aspose file tools*
The moose likes BEA/Weblogic and the fly likes What do I do about SSLExceptions? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "What do I do about SSLExceptions?" Watch "What do I do about SSLExceptions?" New topic
Author

What do I do about SSLExceptions?

Dave Alvarado
Ranch Hand

Joined: Jul 02, 2008
Posts: 436
Hi,

I'm using WebLogic 9.2.2 on Solaris and trying to connect to an EJB service from my client using https. While I have confirmed the EJB is running on the remote machine, upon trying to connect from the WebLogic container, I get the exception

javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from orma4 - 147.191.71.16 was not trusted causing SSL handshake failure.

(complete stack trace below). How do I begin to debug this problem? What do I need to configure on the remote machine in order to make the secure connection successfully?

Thanks, - Dave



weblogic.application.ModuleException: [HTTP:101216]Servlet: "HistoryInitServlet" failed to preload on startup in Web application: "nps_history_gui.war".

Error: Client Delegate Exception in queryApplicationConfig Error: Error: Exception while creating the Initial Context for URL=t3s://orma3:7020,orma4:7020. The Exception is:Error: Exception while creating the Initial Context. The Exception is:javax.naming.CommunicationException [Root exception is java.net.ConnectException: t3s://orma3,orma4:7020: Destination unreachable; nested exception is:

javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from orma4 - 147.191.71.16 was not trusted causing SSL handshake failure.; No available router to destination]Error: Error: Exception while creating the Initial Context for URL=t3s://orma3:7020,orma4:7020. The Exception is:Error: Exception while creating the Initial Context. The Exception is:javax.naming.CommunicationException [Root exception is java.net.ConnectException: t3s://orma3,orma4:7020: Destination unreachable; nested exception is:

javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from orma4 - 147.191.71.16 was not trusted causing SSL handshake failure.; No available router to destination]

at com.comcast.nps.config.client.NPSConfigClientDelegate.queryApplicationConfig(NPSConfigClientDelegate.java:209)

at com.comcast.nps_history.utils.NPSHistoryUIPropertiesMgr.readParameters(NPSHistoryUIPropertiesMgr.java:31)

at com.comcast.nps_history.utils.NPSHistoryUIPropertiesMgr.<init>(NPSHistoryUIPropertiesMgr.java:23)

at com.comcast.nps_history.utils.NPSHistoryUIPropertiesMgr.getInstance(NPSHistoryUIPropertiesMgr.java:78)

at com.comcast.nps_history.servlets.HistoryInitServlet.init(HistoryInitServlet.java:18)

at javax.servlet.GenericServlet.init(GenericServlet.java:256)

at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:278)

at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)

at weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecurityHelper.java:64)

at weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubLifecycleHelper.java:58)

at weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHelper.java:48)

at weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:507)

at weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:1715)

at weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(WebAppServletContext.java:1692)

at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1612)

at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:2750)

at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:889)

at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:333)

at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)

at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)

at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)

at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)

at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:117)

at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)

at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)

at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)

at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:26)

at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:635)

at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)

at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)

at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:154)

at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:80)

at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:566)

at weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:136)

at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:104)

at weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:320)

at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:815)

at weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1222)

at weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:433)

at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:161)

at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:181)

at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:12)

at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:67)

at weblogic.work.ServerWorkManagerImpl$WorkAdapterImpl.run(ServerWorkManagerImpl.java:518)

at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)

at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 8927
    
    9

Do you have an SSL certificate set up? There's hints for debugging SSL on that page too.


"blabbing like a narcissistic fool with a superiority complex" ~ N.A.
[How To Ask Questions On JavaRanch]
Nate Davidoff
Greenhorn

Joined: Jan 25, 2011
Posts: 1
Dave,

Make sure the parameters you are passing like https, host, port, query string in your client method match the certificate that you have installed on your server. During the initial attempt to connect and create the ssl connection there is a handshake between the server and client where your SSL cert. public keys are exchanged and then verified by passing the data encrypted with the public key and then the data is decrypted with your clients or server's private key. If during the initial hanshake when this connection is being established one of the sides does not have a valid cert configured this will fail. Also note a secure random number is passed during the sllcontext.init() before a socket is created, this is created by default if one is not passed but sometimes creates a delay in the sll connection on the server side if it wasn't configured..

When debugging anything you can start with checking the top of your stacktrace for exceptions and then googling what those exceptions mean. Also try to follow the code through the stack trace to see if any assumptions that you have made about variables being set or null are not false. Check that all of your database and server connections are setup correctly and the keystore and certificates are correctly installed. Try putting print statements in likely places where the code is failing to pinpoint the exact place that the code generates the exception. Although the stacktrace also usually provides line numbers if these are not hitting in the wrong spots they can be helpful.

Good luck.

-Nate


Citi FMS Operations & Management
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: What do I do about SSLExceptions?