Logs from the IBM HTTP Server shows 'mod_ibm_ssl: SSL Handshake Failed, I/O error
during handshake.'
What could be the problem ???
Below are the details obtained from -Dssl.debug :
Dec 22, 2003 4:17:53 PM SGT Debug TLS Weblogic license
allows domestic
Dec 22, 2003 4:17:54 PM SGT Debug TLS clientInfo settings
applied
Dec 22, 2003 4:17:54 PM SGT Debug TLS Filtering JSSE
SSLSocket
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLIOContextTable.addContext(ctx):
3331057
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLSocket will
be Muxing
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLIOContextTable.findContext(is):
7905855
Dec 22, 2003 4:17:54 PM SGT Debug TLS write SSL_20_RECORD
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLFilter.isActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS isMuxerActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLFilter.isActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS 804797 readRecord()
Dec 22, 2003 4:17:54 PM SGT Debug TLS 804797 received
HANDSHAKE
Dec 22, 2003 4:17:54 PM SGT Debug TLS HANDSHAKEMESSAGE:
ServerHello
Dec 22, 2003 4:17:54 PM SGT Debug TLS HANDSHAKEMESSAGE:
Certificate
Dec 22, 2003 4:17:54 PM SGT Debug TLS performing hostname
validation checks: s01secsvr
Dec 22, 2003 4:17:54 PM SGT Debug TLS validationCallback:
validateErr = 0
Dec 22, 2003 4:17:54 PM SGT Debug TLS cert[0] = [
[
Version: V3
Subject: CN=s01secsvr,
O=DBS, C=SG
Signature Algorithm:
MD5withRSA, OID = 1.2.840.113549.1.1.
4
Key: com.sun.rsajca.JSA_RSAPublicKey@39cd2a
Validity: [From:
Wed Dec 10 11:31:32 SGT 2003,
To: Fri Dec 10 11:31:32 SGT 2004]
Issuer: CN=s01secsvr,
O=DBS, C=SG
SerialNumber:
[ 3fd7e514 ]
]
Algorithm: [MD5withRSA]
Signature:
0000: 7A DC CC
9F 16 CA A1 1C B6 3F EE 0B A6 DA 9E 70 z..
......?.....p
0010: FA 52 F8
69 EA 4C E1 D5 2D 1B 6A A0 08 3D F5 C3 .R.
i.L..-.j..=..
0020: 0D 17 64
13 32 6E 2B FF 41 B5 27 27 88 D0 92 9B ..d
.2n+.A.''....
0030: 04 81 89
C1 10 E6 F0 3D BF F3 0C FA CE FC 3B FC ...
....=......;.
0040: 7D 8A 1D
61 D9 EF 9A 4C 49 F5 4E 85 3D C0 17 F3 ...
a...LI.N.=...
0050: 86 D8 F6
B9 4B DE 1A 4D 18 FE 98 AC 83 CD 14 4A ...
.K..M.......J
0060: 65 ED 1A
33 8B 32 20 3A F3 1D 33 7D 6F A6 29 B6 e..
3.2 :..3.o.).
0070: E9 B0 4B
AB 57 AB 39 5B 5F A7 90 A0 CB BC 2B 49 ..K
.W.9[_.....+I
]
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLTrustValidator
returns: 0
Dec 22, 2003 4:17:54 PM SGT Debug TLS Trust status (0):
NONE
Dec 22, 2003 4:17:54 PM SGT Debug TLS HANDSHAKEMESSAGE:
ServerHelloDone
Dec 22, 2003 4:17:54 PM SGT Debug TLS write HANDSHAKE
offset = 0 length = 132
Dec 22, 2003 4:17:54 PM SGT Debug TLS write CHANGE_CIPHER_SPEC
offset = 0 length = 1
Dec 22, 2003 4:17:54 PM SGT Debug TLS write HANDSHAKE
offset = 0 length = 40
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLFilter.isActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS isMuxerActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLFilter.isActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS 804797 readRecord()
Dec 22, 2003 4:17:54 PM SGT Debug TLS 804797 received
CHANGE_CIPHER_SPEC
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLFilter.isActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS isMuxerActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLFilter.isActivated:
false
Dec 22, 2003 4:17:54 PM SGT Debug TLS 804797 readRecord()
Dec 22, 2003 4:17:54 PM SGT Debug TLS NEW ALERT: com.certicom.tls.record.alert.Alert@4c85e6
Severi
ty: 2 Type: 20
java.lang.Exception: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:237)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:67)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:125)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:121)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:97)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:284)
at com.dbs.security.client.PluggableClientWLS.getToken(PluggableClientWLS.java)
at com.dbs.applications.air.generic.AIRSecurityManager.getAccessToken(AIRSecurityManager.java:79)
at com.dbs.applications.air.bam.UIController.processRequest(UIController.java:114)
at com.dbs.applications.air.bam.UIController.doGet(UIController.java:58)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1058)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:401)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:306)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:5412)
at weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManager.java:744)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3086)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2544)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:153)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:134)
Dec 22, 2003 4:17:54 PM SGT Debug TLS write ALERT offset
= 0 length = 2
Dec 22, 2003 4:17:54 PM SGT Debug TLS close(): 804797
Dec 22, 2003 4:17:54 PM SGT Debug TLS SSLIOContextTable.removeContext(ctx):
3331057
Pavel.