WebService approach - HTTP limitation
Hello,
This is a PI architectural question, rather than a PI development one.
One of the scenarios to be used contemplate an WebService approach but I've been told that there are some technical limitations in using this approach.
Two of them are well known and won't constitute a surprise but the third one came out of the blue. Here are the limitations:
1. payload dimension of xml messages (transport layer); (Known)
2. serialization of xml on the sender and receiver endpoints (Known)
bold3. HTTP protocol limits to 2 simultaneous connections between each pair of systems bold
I've found that HTTP 1.1.(RFC 2616 - Hypertext Transfer Protocol -- HTTP/1.1) states that, "A single-user client SHOULD NOT maintain more than 2 connections with any server or proxy", is that what they mean?
How do you understand this limitation? Have you come across this problem?
Thanks in advance,
Gonçalo Mouro Vaz
The below document gives idea about principal propagation in 7.1 and 7.0. I dont know what we have in 7.3.
I think it is possible non sap or sap inbound to sap outbound scenarios using Prinicipal Propagation. At PI inbound side any authentication mechanism is possible whereas on the PI outbound side only SAP Logon TIcket supported. This is the case for PI 7.1
Please refer this for understanding:
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/808d3048-638c-2a10-35a6-faa48e50ad59?QuickLink=index&overridelayout=true
Similar Messages
-
Error while invoking webservice throu https
Error while invoking webservice throu https://
can any one help me on this topic please:
CODE:
SOAPConnection con = null;
try{
String endpoint = "https://wks3089639:4565/Service.serviceagent/PortTypeEndpoint1";
//String endpoint = "http://wks3101999:5539/Service.serviceagent/PortTypeEndpoint1";
//String endpoint = args[0];
//String soapAction = args[1];
System.out.println("javax.net.ssl.keyStore-->"+System.getProperty("javax.net.ssl.trustStore"));
System.setProperty("javax.net.ssl.trustStore","C:/Documents and Settings/1067555/Desktop/certificates/cer.jks");
System.setProperty("javax.net.ssl.keyStore","C:/Documents and Settings/1067555/Desktop/certificates/server.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","password");
System.setProperty("javax.net.ssl.keyStorePassword","password");
// use Sun's reference implementation of a URL handler for the "https" URL protocol type.
//System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
// dynamically register sun's ssl provider
System.setProperty("security.provider","com.sun.net.ssl.internal.ssl.Provider");
//Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.out.println("javax.net.ssl.trustStore-->"+System.getProperty("javax.net.ssl.trustStore"));
System.setProperty("javax.net.debug","ssl,handshake");
SOAPConnectionFactory connectionFactory = SOAPConnectionFactory.newInstance();
con = connectionFactory.createConnection();
MessageFactory messageFactory = MessageFactory.newInstance();
SOAPMessage message = messageFactory.createMessage();
SOAPPart soapPart = message.getSOAPPart();
SOAPEnvelope envelope = soapPart.getEnvelope();
SOAPBody body = envelope.getBody();
// MimeHeaders headers = message.getMimeHeaders();
// headers.addHeader("SOAPAction", soapAction);
// headers.addHeader("SOAPAction", "/Service.serviceagent/PortTypeEndpoint1/Operation");
// headers.addHeader("Content-Type","text/xml");
// headers.addHeader("charset","utf-8");
MimeHeaders headers = message.getMimeHeaders();
headers.addHeader("SOAPAction", "/Service.serviceagent/PortTypeEndpoint1/sampleOperation");
headers.addHeader("Content-Type","text/xml");
headers.addHeader("charset","utf-8");
StreamSource inputmsg = new StreamSource(new FileInputStream("client.wsdl"));
soapPart.setContent(inputmsg);
System.out.println("REQUEST:\n");
message.writeTo(System.out);
System.out.println();
message.saveChanges();
SOAPMessage reply = con.call(message, new URL(endpoint));
System.out.println("RESPONSE:\n"+reply.toString());
System.out.println("Header:::"+reply.getSOAPHeader());
System.out.println("Body:::"+reply.getSOAPBody());
System.out.println("RESPONSE:\n");
TransformerFactory transformerFactory = TransformerFactory.newInstance();
Transformer transformer = transformerFactory.newTransformer();
//Extract the content of the reply
Source responseContent = reply.getSOAPPart().getContent();
//Set the output for the transformation
StreamResult result = new StreamResult(System.out);
transformer.transform(responseContent, result);
System.out.println();
}catch(Exception e){
e.printStackTrace();
finally{
con.close();
Exception:
10-Nov-2008 11:55:04 com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection post
SEVERE: SAAJ0009: Message send failed
com.sun.xml.messaging.saaj.SOAPExceptionImpl: java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:127)
at com.Sample.main(Sample.java:91)
Caused by: java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:121)
... 1 more
Caused by: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:325)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(HttpSOAPConnection.java:150)
... 3 more
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:282)
... 4 more
CAUSE:
java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:121)
at com.Sample.main(Sample.java:91)
Caused by: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:325)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(HttpSOAPConnection.java:150)
... 3 more
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:282)
... 4 more
CAUSE:
java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:121)
at com.Sample.main(Sample.java:91)
Caused by: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:325)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(HttpSOAPConnection.java:150)
... 3 more
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:282)
... 4 more
Edited by: javausers07 on Nov 10, 2008 11:58 AMI hope the sun forum can help for me. Lets see
-
Invoking Webservice over HTTPS
Hi all,
I'm using Weblogic 9.2 with default configuration of Keystore & SSL. The webservice client is generated using 'Clientgen' Ant task, I can invoke the webservice using http without problem, but when using https it's always rejected, basically I'm not sure what system properties to put for the client, here's my last desperate attempt:
System.setProperty("weblogic.webservice.verbose", "true");
