My Oracle Support Banner

DEBUGGING SSL CONNECTIVITY BETWEEN BPEL 10.1.3.4 AND OVD 11 (Doc ID 1068042.1)

Last updated on AUGUST 06, 2018

Applies to:

Oracle(R) BPEL Process Manager - Version 10.1.3.4 and later
Information in this document applies to any platform.

Symptoms

Handshake between weblogic server and OVD fails. The log file has the following information recorded:

[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', READ: TLSv1 Alert, length = 2
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal, handshake_failure
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', called closeSocket()
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <LDAPUtil::getJNDIContext> LDAPUtil::getJNDIContext(): Try to get JNDI Connection. Attempt number=3time begin=1267053270562
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::<init>> SSLSocketFactoryImpl:: Constructing SSLSocketFactoryImpl
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::createSocket> SSLSocketFactoryImpl:: host: prdiam.portais.local port: 7502
<2010-02-24 23:14:30,938> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::createSocket> SSLSocketFactoryImpl:: sslsocket 86411[SSL_NULL_WITH_NULL_NULL: Socket[addr=prdiam.portais.local/10.30.58.91,port=7502,localport=58401]]
<2010-02-24 23:14:30,938> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::init> SSLSocketFactoryImpl:: starting handshake
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1250210262 bytes = { 0, 109, 6, 97, 65, 247, 15, 99, 28, 104, 8, 155, 35, 16, 117, 178, 20, 163, 103, 42, 202, 40, 6, 206, 251, 176, 62, 137 }
Session ID: {}
Cipher Suites: [SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_RC4_128_MD5, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: TLSv1 Handshake, length = 53
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: SSLv2 client hello message, length = 56
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', READ: TLSv1 Alert, length = 2
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal, handshake_failure
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', called closeSocket()
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Changes

Further check of the log file shows the following:

SSLSocketFactoryImpl
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: /usr/java/jdk1.5.0_22/jre/lib/security/cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Fri Nov 10 00:00:00 WET 2006 until Mon Nov 10 00:00:00 WET 2031

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.