Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Configure WLS 7.0 with JSSE

4 views
Skip to first unread message

jhu

unread,
Jan 9, 2003, 8:42:45 PM1/9/03
to
Hi,

I am trying to configure WebLogic 7.0 on Windows to work with JSSE since I
have a servlet which needs to create an outbound URL connection to an
outside SSL web server.

Here are the steps I took to configure the JSSE:
1) Copy the three JSSE 1.0.3_01 jar files to C:\bea\jdk131_02\jre\lib\ext

2) Add the following Java options to startWebLogic.cmd:

-Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Djavax.n
et.ssl.trustStore=C:\bea\weblogic700\server\lib\cacerts -Dweblogic.security.
SSL.ignoreHostnameVerification=true

3) Add this permission to weblogic.policy:

permission java.util.PropertyPermission "java.protocol.handler.pkgs", "read,
write";

4) Add the self-signed web server cert to
C:\bea\weblogic700\server\lib\cacerts

After those steps, I always get the following error mesage when servlet
trying to create the url connection:

FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to
negotiate an acceptable set of security parameters.
javax.net.ssl.SSLHandshakeException: FATAL Alert:HANDSHAKE_FAILURE - The
handshake handler was unable to negotiate an acceptable set of security
parameters.
at at
com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown
Source)
at
com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertReceived(Unknown
Source)
at com.certicom.tls.record.alert.AlertHandler.handle(Unknown Source)
at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown
Source)
at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown
Source)
at
com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:72)
at java.io.BufferedOutputStream.write(BufferedOutputStream.java:85)
at weblogic.net.http.HttpOutputStream.write(HttpOutputStream.java:16)
at weblogic.net.http.HttpOutputStream.print(HttpOutputStream.java:30)
at weblogic.net.http.MessageHeader.print(MessageHeader.java:49)
at
weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:96)
at
weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:28
6)
........

Did I miss anything? What else do I need to change?

Thanks in advance,

Jun


kirann

unread,
Jan 15, 2003, 4:29:49 PM1/15/03
to
hi,
If you are using as a standalone client you need to put jSSE classes in
the classpath and you can remove WLS classes from the classpath..
if you are trying to make this work with SERVLET/JSP(from server) you need
to specify the explict handler
in the URLconnection constructor..


thanks
kiran
"jhu" <jhu...@hotmail.com> wrote in message
news:pypT9.18371$u1K....@news02.bloor.is.net.cable.rogers.com...

0 new messages