System.setProperty("java.protocol.handler.pkgs", "weblogic.net");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "config/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.security.SSL.TrustKeyStore", "DemoTrust");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
System.setProperty("ssl.debug", "true");
PaymentGateway service = new PaymentGateway_Impl();
PaymentGatewayPort port = service.getPaymentGatewayPort();
Stub.class.cast(port)._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "https://192.168.56.3:7002/ws/PaymentGateway?WSDL");
Stub.class.cast(port)._setProperty(Stub.USERNAME_PROPERTY, "weblogic");
Stub.class.cast(port)._setProperty(Stub.PASSWORD_PROPERTY, "weblogic");
ISODocument isoDoc = new ISODocument();
isoDoc.setMti(new Integer(200));
port.balanceInquery(isoDoc);And here's the exception thrown in client:
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Not in server, Certicom SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE KeyAgreement: SunJCE version 1.5 for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm ECDH
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DESede/CBC/NoPadding
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm AES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RC4
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA/ECB/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL Session TTL :90000
<!-------------------- REQUEST FROM CLIENT ---------------->
URL : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
Headers :
Authorization: [Basic d2VibG9naWM6d2VibG9naWM=]
SOAPAction: [""]
Content-Type: [text/xml]
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><env:Header></env:Header><env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><m:balanceInquery xmlns:m="http://www.telkomsel.com/PaymentGateway"><iSODocument xmlns:n1="java:com.visitek.pgi.models" xsi:type="n1:ISODocument"><amount xsi:nil="true"></amount><audit_number href="#ID_2"></audit_number><bank_code xsi:type="xsd:string">000151</bank_code><currency_code href="#ID_2"></currency_code><data href="#ID_2"></data><encrypted_pin href="#ID_2"></encrypted_pin><expiration_date href="#ID_2"></expiration_date><institution_code href="#ID_2"></institution_code><institution_data xsi:type="xsd:string">62812006002616</institution_data><local_tracking_id xsi:type="xsd:string">080722163229082127.0.0.1:9595</local_tracking_id><mti xsi:type="xsd:int">200</mti><network_information_code xsi:type="xsd:short">0</network_information_code><original_data_element href="#ID_2"></original_data_element><pan_null_true xsi:type="xsd:string">yes</pan_null_true><pos_entry href="#ID_2"></pos_entry><primary_acc_number xsi:nil="true"></primary_acc_number><response_code href="#ID_2"></response_code><response_terminal_number href="#ID_2"></response_terminal_number><service_code xsi:type="xsd:int">6016</service_code><settlement_date href="#ID_2"></settlement_date><terminal_number href="#ID_2"></terminal_number><transaction_code xsi:type="xsd:int">380000</transaction_code><transaction_data href="#ID_2"></transaction_data><transaction_date href="#ID_2"></transaction_date><transaction_sequence href="#ID_2"></transaction_sequence><transaction_time href="#ID_2"></transaction_time><transaction_timestamp href="#ID_2"></transaction_timestamp></iSODocument></m:balanceInquery><xsd:string xsi:type="xsd:string" id="ID_2"></xsd:string></env:Body></env:Envelope>
<!-------------------- END REQUEST FROM CLIENT ------------>
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Trusted CA keystore: config/DemoIdentity.jks
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Filtering JSSE SSLSocket
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLIOContextTable.addContext(ctx): 24864323
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLSocket will NOT be Muxing
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: write SSL_20_RECORD
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: ServerHello
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: Certificate
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Cannot complete the certificate chain: No trusted cert found
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Validating certificate 0 in the chain: Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: validationCallback: validateErr = 16
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: cert[0] = Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Warning> <Security> <BEA-090542> <Certificate chain received from 192.168.56.3 - 192.168.56.3 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Validation error = 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Certificate chain is untrusted>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <SSLTrustValidator returns: 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:153)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:367)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:705)
at java.net.URLConnection.getContentType(URLConnection.java:479)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:230)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:64)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:238)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:246)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:147)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:473)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:459)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:306)
at com.visitek.pgi.client.PaymentGatewayPort_Stub.balanceInquery(PaymentGatewayPort_Stub.java:48)
at com.visitek.test.pg.TestPGWebservice.testWebserviceSSLInvocation(TestPGWebservice.java:70)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:130)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <write ALERT, offset = 0, length = 2>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <close(): 19097823>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<!-------------------- RESPONSE TO CLIENT --------------->
URL : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Info> <WebService> <BEA-220025> <Handler weblogic.webservice.core.handler.ClientHandler threw an exception from its handleResponse method. The exception was:
javax.xml.rpc.JAXRPCException: java.io.EOFException: Response contained no data.> I'm a total stranger to this HTTPS & SSL thing & I've googled around only to find partial answers. My plan is to use custom identity, but firstly I want to make sure that using the default works.
Any help would be greatly appreciated.
