DEBUGGING SSL CONNECTIVITY BETWEEN BPEL 10.1.3.4 AND OVD 11
(Doc ID 1068042.1)
Last updated on MAY 15, 2023
Applies to:
Oracle(R) BPEL Process Manager 10g - Version 10.1.3.4 and laterInformation in this document applies to any platform.
Symptoms
Handshake between weblogic server and OVD fails. The log file has the following information recorded:
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', READ: TLSv1 Alert, length = 2
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal, handshake_failure
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', called closeSocket()
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <LDAPUtil::getJNDIContext> LDAPUtil::getJNDIContext(): Try to get JNDI Connection. Attempt number=3time begin=1267053270562
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::<init>> SSLSocketFactoryImpl:: Constructing SSLSocketFactoryImpl
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::createSocket> SSLSocketFactoryImpl:: host: prdiam.portais.local port: 7502
<2010-02-24 23:14:30,938> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::createSocket> SSLSocketFactoryImpl:: sslsocket 86411[SSL_NULL_WITH_NULL_NULL: Socket[addr=prdiam.portais.local/10.30.58.91,port=7502,localport=58401]]
<2010-02-24 23:14:30,938> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::init> SSLSocketFactoryImpl:: starting handshake
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1250210262 bytes = { 0, 109, 6, 97, 65, 247, 15, 99, 28, 104, 8, 155, 35, 16, 117, 178, 20, 163, 103, 42, 202, 40, 6, 206, 251, 176, 62, 137 }
Session ID: {}
Cipher Suites: [SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_RC4_128_MD5, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: TLSv1 Handshake, length = 53
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: SSLv2 client hello message, length = 56
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', READ: TLSv1 Alert, length = 2
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal, handshake_failure
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', called closeSocket()
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal, handshake_failure
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', called closeSocket()
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <LDAPUtil::getJNDIContext> LDAPUtil::getJNDIContext(): Try to get JNDI Connection. Attempt number=3time begin=1267053270562
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::<init>> SSLSocketFactoryImpl:: Constructing SSLSocketFactoryImpl
<2010-02-24 23:14:30,937> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::createSocket> SSLSocketFactoryImpl:: host: prdiam.portais.local port: 7502
<2010-02-24 23:14:30,938> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::createSocket> SSLSocketFactoryImpl:: sslsocket 86411[SSL_NULL_WITH_NULL_NULL: Socket[addr=prdiam.portais.local/10.30.58.91,port=7502,localport=58401]]
<2010-02-24 23:14:30,938> <DEBUG> <collaxa.cube.services> <SSLSocketFactoryImpl::init> SSLSocketFactoryImpl:: starting handshake
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1250210262 bytes = { 0, 109, 6, 97, 65, 247, 15, 99, 28, 104, 8, 155, 35, 16, 117, 178, 20, 163, 103, 42, 202, 40, 6, 206, 251, 176, 62, 137 }
Session ID: {}
Cipher Suites: [SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_RC4_128_MD5, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: TLSv1 Handshake, length = 53
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: SSLv2 client hello message, length = 56
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', READ: TLSv1 Alert, length = 2
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal, handshake_failure
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', called closeSocket()
[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)', handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Changes
Further check of the log file shows the following:
SSLSocketFactoryImpl
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: /usr/java/jdk1.5.0_22/jre/lib/security/cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Fri Nov 10 00:00:00 WET 2006 until Mon Nov 10 00:00:00 WET 2031
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: /usr/java/jdk1.5.0_22/jre/lib/security/cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Fri Nov 10 00:00:00 WET 2006 until Mon Nov 10 00:00:00 WET 2031
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |