
    If i were to launch the web browser from the client machine (with the client certificate imported in the browser), i am able to view the content in the IIS. But if i were to simulate the connection from weblogic server, it just give me end of file exception (response contain no data) on the logs.
    Below is my configuration
    Listen 8080
    <VirtualHost default:8080>
    ServerName serverA
    ErrorLog "logs/ssl_error_log"
    CustomLog "logs/ssl_access_log" common
    SSLProxyEngine On
    SSLProxyMachineCertificateFile /certificate/servercert.cer
    SSLProxyCACertificateFile /certificate/rootCA.cer
    SSLProxyVerify require
    SSLProxyVerifyDepth 10
    ProxyRequests On
    ProxyVia On
    AllowConnect 12345
    <Proxy *>
    Order allow,deny
    Allow from all
    </Proxy>
    </VirtualHost>
    For 2 way SSL, will the client forward their client certificate to my apache proxy server and apache will on the client behalf forward the client certificate to the IIS server for authenication?
    Or the SSL authenication still happen between the client (weblogic) and the end server (IIS) bypassing the proxy server.
    Please help.

    It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

  • SSL Hardware Accelerator supported by Weblogic 6.X

    Does any one know if WebLogic supports Sun SSL Crypto hardware, ie: SSL Accelerator
    hardware, Sun Part # X113A ?
    Thank You
    Tuan

    Hello Jerry,
    Thank you very much for your help, here is an answer from
    Michael Young of BEA. Here is the response:
    Michael Young <[email protected]> wrote:
    Hi.
    WLS does not currently work with hardware SSL accelerators.
    Regards,
    Michael Jerry <[email protected]> wrote:
    Hi Tuan,
    BEA does not support WebLogic 6.1 and lower with SSL hardware accelerators
    from any
    vendor.
    Cheers,
    Joe Jerry
    Tuan Phan wrote:
    Does any one know if WebLogic supports Sun SSL Crypto hardware, ie:SSL Accelerator
    hardware, Sun Part # X113A ?
    Thank You
    Tuan

  • SSL Accelerator hardware for WebLogic

    Hi All,
    Does any one know if WebLogic supports Sun SSL Crypto hardware, ie: SSL Accelerator
    hardware, Sun Part # X113A ?
    Thank You

    Hi Michael,
    Thank you very much for your help. I will keep checking the
    released version for SSL/Hardware support.
    Regards,
    Tuan
    Michael Young <[email protected]> wrote:
    Hi Tuan.
    The next major release of WLS due out this spring will have support for
    hardware SSL accelerators. I don't have any detail beyond what I just
    stated. Keep an eye out for the beta program for the WLS beta release.
    This is not the WLS 7.0 preview currently on
    http://commerce.bea.com/downloads/weblogic_server.jsp. The beta program
    should be out sometime in the next few weeks.
    Regards,
    Michael
    Tuan Phan wrote:
    Hello Michael,
    Thank you very much for your help. Does BEA have plan
    to support any hardware based SSL in the future, how soon ?
    Thank You
    Tuan Phan
    Michael Young <[email protected]> wrote:
    Hi.
    WLS does not currently work with hardware SSL accelerators.
    Regards,
    Michael
    Tuan Phan wrote:
    Hi All,
    Does any one know if WebLogic supports Sun SSL Crypto hardware,
    ie:
    SSL Accelerator
    hardware, Sun Part # X113A ?
    Thank You--
    Michael Young
    Developer Relations Engineer
    BEA Support
    Michael Young
    Developer Relations Engineer
    BEA Support