Regards,
SetyaWhy does it throw SSLKeyException: SSL handshake failure? I have printed the contents of DemoIdentity.jks and DemoTrust.jks files.Can you please find out what I need to do for it?
I added the following code ,but it did not help me to resolve this issue.
private static void callSSLService() {
System.setProperty("weblogic.webservice.verbose", "false");
System.setProperty("ssl.debug", "false");
// System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoTrust.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
SOAP Fault:javax.xml.rpc.soap.SOAPFaultException:
Exception during processing: javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr-ccc.tsl.xxxx.com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure. (see Fault Detail for stacktrace)
Detail:
<detail><bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr- com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:832)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:238)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:63)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:237)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:243)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
I executed keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: demoidentity
Creation date: 21-Jan-2011
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=L020658, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: -657037958f4825551ebcae3bc2a3349c
Valid from: Thu Jan 20 09:56:28 PST 2011 until: Wed Jan 21 09:56:28 PST 2026
Certificate fingerprints:
MD5: 89:30:08:A6:5F:4F:05:83:D2:1D:B4:B3:EB:B3:CF:F2
SHA1: 1D:E1:1F:93:30:64:CD:DC:C4:60:78:12:23:55:25:FF:FD:19:6A:2B
I executed keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 4 entries
Alias name: certgenca
Creation date: 22-Mar-2002
Entry type: trustedCertEntry
Owner: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 33f10648fcde0deb4199921fd64537f4
Valid from: Thu Mar 21 12:12:27 PST 2002 until: Tue Mar 22 13:12:27 PDT 2022
Certificate fingerprints:
MD5: 8E:AB:55:50:A4:BC:06:F3:FE:C6:A9:72:1F:4F:D3:89
SHA1: E2:CB:88:9D:C5:09:F9:0A:AA:0D:3C:F6:75:7B:5F:1D:2B:A1:F7:F0
Alias name: wlsdemocanew2
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California,
C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:22 PST 2002 until: Mon Oct 16 13:02:22 PDT 2006
Certificate fingerprints:
MD5: 5B:10:D5:3C:C8:53:ED:75:43:58:BF:D5:E5:96:1A:CF
SHA1: 4E:FB:1D:2F:58:EA:D4:0C:FC:2A:86:91:2D:43:4F:C1:79:D0:A6:4E
Alias name: wlsdemocanew1
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=Californi
a, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:11 PST 2002 until: Mon Oct 16 13:02:11 PDT 2006
Certificate fingerprints:
MD5: A1:17:A1:73:9B:70:21:B9:72:85:4D:83:01:69:C8:37
SHA1: 84:13:A2:63:D6:74:75:3B:25:15:6F:62:8C:18:79:87:62:5B:9A:0C
Alias name: wlscertgencab
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 234b5559d1fa0f3ff5c82bdfed032a87
Valid from: Thu Oct 24 08:54:45 PDT 2002 until: Tue Oct 25 08:54:45 PDT 2022
Certificate fingerprints:
MD5: A2:18:4C:E0:1C:AB:82:A7:65:86:86:03:D0:B3:D8:FE
SHA1: F8:5D:49:A4:12:54:78:C7:BA:42:A7:14:3E:06:F5:1E:A0:D4:C6:59
******************************************* -
Problem in calling webservice using https from livecycle designer
I want to call a webservice written in .net(c#) using https from livecycle designer.I can call webservice using http ,but when i try with https it is failing.If there any special configuration have to do in server for this ?I have already put crossdomain in server.
Waiting for your reply
thank'sHow did you call from LC? Please help me out either one is fine to me http or https
Srujan -
OSB 10.3.1 : Calling externall MTOM webservice through HTTPS
Hi,
We have OSB process that calls MTOM webservice via Business Service. It's works fine over HTTP connection.
We secure the connection one-way ssl client, we imported public certificate to trusted keystore in wls.
The business service calls the webservice over https, the Webservice receive the streaming and generates file.
The problem is when the webservice returns result, the connection is froze and the wls where is the webservice generates this exception
Couldn't create SOAP message due to exception: org.jvnet.mimepull.MIMEParsingException: Missing start boundary
com.sun.xml.ws.protocol.soap.MessageCreationException: Couldn't create SOAP message due to exception: org.jvnet.mimepull.MIMEParsingException: Missing start boundary
at com.sun.xml.ws.encoding.SOAPBindingCodec.decode(SOAPBindingCodec.java:292)
at com.sun.xml.ws.transport.http.HttpAdapter.decodePacket(HttpAdapter.java:276)
at com.sun.xml.ws.transport.http.HttpAdapter.access$500(HttpAdapter.java:93)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:432)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:134)
at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:272)
at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:185)
at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:180)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3498)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: org.jvnet.mimepull.MIMEParsingException: Missing start boundary
at org.jvnet.mimepull.MIMEParser.skipPreamble(MIMEParser.java:290)
at org.jvnet.mimepull.MIMEParser.access$200(MIMEParser.java:62)
at org.jvnet.mimepull.MIMEParser$MIMEEventIterator.next(MIMEParser.java:130)
at org.jvnet.mimepull.MIMEParser$MIMEEventIterator.next(MIMEParser.java:117)
at org.jvnet.mimepull.MIMEMessage.makeProgress(MIMEMessage.java:186)
at org.jvnet.mimepull.MIMEMessage.parseAll(MIMEMessage.java:168)
at org.jvnet.mimepull.MIMEMessage.<init>(MIMEMessage.java:85)
at com.sun.xml.ws.encoding.MimeMultipartParser.<init>(MimeMultipartParser.java:88)
at com.sun.xml.ws.encoding.MimeCodec.decode(MimeCodec.java:180)
at com.sun.xml.ws.encoding.SOAPBindingCodec.decode(SOAPBindingCodec.java:279)
I tested over https the same webservice using java client WS (generated by jdeveloper) and that works fine.
