Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

LDAPS connection from WebSphere App Server

77 views
Skip to first unread message

Karthik Venkatesh

unread,
May 3, 2005, 10:04:28 AM5/3/05
to
Hello,

I am trying to deploy an application in IBM WebSphere Application Server (WAS) that will connect to an eDirectory server and create a new user. My program works just fine when I use port 389. When I try to use SSL I get the following error

LDAPException: Unable to connect to server hostname:636 (91) Connect Error
java.net.SocketException: SSL implementation not available
........
........
........
Caused by: java.net.SocketException: SSL implementation not available
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
at com.novell.ldap.LDAPJSSESecureSocketFactory.createSocket(Unknown Source)

I am using the IBM JSSE provider
Security.addProvider(new com.ibm.jsse.IBMJSSEProvider());

// Set the protocol handler property to use SSL
System.setProperty("java.protocol.handler.pkgs", "com.ibm.net.ssl.internal.www.protocol");

I sounds simple enough. SSL implementation not available. I have the ibmjsse.jar setup the same way I have ldap.jar setup. WAS finds the ldap.jar, so I would assume it should find ibmjsse.jar as well.

I was using SUN JSSE and I had the same error. I found this document and then I changed it to IBM JSSE
http://www-1.ibm.com/support/docview.wss?rs=180&context=SSEQTP&q1=ssl&uid=swg21176563&loc=en_US&cs=utf-8&lang=en

The best part about this is that it works with SSL and everything in my development environment which is WebSphere Studio Application Developer.

I know this is really a question for IBM but I am not getting much help from there.
Thank you for your time.

Regards,
Karthik Venkatesh
Java Programmer
kven...@dss.state.la.us
p. 225.219.0561

@novell.com Susan Perrin

unread,
May 11, 2005, 3:39:58 PM5/11/05
to
Hi

The posts I've seen on this say to check for the class loader at runtime to
make sure that IBMJSSE class is actually being loaded rather than JSSE.
Also to check the java.security file to make sure that the provider you want
is listed first in the security providers section. I'm not sure but I don't
believe java.protocol.handler.pkgs is necessary. But you will want
System.setProperty("javax.net.ssl.trustStore", path) and make sure you're
updating the correct truststore with the keytool utility.

I'd ask if you can run the sample explicitly using java while setting the
classpaths to your IBMWebsphere JRE outside of the servlet so you can test
with -Djavax.net.debug=all to see what's going on...

Thank you
Susan


0 new messages