  • SSL Client example from dev2dev

    Bruce,
    I still have some questions unaswered.
    1. Is there any "default" list of trusted CA that is used during handshake?
    The SSLClient example does not have any references to trusted CA files. The
    weblogic.webservice.client.ssl.trustedcerts property returns null. What
    trusted CA is used in the SSLClient example? Considering the plural name of
    the property, should it contain only one file name, or it can contain
    several file names? Order? Delimiter?
    2. I copied the SSL setup code from SSLClient to my own web service client,
    but it does not work. My web service is made of stateless session bean, and
    wsdl is generated dynamically. Is it possible, that certain wsdl settings
    could affect handshake process? Maybe I need to copy certain wsdl tags from
    the example?
    3. What username/password should I use in IE when "Enter network password"
    dialog is presented? The combination used to start weblogic server does not
    work. The same combination works for non-SSL client. Why?
    Thanks,
    Michael J.
    "Bruce Stephens" <[email protected]> wrote in message
    news:[email protected]...
    Hi Michael,
    Thanks for the good feedback and this will be incorporated into a revised
    example.
    Concerning your questions toward the end, to set the list of trusted CA
    certificates, you need the CA certificate in a file and you need to setthis
    System property to the filename:
    weblogic.webservice.client.ssl.trustedcerts
    To turn off strict hostname checking during certificate validation, youneed to
    set this property to "false":
    weblogic.webservice.client.ssl.strictcertchecking
    Thanks again,
    Bruce
    Michael Jouravlev wrote:
    Bruce,
    here are some issues that I wish you could help me with.
    1) package.html from the simpleSSL example is outdated. The links posted
    here do not work. Considering "Please pay careful attention" phrase I am
    a
    little bit worried if I missed something in my SSL configuration.
    === cut here ===
    You must first setup and verify your WLS SSL configuration.
    1. Set up your development shell as described in Quick Start.
    2. Startup the WebLogic Server.
    3. Monitor the log file for any errors.
    4. Use the console and configure the WebLogic Service security asdescribed
    by:
    http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1052258
    Please pay careful attention to this step, especially concerning theSSL
    protocol configuration:
    http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1067988
    === cut here ===
    I use the following information:
    1. http://e-docs.bea.com/wls/docs70/secmanage/ssl.html#1127954 to
    configure
    server-wide SSL setup
    2. http://edocs.bea.com/wls/docs70/webserv/security.html#1052043 to
    configure web service-related SSL setup.
    2) In "Setup and verify the toUpper WebService" chapter the linksentitled
    http://localhost:7001/toUpper/toUpper and
    http://localhost:7001/toUpper/toUpper?WSDL are wrong. Not a big deal,
    but
    maybe you would like to correct this.
    3) Now the real issue: in the step (8), the "IMPORTANT STEP", when I tryto
    connect to https://localhost:7002/toUpper/toUpper , I receive the
    "Security
    Alert" dialog (I am using IE5) that there is a problem with security
    certificate: name of the certificate does not match the name of thesite. It
    is OK, because it is demo certificate. (Should I do "View
    Certificate/Install Certificate" to proceed successfully or just to say
    "Yes" in the "Security Alert" window?). Anyway, I say "Yes", I do wantto
    proceed. In the next window is "Do you want to display nonsecure items?"I
    say "yes" and I am brought to the the test page. Now, when I try to testthe
    service, I click on "toUpper" link and am presented with sample text and
    "Invoke" button.
    And when I press "Invoke" I am presented with a dialog window "Enternetwork
    password" containing: Site: localhost, Realm: default, User name:
    <blank>, Password: <blank>. So, the first serious issue is: what username
    and password should I use? I tried username and password that I used to
    start the server in set WLS_USER=<username> and set WLS_PW=<password> in
    startWebLogic.cmd file. Does not work. "weblogic"/"weblogic" does notwork
    either. What should I submit??? I did not change any security setting inmy
    WebLogic server aside of SSL settings (all this realm stuff is greek tome.)
    >>
    After "Enter network password" dialog fails to verify a user, I get apage
    with the following text: "Failed to retrieve WSDL from
    https://localhost:7002/toUpper/toUpper?WSDL. Please check the URL and
    the
    protocol: Write Channel Closed, possible SSL handshaking or trustfailure"
    >>
    Interesting enough, if I try to go directly to the link
    https://localhost:7002/toUpper/toUpper?WSDL , I get WSDL without any
    problem
    and without any password windows. What is happening here?
    4) OK, I still want to run the Client. I modified ToUpperPort_Stub.javain
    order for it to be compiled. I changed super( _port,ToUpperPort.class );
    to super( _port ); I am using WL7.0 GA and I am not sure, is the callthat I
    changed comes from the earlier Beta versions or from 7.0.0.1. Anyway,the
    original code does not work on 7.0GA. I successfully did run both Mainand
    Main2 without username/password and with it. I also usedusername/password
    from startWebLogic.cmd file and they worked. Why they do not work when Itry
    to call test page from web browser?
    5) Finally I compiled and did run the SSLClient. It worked. But the
    questions here are:
    BEA_HOME environment variable is not defined, and WebLogic SSL
    implementation is used. How licence.bea was found while running theclient?
    When I tried to build my own client, I got a message that I license fileis
    needed. Or is it needed only if the client library webservices+ssl.jaris
    used?
    The most important question: What trusted CA is used by client and how
    client finds it? No certificates are in the SSLClient directory and no
    property settings telling where to find it. It is a puzzle for my why it
    works here and why my own client does not work when the CA is supplied.
    Thank you,
    Michael J.

