[weblogic@prg-dev sslclient]$ java -Dweblogic.security.SSL.hostnameVerifier=examples.security.sslclient.NulledHostnameVerifier
examples.security.sslclient.SSLClient wls www.handspring.com 80 443 /images/pixel.gif
----
JDK Protocol Handlers and Security Providers:
java.protocol.handler.pkgs - weblogic.net
provider[0] - SUN - SUN (DSA key/parameter generation; DSA signing; SHA-1,
MD5 digests; SecureRandom; X.509 certificates; JKS keystore)
provider[1] - SunJSSE - Sun JSSE provider(implements RSA Signatures, PKCS12,
SunX509 key/trust factories, SSLv3, TLSv1)
provider[2] - SunRsaSign - SUN's provider for RSA signatures
WLS client classes -
http://www.handspring.com:80/images/pixel.gif
200 -- OK
sun.awt.image.URLImageSource
https://www.handspring.com:443/images/pixel.gif
Nonexportable ciphersuite requestedjava.io.IOException: Nonexportable ciphersuite
requested
at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:336)
at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:217)
at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:170)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:45)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:134)
at weblogic.net.http.HttpClient.<init>(HttpClient.java:85)
at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:34)
at weblogic.net.http.HttpClient.New(HttpClient.java:119)
at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:97)
at examples.security.sslclient.SSLClient.tryConnection(SSLClient.java:157)
at examples.security.sslclient.SSLClient.wlsURLConnect(SSLClient.java:279)
at examples.security.sslclient.SSLClient.main(SSLClient.java:104)
Looks like JSSE is defaulting to mandatory 128 bit strong encryption while your
WLS server doesn't have strong encryption
enabled (this requires a separate license in WLS 6.0 and a
separate distribution in WLS 5.1)
You'll probably have to go through the process of generating
an export-strength key pair for your JSSE example (use keytool)
- alternativly upgrade to the 128 bit version of WLS.
Rory Chisholm
I've been able to use the JSSE previously, but I'd really like to use the Weblogic
libraries as JSSE has a "feature" that requires 15-30 seconds to initialize the
Random number seeder. This is not an acceptable level of performance for us. I
was able to install my own seeder to use with JSSE, but I consider it a major
hack. That is why I wish to use the "cleaner" Weblogic libraries.
Rich
thx.