Any idea
Thanks,
MarounResolved
The problem is coming from OSB it happens when Business Service invoke WS in HTTPS, BS sends twice the request the first one contains the right envelop and the second one contains in empty request.
The Oracle Support helped me to resolve the problem; we changed the QoS (Quality Of Service) to Exactly once
Maroun -
Problem in accessing webservice over https with auth cert enabled...Urgent
Hi All,
I am stuck in accessing webservices using ssl and auth certificate.
I am using jdk 6 and it is not any issue with the problem I am facing...
This is what I do...
I have a webservice deployed which is accessible over https.
On server, I run..
- to generate keystoye
keytool -genkey -alias tomcat-sv -dname "CN=<Server Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore
generate server certificate
keytool -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore
On client, i run..
To generate client keystore-
keytool -genkey -alias tomcat-cl -dname "CN=<Client Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore
To generate client certificate -
keytool -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore
Thne I import server's certificate into client keystore and Client's certificate to server's keystore by
import server's cer to client keystore -
keytool -import -v -trustcacerts -alias tomcat -file "C:\java\jdk1.6.0_10\bin\server.cer" -keystore client.keystore -keypass changeit -storepass changeit
inport client's cer to server keystore -
keytool -import -v -trustcacerts -alias tomcat -file "C:\jdk1.6.0_06\bin\client.cer" -keystore server.keystore -keypass changeit -storepass changeit
when i try to call webservices through a java client (which is called by a python script), I get error as
*"Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed"*
*"faultString: java.net.SocketException: Software caused connection abort: recv failed"*
complete log is as following
C:\apache-tomcat-6.0.10\webapps\webservice>tradereport.py
Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
INFO: details=before SSL change
Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
INFO: details=after SSL change
log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
log4j:WARN Please initialize the log4j system properly.
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1214213509 bytes = { 50, 7, 252, 244, 34, 192, 54, 190, 160, 197, 162, 65, 78, 3, 120, 182, 179, 199
, 160, 208, 223, 247, 41, 216, 188, 138, 228, 70 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_1
28_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA
_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
TH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 7873
*** ServerHello, TLSv1
RandomCookie: GMT: 1214213504 bytes = { 98, 89, 26, 148, 19, 15, 45, 155, 163, 196, 220, 193, 150, 127, 19, 44, 130, 16
5, 78, 243, 155, 34, 214, 123, 198, 89, 102, 15 }
Session ID: {72, 95, 110, 128, 129, 101, 2, 252, 120, 147, 235, 106, 51, 210, 236, 197, 28, 197, 154, 236, 116, 85, 185
, 177, 153, 9, 235, 160, 228, 124, 191, 206}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 1155910927093088021038703558200517321935975136532818479526927502986487608253029863427194046282623217778572406
007584457425344367852682875007488075549568987019062497769571000978532532156228707400592262495876461712276454493567147822
56749486566093981751121311864618619780132448329770352303648687445023336431685957
public exponent: 65537
Validity: [From: Mon Jun 23 14:17:18 GMT+05:30 2008,
To: Sun Sep 21 14:17:18 GMT+05:30 2008]
Issuer: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
SerialNumber: [ 485f6316]
Algorithm: [SHA1withRSA]
Signature:
0000: 48 05 F9 A9 89 C6 87 83 C4 02 C4 44 F4 7C A0 54 H..........D...T
0010: F6 9A 57 69 F0 DB 37 79 FD 8F 90 E9 8F 3E C2 DB ..Wi..7y.....>..
0020: 9F D7 CC 15 28 0A 73 80 0A DC D0 7F EC 1C EE BD ....(.s.........
0030: 23 EF E7 28 79 F3 7F C7 CC 7D A6 C6 F7 59 9A 17 #..(y........Y..
0040: 73 ED 8B FF 6A 76 7F F7 4F 97 48 DF 23 A6 4C 42 s...jv..O.H.#.LB
0050: B2 B4 5C 00 D0 77 88 12 F4 97 4E 66 7C EE F0 66 ..\..w....Nf...f
0060: E6 95 8C B1 58 BF C5 E8 B5 64 A3 D5 5E EA 07 02 ....X....d..^...
0070: FE 3D 63 7F F4 0B DC 86 66 B7 4B 4F 0C 1C 69 0F .=c.....f.KO..i.