    Hi Michael,
    I've asked our security folks to help answer your questions. The
    weblogic.webservice.client.ssl.trustedcertfile file (located on the client
    application computer) contains the certificates of CA (certificate authority).
    The CAs are trusted to issue WebLogic Server certificates. The file can also
    contain certificates that you trust directly. The file contains a collection of
    PEM-encoded certificates. See:
    http://e-docs.bea.com/wls/docs70/webserv/security.html#1056434
    There shouldn't be any WSDL changes/tags required.
    HTHs,
    Bruce
    Michael Jouravlev wrote:
    Bruce,
    I still have some questions unaswered.
    1. Is there any "default" list of trusted CA that is used during handshake?
    The SSLClient example does not have any references to trusted CA files. The
    weblogic.webservice.client.ssl.trustedcerts property returns null. What
    trusted CA is used in the SSLClient example? Considering the plural name of
    the property, should it contain only one file name, or it can contain
    several file names? Order? Delimiter?
    2. I copied the SSL setup code from SSLClient to my own web service client,
    but it does not work. My web service is made of stateless session bean, and
    wsdl is generated dynamically. Is it possible, that certain wsdl settings
    could affect handshake process? Maybe I need to copy certain wsdl tags from
    the example?
    3. What username/password should I use in IE when "Enter network password"
    dialog is presented? The combination used to start weblogic server does not
    work. The same combination works for non-SSL client. Why?
    Thanks,
    Michael J.
    "Bruce Stephens" <[email protected]> wrote in message
    news:[email protected]...
    Hi Michael,
    Thanks for the good feedback and this will be incorporated into a revised
    example.
    Concerning your questions toward the end, to set the list of trusted CA
    certificates, you need the CA certificate in a file and you need to setthis
    System property to the filename:
    weblogic.webservice.client.ssl.trustedcerts
    To turn off strict hostname checking during certificate validation, youneed to
    set this property to "false":
    weblogic.webservice.client.ssl.strictcertchecking
    Thanks again,
    Bruce
    Michael Jouravlev wrote:
    Bruce,
    here are some issues that I wish you could help me with.
    1) package.html from the simpleSSL example is outdated. The links posted
    here do not work. Considering "Please pay careful attention" phrase I am
    a
    little bit worried if I missed something in my SSL configuration.
    === cut here ===
    You must first setup and verify your WLS SSL configuration.
    1. Set up your development shell as described in Quick Start.
    2. Startup the WebLogic Server.
    3. Monitor the log file for any errors.
    4. Use the console and configure the WebLogic Service security asdescribed
    by:
    http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1052258
    Please pay careful attention to this step, especially concerning theSSL
    protocol configuration:
    http://e-docs.bea.com/wls/docs70/adminguide/cnfgsec.html#1067988
    === cut here ===
    I use the following information:
    1. http://e-docs.bea.com/wls/docs70/secmanage/ssl.html#1127954 to
    configure
    server-wide SSL setup
    2. http://edocs.bea.com/wls/docs70/webserv/security.html#1052043 to
    configure web service-related SSL setup.
