why handshake failure

[Yan Zhou]

Hi,

I tried to use WebLogic's SSL implementation (by following BEA's doc.) for
client to invoke a secure web service on a weblogic server. There is Apache
server in front of the weblogic cluster and the communication between apache
and weblogic server is HTTP (not HTTPS).

I got the following error on my client. (I am running Weblogic 8.1) I am not
sure what security parameters it is talking about...

Any suggestions?
Thanks.

Yan

<bea_fault:stacktrace
xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">
</bea_fault:stacktrace>javax.net.ssl.SSLHandshakeException: FATAL
Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an
acceptable set of security parameters.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown
Source)
at
com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertReceived(Unknown
Source)
at com.certicom.tls.record.alert.AlertHandler.handle(Unknown Source)
at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown
Source)
at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown
Source)
at
com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.net.ssl.HttpsClient.doHandshake(Unknown Source)
at com.certicom.net.ssl.internal.HttpURLConnection.getInputStream(Unknown
Source)
at java.net.HttpURLConnection.getResponseCode(Unknown Source)
at
weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientB
inding.java:214)
at
weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.
java:63)
at
weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.ja
va:184)
at
weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:214)
at
weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:131
)
at
weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:439)
at
weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:425)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:275)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:250)

[Srini Karlrekar]

Hi, I am running into a similar issue and getting the Handshake failure exception.
I am using the following system properties

java.protocol.handler.pkgs=com.certicom.net.ssl
weblogic.webservice.client.ssl.adapterclass=weblogic.webservice.client.JSSEAdapter
weblogic.webservice.client.ssl.strictcertchecking=false
weblogic.security.SSL.ignoreHostnameVerification=true

Any pointers in the right direction will be appreciated.

The exception is as follows:

javax.net.ssl.SSLHandshakeException: FATAL Alert:HANDSHAKE_FAILURE - The handsha
ke handler was unable to negotiate an acceptable set of security parameters.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknow
n Source)

at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknow
n Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMes
sage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMes
sages(Unknown Source)

at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(U