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
<CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
<[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte
Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
L=Cape Town, ST=Western Cape, C=ZA>
<CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
<CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by
ref. (limits liab.), O=Entrust.net>
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
<CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. b
y ref. (limits liab.), O=Entrust.net, C=US>
<CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
<[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consu
lting cc, L=Cape Town, ST=Western Cape, C=ZA>
<CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS i
ncorp. by ref. limits liab., O=Entrust.net, C=US>
<CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<[email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCe
rt, Inc.", L=ValiCert Validation Network>
<CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
<OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
<OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
<CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
<CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
<CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incor
p. by ref. (limits liab.), O=Entrust.net>
<OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
<[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte C
onsulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consu
lting, L=Cape Town, ST=Western Cape, C=ZA>
<CN=Client, OU=X, O=Y, L=Z, ST=XY, C=YZ>
<CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=Sonera Class1 CA, O=Sonera, C=FI>
<OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
<CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake Cit
y, ST=UT, C=US>
<CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
<CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by
ref. (limits liab.), O=Entrust.net>
<CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=Sonera Class2 CA, O=Sonera, C=FI>
<CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
*** ServerHelloDone
*** Certificate chain
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 141
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 E5 87 BC 2A E8 70 60 BA DE FA BB 42 2D 1E .....*.p`....B-.
0010: 3D 21 DB 52 A7 6C FC 55 9F 77 3A 97 B5 33 F7 33 =!.R.l.U.w:..3.3
0020: 2A FD 65 5A 78 CE 1F F4 63 29 15 D1 48 4C 46 7A *.eZx...c)..HLFz
CONNECTION KEYGEN:
Client Nonce:
0000: 48 5F 6E 85 32 07 FC F4 22 C0 36 BE A0 C5 A2 41 H_n.2...".6....A
0010: 4E 03 78 B6 B3 C7 A0 D0 DF F7 29 D8 BC 8A E4 46 N.x.......)....F
Server Nonce:
0000: 48 5F 6E 80 62 59 1A 94 13 0F 2D 9B A3 C4 DC C1 H_n.bY....-.....
0010: 96 7F 13 2C 82 A5 4E F3 9B 22 D6 7B C6 59 66 0F ...,..N.."...Yf.
Master Secret:
0000: 98 D5 9E C0 97 14 DB 9F 0E 3B 15 6B 1E F8 06 2C .........;.k...,
0010: 27 99 A4 69 B8 E4 16 03 BD 89 B9 D0 CB C5 C9 DF '..i............
0020: AE 4B 16 56 56 B2 02 F8 E0 71 1D D8 04 05 11 BF .K.VV....q......
Client MAC write Secret:
0000: 6F B7 22 74 D6 1E 44 16 C5 CB CE CE 8E 0F 46 E1 o."t..D.......F.
Server MAC write Secret:
0000: F8 DA 34 1A 53 55 E0 6D 50 25 3E 7F E5 69 91 51 ..4.SU.mP%>..i.Q
Client write key:
0000: F7 05 6E 10 62 0C AE 4A BC 96 E2 25 BA BC 46 BD ..n.b..J...%..F.
Server write key:
0000: E2 7D 11 FF 4A F3 C5 4F 94 9D 5C 57 71 5A 16 D1 ....J..O..\WqZ..
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 216, 54, 180, 236, 72, 70, 181, 20, 31, 128, 165, 12 }
main, WRITE: TLSv1 Handshake, length = 32
main, waiting for close_notify or alert: state 1
main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
INFO: details=Exception occured while calling Login service in callLoginWebService
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: Software caused connection abort: recv failed
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
{http://xml.apache.org/axis/}hostname:anuj
java.net.SocketException: Software caused connection abort: recv failed
at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
Caused by: java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
... 12 more
Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
INFO: details=Login response is null, login was not successful
Login was unsuccessful
*In apache's server.xml, My webservice is deployed as*
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
acceptCount="10" debug="0"
protocol="HTTP/1.1" SSLEnabled="true" secure="true"
maxThreads="150" scheme="https"
keystoreFile="lib/server.keystore"
keystorePass="changeit" clientAuth="true"
>
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
protocol="TLS"/>
</Connector>
Please note clientAuth="true" parameter,
when I set it to false, My test runs smoothly and no exception/issue is reported
Not to forget, my javaclient has following lines too..
//System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
//System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
//System.setProperty("javax.net.ssl.trustStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
//System.setProperty("java.protocol.handler.pkgs" , "com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.ssl.trustStore","C:\\java\\jdk1.6.0_10\\bin\\client.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","changeit");
//System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix" , "true");
//System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\bin\\server.keystore");
//System.setProperty("javax.net.ssl.keyStorePassword","changeit");
System.setProperty("javax.net.debug", "ssl");
s_log.info("after SSL change");
I tried all possible combinbations of these properties but nothing worked...
Please let me know if I am missing any required step.. here
Ask me if you want to know more details about my problem.
This is very urgent and critical.. Many thanks in advance.Hi ejp,
thanks for your reply. I did read your post in other thread that you pointed.
I had searched quite a lot on this issue and had idea that it might be due to firewall settings..
but sadly, I don't know the solution. Well, you have seen the entire code that I wrote and exception too, Could you suggest me a way out? or any specific firewall setting or a workaround?
Please let me know if you need any other info from my side regarding the code.
Thanks a Ton!
Anuj -
HTTP(S) Timeout while invoking WebService over HTTPS.
Hello,
I have some stress with my webservice client implementation.
I do the following (I can post source code if needed):
- As usual:
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- Install my TrustManager
- Install my DefaultHostnameVerifier
- Register a custom type
- Make a javax.xml.rpc.Call to access a webservice
My observations:
The code works well when using an HTTP URL, just changing the target URL to HTTPS causes the problem.
