Pavel.
when running my java client(JMS publisher)to connect weblogic server i'm giving the commnad line option Dweblogic.security.SSL.hostnameVerifier=myHostNameVerifier
but i'm getting the following error.
<NEW ALERT: com.certicom.tls.record.alert.Alert@b1074a Severity: 2 Type: 42
java.lang.Exception: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:216)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
at java.io.DataOutputStream.flush(DataOutputStream.java:101)
at weblogic.rjvm.t3.T3JVMConnection.connect(T3JVMConnection.java:262)
at weblogic.rjvm.t3.T3SJVMConnection.createConnection(T3SJVMConnection.java:83)
at weblogic.rjvm.Protocol.createConnection(Protocol.java:231)
at weblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.java:1192)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:347)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:279)
at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:217)
at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:175)
at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:196)
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:162)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:262)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:323)
at weblogic.jndi.Environment.getContext(Environment.java:154)
at weblogic.jndi.Environment.getInitialContext(Environment.java:137)
at TopicSend.getInitialContext(TopicSend.java:217)
at TopicSend.main(TopicSend.java:126)
>
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
at java.io.DataOutputStream.flush(DataOutputStream.java:101)
at weblogic.rjvm.t3.T3JVMConnection.connect(T3JVMConnection.java:262)
at weblogic.rjvm.t3.T3SJVMConnection.createConnection(T3SJVMConnection.java:83)
at weblogic.rjvm.Protocol.createConnection(Protocol.java:231)
at weblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.java:1192)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:347)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:279)
at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:217)
at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:175)
at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:196)
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:162)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:262)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:323)
at weblogic.jndi.Environment.getContext(Environment.java:154)
at weblogic.jndi.Environment.getInitialContext(Environment.java:137)
at TopicSend.getInitialContext(TopicSend.java:217)
at TopicSend.main(TopicSend.java:126)
Any inputs to this????
Thanks
shiv
Pavel.
The java client work perfectly with -Dweblogic.security.SSL.ignoreHostnameVerify=true.
It is failing when performing hostname validation.
I tried with the following command too.
java -cp C:\bea\weblogic700\server\lib\weblogic.jar -Dweblogic.security.SSL.HostnameVerifier=myHostNameVerifier -Dweblogic.security.SSL.trustedCAKeyStore=C:\bea\weblogic700\server\lib\cacerts -Dweblogic.security.TrustKey
Store=DemoTrust -Dssl.debug=true -Dssl.debug=true -Dweblogic.StdoutDebugEnabled=
true weblogic.Admin -url t3s://nt20884:7002 -username system -password weblogic PING 5
But the error in the both the case ( Java Client and PING )are same
Here I'm attaching the Traces (Partial )
<Jan 4, 2004 10:35:04 AM GMT+05:30> <Debug> <TLS> <000000> <clientInfo has old style certificate and key>
<Jan 4, 2004 10:35:04 AM GMT+05:30> <Debug> <TLS> <000000> <client identity added>
<Jan 4, 2004 10:35:04 AM GMT+05:30> <Debug> <TLS> <000000> <Adding legacy expected name>
<Jan 4, 2004 10:35:04 AM GMT+05:30> <Debug> <TLS> <000000> <clientInfo settings applied>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <Filtering JSSE SSLSocket>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.addContext(ctx): 902782>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable INITIALIZED>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLSocket will NOT be Muxing>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLIOContextTable.findContext(is): 6460907>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <write SSL_20_RECORD>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <2550265 readRecord()>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <2550265 received HANDSHAKE>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: ServerHello>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: false>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivated: false>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <2550265 readRecord()>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <2550265 received HANDSHAKE>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: Certificate>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <performing hostname validation checks: nt20884.xxxxxxx.com>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <Server Certificate SubjectDN CommonName received (weblogic.bea.com) does not match Server hostname (nt20884.xxxxxxx.com)>
<Jan 4, 2004 10:35:05 AM GMT+05:30> <Debug> <TLS> <000000> <NEW ALERT: com.certicom.tls.record.alert.Alert@49b290 Severity: 2 Type: 42
Thanks
Shiv
Pavel.