    2) In "Setup and verify the toUpper WebService" chapter the linksentitled
    http://localhost:7001/toUpper/toUpper and
    http://localhost:7001/toUpper/toUpper?WSDL are wrong. Not a big deal,
    but
    maybe you would like to correct this.
    3) Now the real issue: in the step (8), the "IMPORTANT STEP", when I tryto
    connect to https://localhost:7002/toUpper/toUpper , I receive the
    "Security
    Alert" dialog (I am using IE5) that there is a problem with security
    certificate: name of the certificate does not match the name of thesite. It
    is OK, because it is demo certificate. (Should I do "View
    Certificate/Install Certificate" to proceed successfully or just to say
    "Yes" in the "Security Alert" window?). Anyway, I say "Yes", I do wantto
    proceed. In the next window is "Do you want to display nonsecure items?"I
    say "yes" and I am brought to the the test page. Now, when I try to testthe
    service, I click on "toUpper" link and am presented with sample text and
    "Invoke" button.
    And when I press "Invoke" I am presented with a dialog window "Enternetwork
    password" containing: Site: localhost, Realm: default, User name:
    <blank>, Password: <blank>. So, the first serious issue is: what username
    and password should I use? I tried username and password that I used to
    start the server in set WLS_USER=<username> and set WLS_PW=<password> in
    startWebLogic.cmd file. Does not work. "weblogic"/"weblogic" does notwork
    either. What should I submit??? I did not change any security setting inmy
    WebLogic server aside of SSL settings (all this realm stuff is greek tome.)
    After "Enter network password" dialog fails to verify a user, I get apage
    with the following text: "Failed to retrieve WSDL from
    https://localhost:7002/toUpper/toUpper?WSDL. Please check the URL and
    the
    protocol: Write Channel Closed, possible SSL handshaking or trustfailure"
    Interesting enough, if I try to go directly to the link
    https://localhost:7002/toUpper/toUpper?WSDL , I get WSDL without any
    problem
    and without any password windows. What is happening here?
    4) OK, I still want to run the Client. I modified ToUpperPort_Stub.javain
    order for it to be compiled. I changed super( _port,ToUpperPort.class );
    to super( _port ); I am using WL7.0 GA and I am not sure, is the callthat I
    changed comes from the earlier Beta versions or from 7.0.0.1. Anyway,the
    original code does not work on 7.0GA. I successfully did run both Mainand
    Main2 without username/password and with it. I also usedusername/password
    from startWebLogic.cmd file and they worked. Why they do not work when Itry
    to call test page from web browser?
    5) Finally I compiled and did run the SSLClient. It worked. But the
    questions here are:
    BEA_HOME environment variable is not defined, and WebLogic SSL
    implementation is used. How licence.bea was found while running theclient?
    When I tried to build my own client, I got a message that I license fileis
    needed. Or is it needed only if the client library webservices+ssl.jaris
    used?
    The most important question: What trusted CA is used by client and how
    client finds it? No certificates are in the SSLClient directory and no
    property settings telling where to find it. It is a puzzle for my why it
    works here and why my own client does not work when the CA is supplied.
    Thank you,
    Michael J.

  • BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6

    We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
    <Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
    wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
    com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
    at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
    at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
    tboundMessageContext.java:310)
    at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    Truncated. see log file for complete stacktrace
    javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
    at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
    Truncated. see log file for complete stacktrace
    This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
    After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
    Thanks.
    Matt
    Edited by: user6946981 on Sep 17, 2009 7:58 AM

    Are you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
    I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
    Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
    Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way.

  • Invoking Web Service Over SSL

    Hi,
    1) Used clientgen utility to create stub classes based on wsdl file
    application is build using following ant task
    2) Created a java application which acts as a client for invoking generated stubs (in step 1) for comunicating with webservice over HTTPS protocol.
    3) Able to comunicate with required webservice through normal java client.
    4) Integrate the above created java application in weblogic workflows. All the required jar (stubs and application) files are available in APP-INF/lib directory ofworrkflow application.
    5) While invoking java application from work flow (to communicate with webservice) we get the following error
    SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: The server at https://www.3pv.
    net/3PVWebServices/3PVWebServices.asmx returned a 403 error code (Forbidden). P
    lease ensure that your URL is correct and that the correct protocol is in use.
    Detail:
    <detail>
    <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webse
    rvice/fault/1.0.0">weblogic.webservice.util.AccessException: The server at https
    ://www.3pv.net/3PVWebServices/3PVWebServices.asmx returned a 403 error code (For
    bidden). Please ensure that your URL is correct and that the correct protocol i
    s in use.
    at weblogic.webservice.binding.soap.HttpClientBinding.handleErrorRespons
    e(HttpClientBinding.java:371)
    at weblogic.webservice.binding.soap.HttpClientBinding.receive(HttpClient
    Binding.java:233)
    at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientH
    Thanks
    Sandip Mehta

    Hey exact problem i am facing
    1. Can access webservice through my thin java client using the stubs generated by clientgen.
    2. But get 403 error when running inside weblogic.
    8.1 SP2
    Also saw in SP4 release notes....
    CR185228:
    The WebService SSL client failed to connect the service when "weblogic.webservice.client.ssl.strictcertchecking" was not set to false. WebLogic Server now connects to the service with this property set to either true or false."
    Does this mean if i set
    weblogic.webservice.client.ssl.strictcertchecking =false in SP2 my call from within weblogic will work
    I appreciate immediate feedback.
    Sachin

  • SSL problem: SSL Forbidden or 12204 SSL port specified is not allowed

    Hello there,
    we have a BIG PROBLEM on a production system.
    Some user on internet using IEXplore 5.0x could'nt access our https page.
    Error reported are:
    SSL Forbidden
    SSL port specified is not allowed
    We are using SSL on port 7002
    This is the weblogic properties reagrd SSL:.
    weblogic.security.ssl.enable=true
    # SSL listen port
    weblogic.system.SSLListenPort=7002
    Any suggestion?
    Is there a possibility to use port 80 both for https and http?
    Any help will be apprciated.
    THANK'S!

    I think you need to setup your proxy server to allow 7002 port,
    or use port 443 for SSL ( it is the default proxy secured port)
    Hope this will help
    Mohds
    "Paul Patrick" <[email protected]> wrote:
    If this is a production problem, you should file a problem report with BEA
    Support.
    But I didn't see any certificates for the server registered. Without
    certificates and a private
    key the SSL protocol will not work.
    Paul Patrick
    "Antimo" <[email protected]> wrote in message
    news:3a12cc80$[email protected]..
    Hello there,
    we have a BIG PROBLEM on a production system.
    Some user on internet using IEXplore 5.0x could'nt access our https page.
    Error reported are:
    SSL Forbidden
    SSL port specified is not allowed
    We are using SSL on port 7002
    This is the weblogic properties reagrd SSL:.
    weblogic.security.ssl.enable=true
    # SSL listen port
    weblogic.system.SSLListenPort=7002
    Any suggestion?
    Is there a possibility to use port 80 both for https and http?
    Any help will be apprciated.
    THANK'S!

  • RPC Style Web Service and SSL

    Hi,
    Has anyone tried (and maybe succeeded) in accessing an
    RPC-style Web Service deployed on WebLogic Server 6.1 using
    SSL? I have a Web Service deployed and am able to access it using JNDI and the
    weblogic.soap.http.SoapInitialContextFactory
    INITIAL_CONTEXT_FACTORY. However, when I try to set the
    Context.SECURITY_PROTOCOL to "ssl" and access the secure port,
    I get a "java.net.SocketException: Unexpected end of file from
    the server" error message.
    Does the weblogic.soap.http.SoapInitialContextFactory not
    support SSL? Do I need to do the SOAP/XML messaging myself,
    without being able to make use of the WebLogic convenience
    classes? Thanks! Rob