The HTTPS web service (on server) works well seeing a HTTPS client using the weblogic SSL implementation, or an AXIS client can easily connect.
When I use a simple and direct "Open HttpsURLConnection on URL("https://xxx.service?WSDL"); print-out-all-that's-coming-in", it works well. I think my SSL access is made correctly.
The client does not complain about not-installed SSL things, all certificates are accepted, etc. No problem at this part.
System.setProperty("javax.net.debug", "all") is set, but i dont see anything of interrest.
I use the packages contained in 'java_xml_pack-summer-02_01' of SUN (jaxm-1.1_01, jaxp-1.2_01,jaxr-1.0_02 etc and the jsse 1.0.3).
The server is weblogic 7.
Calling
call.setTargetEndpointAddress("http://arakis:7001/traces_ws/searchCertificate");
works well while
call.setTargetEndpointAddress("https://arakis:7002/traces_ws/searchCertificate");
causes (after 2 minutes):
HTTP transport error: java.net.SocketException: Unexpected end of file from server
at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTransport.java:189)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:73)
at com.sun.xml.rpc.client.dii.CallInvokerImpl.doInvoke(CallInvokerImpl.java:54)
at com.sun.xml.rpc.client.dii.BasicCall.invoke(BasicCall.java:279)
at SSLSOAPClient.main(SSLSOAPClient.java:264)
CAUSE:
java.net.SocketException: Unexpected end of file from server
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:699)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:604)
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:697)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:604)
at com.sun.xml.rpc.client.http.handler.HttpURLConnection.getInputStream(HttpURLConnection.java:543)
at com.sun.xml.rpc.client.http.handler.HttpURLConnection.getResponseCode(HttpURLConnection.java:920)
at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTransport.java:123)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:73)
at com.sun.xml.rpc.client.dii.CallInvokerImpl.doInvoke(CallInvokerImpl.java:54)
at com.sun.xml.rpc.client.dii.BasicCall.invoke(BasicCall.java:279)
at SSLSOAPClient.main(SSLSOAPClient.java:264)
Exception in thread "main"
What I note is that the call is using a HttpURLConnection object and NOT a HttpsURLConnection object (so problems are 'normal' i guess), but I dont have any clue what I have to do to instruct the client to use HTTPS other than specifying HTTPS in the target.
Hope someone has an idea
TashaHello,
The default timeout in Axis is 60 seconds, you can change it by your client code, and you can still keep the session to call many times
((org.apache.axis.client.Stub)service).setMaintainSession(true); //keep session
((org.apache.axis.client.Stub)service).setTimeout(60*1000*30); //half hour
Lixin -
Error when invoking webservice on https (unable to find valid certification
I have a webservice which run on https..
When I made a simple test (jsp) page on my local computer all works fine (jdeveloper 10g) ..
When I deploy the ear file to remote oc4j and run the test page I get the error:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
My test page is just simple jsp page with some system parameters like this:
================
String dir = request.getRealPath("/cert");
System.getProperties().put("javax.net.ssl.keyStore", dir + "/adriatic.p12");
System.getProperties().put("javax.net.ssl.keyStorePassword", "as-p4ss");
System.getProperties().put("javax.net.ssl.keyStoreType", "PKCS12");
System.getProperties().put("javax.net.ssl.trustStore", dir + "/service.megapos.si.jks");
System.getProperties().put("javax.net.ssl.trustStorePassword", "megapos");
System.getProperties().put("javax.net.ssl.trustStoreType", "JKS");
================
why this works on windows and doesn't work on linux?
All paths to my certificare and truststore are correct.
On my local pc (windows) there is a Jdeveloper Oc4j version (10.1.2.0.2) and works fine
On linux there is a oc4j version 10.1.3.4.0 and doesn't work..
thank you for any helpPeter,
Apparently the linux jdk/jre doesn't have the ability to validate the certificate being used.
I dunno if [url http://www.java-samples.com/showtutorial.php?tutorialid=210]this might help you?
John -
Webservice with HTTPS in PI 7.1
Hello,
I am doing a scenario where the an sender application will publish the data to webservice at PI. It will use HTTPS without client authantication. I generated the WSDL from the sender agrrement and tried testing the interface using Altova. Though the URL seems correct (tested it by putting in IE), while sending SOAP request through HTTPS, I am getting an error "SOAP data cannot be sent". Any possible reason for this behaviour? I have tested the configuration in IB and it is fine.
Thanks
TusharHi,
Do you have Microsoft Infopath 2007(Bundled in Office Package),
it can also be used to check your SOAP scenario(Sender).
regards
Dragon -
Error in Webservice Call HTTP error (return code 404, message conn failed)
Hi
We wish to call a standard EP7 webservice through ABAP.
When we try to create consumer proxy , we get the following error.
HTTP error (return code 404, message "conn failed")
Message no. SPRX090
==> Display Error Document
If you want to generate a proxy for an external WSDL document by specifying a URL, check that the proxy settings of the system are correct (transaction SICF - Client - Proxy Settings). If you want to generate a proxy for an XI Repository object, check the connection to the Enterprise Services Builder as follows:
Check List for Setting Up a Connection to the Service Repository
1. The address of the Enterprise Services Repository must be known in the SAP system
Check with report SPROX_CHECK_IFR_ADDRESS
The address is taken from the following parameters in the exchange profile ('Connections' section):
com.sap.aii.connect.repository.name: Server (for example,pwdf0436)
com.sap.aii.connect.repository.httpport: Port (for example, 1080)
com.sap.aii.connect.repository.contextroot: Root (for example,rep)
The logon data is also read from the exchange profile ('ApplicationSystem' section):
com.sap.aii.applicationsystem.serviceuser.name: User
com.sap.aii.applicationsystem.serviceuser.pwd: Password
As an alternative to using the exchange profile, you can maintain the RFC destination SAP_PROXY_ESR. If this RFC destination is maintained it will be used by the proxy generation in place of data from the exchange profile to access the Service Repository. In this case, the Exchange Profile will even not be read.
The RFC destination has to be set up using transaction SM59 and should look like this:
RFC Destination: SAP_PROXY_ESR
Connection Type: G (HTTP Connection to External Serv)
Description1: ESR for Proxy Generation
Target Host: esr_host
Service No: 1080
Path Prefix: rep
Logon and Security:
Basic Authentication: active
User: esr_user
Password: esr_password
2. The HTTP Framework of the Web Application Server must function
Check with report SPROX_CHECK_HTTP_COMMUNICATION
If necessary, contact your system administrator. Please be aware of the fact, that the HTTP framework is depending on the application server. Thus the result of the report may differ for different application servers.
3. Proxy generation must interpret the data of the Enterprise Services Repository correctly
Check with report SPROX_CHECK_IFR_RESPONSE
you can also login in dev and go to Xn se91
enter msg id SPRX and msg no 090
select the message and click on long text..
you get the same message in a formatted manner..
How to get rid of this ?
Regards
RajendraHi
we have given the correct path as we have tested the webserive from
other technology (.net) by providing the same path.
regards
Rajendra -
RFC-to-SOAP webservice using HTTPS
Hi experts,
I have a RFC-to-SOAP (sync) and the URL of the webservice is using HTTPS. I'm not the owner of the webservice.
Encountered these errors
- for sender comm :
com.sap.aii.af.ra.ms.api.DeliveryException: Peer sent alert: Alert Fatal: illegal parameter
- receiver comm :
Message processing failed. Cause: com.sap.aii.af.ra.ms.api.RecoverableException: Peer sent alert: Alert Fatal: illegal parameter: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: illegal parameter
We are not using certificate authentication so I don't think that's the cause.
Have checked that the https is running ok for ABAP but I don't think that got anything to do with the errors. Is there something wrong with SSL setting for J2EE? If yes, how may I check?
Are there some parameters to be set up? In the RFC sender comm & SOAP receiver comm, I do not find any special settings for https.
I have read this link : http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm. Is it necessary to set the Exchange Profile Parameters? My BASIS colleague is now checking it.
Thanks for reading and will appreciate any advice!Thanks Prateek for the quick reply!
Re HTTPS certificate, do you mean the cert for my XI server or the cert from the web service?
I have tested calling the web service using SOAPUI and it works fine without using the cert given by the web service (which is expired anyway)... -
SOAP Adapter: Content Type Issue in WebServices via HTTP
Hi,
I have configured a Receiver SOAP adapter. When i had to test the message i had an HTTP 415 error.
i found that the sender SOAP adpater that received this message is not capable of handling Content-Type: Application/XML i.e. which is being transmitted by the Receiver SOAP Adapter.
Please let me know how to configure in the Receiver SOAP adapter so that the HTTP Content-Type would be TEXT/XML instead of Application/XML .
Thanks in Advance,
VenkateshHi Michal,
I have created a Web service for a RFC function Module. The webservice is available in SOAMANAGER.
It got activated also . But whenever I tried to test, I am getting the below error,
"Message Envelope not found. Probably Empty SOAP message"
Request:
POST /sap/bc/srt/rfc/sap/yotci_i015_linkp8sap/100/yotci_i015_linkp8sap/yotci_i015_linkp8sap HTTP/1.1
Host: sapkrftewd01.krft.net:8030
Content-Type: text/xml; charset=UTF-8
Connection: close
Authorization: <value is hidden>
Content-Length: 657
SOAPAction: ""
<?xml version="1.0" encoding="UTF-8" ?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema"><SOAP-ENV:Header><sapsess:Session xmlns:sapsess="http://www.sap.com/webas/630/soap/features/session/"><enableSession>true</enableSession></sapsess:Session></SOAP-ENV:Header><SOAP-ENV:Body><ns1:YotciI015Linkp8sap xmlns:ns1='urn:sap-com:document:sap:soap:functions:mc-style'><IvParam1>POD</IvParam1><IvParam2>00006095</IvParam2><IvParam3>01/14/2009</IvParam3><IvParam4>PDF</IvParam4></ns1:YotciI015Linkp8sap></SOAP-ENV:Body></SOAP-ENV:Envelope>
Response:
HTTP/1.1 500 Message E 1S 406 cannot be processed in plugin mode HTTP
content-type: text/xml; charset=utf-8
content-length: 0
accept: text/xml
sap-srt_id: 20090224/141936/v1.00_final_6.40/49A4677A2D0736EDE10000000A3597E9
server: SAP Web Application Server (1.0;700)
Is this because of "do not use SOAP envelope" check?
I didn't check this check box.