    Alright!
    Glad you got it working ;-)
    Actually, the problem with the protocol being hardcoded to http in the wsdl.jsp,
    is a bit strange. It's unusual that the BEA engineers that coded the wsgen component
    and support classes, didn't use something like the following:
    <soap:address location="<%= request.getScheme() + "://" + request.getServerName()
    + ":" + request.getServerPort() %>/security/examples/webservices/security/PhoneBookService"/>
    I don't use wsgen too much, because I need to have more control over the J2EE
    packaging. It (wsgen) is great for spitting out stuff, but not really setup for
    doing Web service packaging that use classes (i.e. helper files, frameworks, etc.)
    that it doesn't generate. I think they (BEA) might be looking into integrating
    the Web Services assembly process with other tools like WebGain, Forte, etc. to
    alleviate these types of issues.
    Anyway, glad you got it working, so now you can help somebody else (time permitting,
    of course) with this topic in the future!
    Regards,
    Mike Wooten
    "Rob Nelson" <[email protected]> wrote:
    >
    Mike,
    Thank you very much for your response! The next to
    last sentence did it for me (when you mentioned checking
    that the location attribute of the soap:address element
    was set properly)! I noticed that when I viewed the WSDL
    file via the browser (by clicking on the link in the
    index.html page), I saw http://host:<unsecure_port> when
    I requested it over the unsecure port, but I saw
    http://host:<secure_port> when I requested the WSDL over
    the secure port. Notice it did not say https!
    So, I unjarred the EAR file that was generated by my
    wsgen task, and then unjarred the generated WAR file
    contained therein. When I looked at wsdl.jsp, I noticed
    that "http" was hard-coded in the location attribute, but
    that the host name and port number were dynamically
    generated. So I added a scriplet to dynamically place an
    "s" after "http" (if request.isSecure()) and rejarred up
    the WAR and EAR files.
    Now when I deployed the EAR file, I see "https" when
    I request the WSDL over the secure port, and my client
    (actually your client;) works! Awesome! I really appreciate
    your help! Now my only issue is why did the wsdl.jsp have
    "http" hard-coded, not accounting for secure requests.
    These files were generated by the WSGEN task in ANT.
    I figure it's either: I have a configuration problem,
    I have a problem with my ANT build script, my version of
    WebLogic Server (6.1 w/SP1 built 9/18/2001) has a bug, or
    maybe you just have to manually go in and modify the wsdl.jsp
    file if you want to use https :(. Please let me know if
    you have any insight on this, and I will also follow up
    with WebLogic support. Thanks again! Rob
    "Michael Wooten" <[email protected]> wrote:
    Hi Rob,
    I am absolutely sure the code I posted works, so we need to approach
    this from
    a different angle ;-)
    First, I know why the Context.SECURITY_PROTOCOL approach doesn't works.
    It's because
    the namespace in the Web Services code examples is not the same oneas
    the one
    used for RMI objects, EJBs, JDBC Data Sources, etc. For those objects,
    the Context.PROVIDER_URL
    is something like "t3://localhost:7001", and the INITIAL_CONTEXT_FACTORY
    is "weblogic.jndi.WLInitialContextFactory".
    The one being used with WebLogic Web Services, is mainly just functioning
    as a
    mechanism for manufacturing WebServiceProxy objects, because it is a
    non-instanciable!
    It does this by using a subclass of javax.naming.Context called SOAPContext,
    which
    is completely hidden from you, but also doesn't do much except implement
    the lookup()
    method. The implementation of this method ignores the Context.SECURITY_URL
    property,
    but it does pay attention to the "java.naming.security.principal" and
    "java.naming.security.credentials"
    properties. You don't need these properties for SSL, just Basic Authentication.
    Enough about that, though. The service end-point is a servlet right?
    So this means
    it has a URL that begins with http or https, which in turn means the
    WebLogic
    servlet engine gets the SOAP request and sends it to the StatelessSessionAdapter
    servlet. To WLS, this is just like any other HTTP/HTTPS request sent
    to it ;-)
    There is no special "SOAP-related" HTTP/HTTPS handler in WLS, but the
    SSL challenge
    dance still happens. So my first question is, are you sure you havethe
    HTTPS
    attributes set properly in the WebLogic console. SSL/HTTPS should be
    enabled and