If that is the error could you please tell me how to see the "do not use SOAP envelope"?
Where can I find SOAP channel?
I am very new to SOAP concept.
One JAVA application is going to invoke this Webservice from SAP.
Please help me.
Thanks,
Bala. -
Webservice with HTTP authentication
Hi,
how do i supply the userid an password for a http authenticated webservice. I already choose the option for http authentication on the security tab on the logical port.
Alos tried to find it in the Visual Admin to the server but i am stuck.
Greetings Danny.There are two ways to do this
<b>Option 1: Hard code the Username/Password</b>
For this, use the method _setUser and _setPassword.
These are methods for your model class Request_<WebService>_PortType.... (the model class for the webservice). I invoked these methods in the wdDoInit method of the component controller class.
For example, i imported the WSDL for the RFC SXMB_GET_MESSAGE_LIST and used it like this:
Request_SXMB_GET_MESSAGE_LISTPortType_SXMB_GET_MESSAGE_LIST oRequest =
new Request_SXMB_GET_MESSAGE_LISTPortType_SXMB_GET_MESSAGE_LIST();
oRequest._setUser("bcuser");
oRequest._setPassword("password");
<b>Option 2: Use HTTP Destinations</b>
Open Visual Administrator and goto node Services, Destination Service. Create a HTTP destination with the URL of the webservice, maybe choose basic authentication and give the username / password. Now, you could use this HTTP destination in the component controller class. Even though there is a method _setHTTPDestinationName, this did not work for me. I had to write the following code to retrieve the URL, username, password from the HTTP destination
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import java.net.HttpURLConnection;
InitialContext ctx ;
Object obj;
DestinationService dstService;
Destination destination;
HTTPDestination httpDestination ;
HttpURLConnection httpurlconnection = null;
Properties destprop = null;
String url = "";
String username = "";
String password = "";
ctx = new InitialContext();
obj = ctx.lookup(DestinationService.JNDI_KEY);
dstService = (DestinationService) obj;
destination = dstService.getDestination("HTTP","NC_IS");
destprop = destination.getDestinationProperties();
httpDestination = (HTTPDestination) destination;
url = httpDestination.getUrl();
username = destprop.getProperty("USERNAME");
password = destprop.getProperty("PASSWORD");
(I know the java code sucks and the purists will hang me; nevertheless it works)
Besides the code, you need to do the following as well:
(1) In the Package explorer, select your project, right click, cick on "Set Additional Libraries.."
(2) Select security.class and tc/sec/destinations/interface
(3) Click on menu Project > Properties, goto Webdynpro refereces node in the tree and add the following
(a) Interface References: tcsecdestinations~interface
(b) Service References: tcsecdestinations~service
All the best, try option 1 first before you embark on the second one.
Regards, Parag. -
Generating Webservice using HTTPS in XI.
Hi Experts,
I have generated webservice in XI using http , and i have tested using infopath soap client, its working fine. I have generated webservice in XI using htpps using the same scenario, when i am testing using infopath as soap client and tested, its giving error, request is not hitting the XI system at all. do i need to configure any certificate in infopath or in XI server, please can anyone advice. i have configured HPPTS without client authentication in SOAP adapter.
Thanks,
DhanushHi Experts,
I am not able to get exact answer after reading the sap.help.com, sap notes.
My scenario is RFC < ---> SOAP ( webservice) , i have generated webservice with the HTTPS and secured port of XI, When i copy and past in IE browser, its showing status is OK, but request is not hitting the XI system. what are things to be taken care at soap client and XI server side, do i need to install any certificats at client side or server side. please advice me.
Thanks,
Siva -
Is it possible to call a SOAP webservice using HTTP POST adapter
Hello Experts,
Is it possible to call a webservice using a HTTP adapter with POST method? If yes, how?
Regards,
DipteeNo this will not work since you have additional SOAP information (i.e. SOAP envelope, security information) in addition to the payload. If you need a simple HTTP-Post for example, then you don't need SOAP, you can use the more simple http protocol without the additional features of SOAP.
Also refer to this link for differences: Difference b/w SOAP and HTTP
Maybe you are looking for
-
2lis_02_scl extract records with wrong posting date for Good Receipts.
Hi Experts, We are currently having issue of mismatch between BW Schedule Line data with R/3 values for the Goods Receipts posting date updating incorrectly in to BW. Example. In table EKBE purchase order history we have following records. MANDT EBEL
-
Sometimes they are there when I reopen my iPad, even without Internet access. Other times I get the message that the page can't be found because I don't have Internet access.
-
Hi All. I have a query here w.r.t snowflake dim in OBIEE I have a Fact table and 3 dimension tables The joins are something like this DimB --> Fact A Dim C --> Fact A Dim D -->Dim B here Dim B is snowflake to Dim D In physical layer we have joins thi
-
[exec] ORA-12705: Cannot access NLS data files or invalid environment specified
Hi all, We have an app running ok on WinXP, But if run on Win7 it gets error: [exec] Caused by: java.sql.SQLException: ORA-00604: error occurred at recur sive SQL level 1 [exec] ORA-12705: Cannot access NLS data files or invalid environment
-
Updating Lightswitch Apps to Target Framework 4.6
When Framework 4.6 launches will we be able to upgrade or migrate our projects to target dotNET framework 4.6 or will we need to rebuild our solutions?