    the "Hostname Verification Ignored" checkbox should be checked. Next,
    are you
    sure the URL assigned to the location attribute of the <service> element
    in the
    WSDL is correct (i.e. https://localhost:7002)? Are you using the "dynamic
    client"
    approach?
    Regards,
    Mike Wooten
    "Rob Nelson" <[email protected]> wrote:
    Mike,
    Thanks for your response. I downloaded the code example that
    you
    posted
    last week, as well as the code example that you posted in October for
    a similar
    request (BEA Support pointed me towards that). Unfortunately, I still
    can't get
    the Web Service to respond to the client request when the client uses
    the HTTPS
    port for the WebLogic Server.
    I tried two different client approaches. The first uses the client
    code
    that you posted in October, the WebServiceProxy approach. The second
    approach
    is based on the example in the WebLogic documentation, which uses the
    weblogic.soap.SoapInitialContextFactory
    class with the javax.naming.Context object to perform a lookup on the
    service
    (which closely resembles rmi without the narrowing).
    Both client classes fail to invoke the the service itself viaHTTPS
    (although
    they both work when making HTTP requests to the unsecure port). However,
    when
    I run the client based on the client class that you posted in October
    and make
    an HTTPS request, I can see in the output where it is able to download
    the WSDL
    file and use it (via the WebServiceProxy) to describe the availablemethods
    for
    the associated Web Service. It is only when the actual invoke() method
    is called
    on the SoapMethod object (which in turn sends the XML request to the
    Web Service
    Servlet), that the server doesn't respond, and the client fails with
    an UnexpectedEndOfFileException
    (i.e. no response).
    So, do you know why the servlet that the RPC-style Web Serviceuses
    to handle
    requests would not respond to HTTPS requests, when it processes HTTP
    requests
    without a problem (using the same client code that fails with the HTTPS
    request)?
    I am using WebLogic Server 6.1 w/SP1 on a Solaris 8 platform. Thanks
    for any
    advice you can give me! Rob
    "Michael Wooten" <[email protected]> wrote:
    Hi Rob,
    Check out the attached zip for "insights" into how to do this. It
    contains
    the
    code for two Web service "consumers" (that the new fangled word fora
    "client")
    and the web.xml and weblogic.xml for the RPC-style Web Service, that
    they consume.
    Hope this helps,
    Mike Wooten
    "Rob Nelson" <[email protected]> wrote:
    Hi,
    Has anyone tried (and maybe succeeded) in accessing an
    RPC-style Web Service deployed on WebLogic Server 6.1 using
    SSL? I have a Web Service deployed and am able to access it using
    JNDI
    and the
    weblogic.soap.http.SoapInitialContextFactory
    INITIAL_CONTEXT_FACTORY. However, when I try to set the
    Context.SECURITY_PROTOCOL to "ssl" and access the secure port,
    I get a "java.net.SocketException: Unexpected end of file from
    the server" error message.
    Does the weblogic.soap.http.SoapInitialContextFactory not
    support SSL? Do I need to do the SOAP/XML messaging myself,
    without being able to make use of the WebLogic convenience
    classes? Thanks! Rob

Maybe you are looking for

  • All Speakers Suddenly Not Working!

    Everything was fine until yesterday and I didn't do anything to the phone that might have caused this. I suddenly noticed that the speakers do not work, but through the headphones music will play. I can talk to people on the phone too, just not hear

  • Where can I find the configuration profiles I installed on my iPod?

    Befores it used to be under Preferences > General >Profiles. But I can't find it in iOS 6...

  • Save error code 48

    I'm running LV in Classic on OS X 10.2 Been working great for months. Last night, LV decided it can't save my files anymore. I get the following message: "File permission error occurred. LabVIEW Save error code 48: Could not move temporary file to de

  • Home button getting stuck

    my home button has been getting stuck i have to hold it down for awhile before anything pops up on my screen.  The top button works, and i have done a soft reset it will work for a couple of min then revert back to how it was..

  • M5035MFP displays Permanent Storage Write Failed after firmware update to 48.301.7

    After updating the firmware to 48.301.7, I have two M5035MFP machines that are displaying "68 Permanent Storage Write Failed" error messages. The users can press Continue and printing will proceed normally for another 10-50 pages when the message wil