WLS 10.3.3 SSL: NullPointerException Due to Limitation in Validation for Certificates notBefore and notAfter Year Values (Doc ID 1176433.1)

Last updated on NOVEMBER 05, 2016

Applies to:

Oracle Service Bus - Version 10.3.1 to 11.1.1.5.0 [Release AS10gR3 to 11g]
Oracle WebLogic Server - Version 9.2 to 10.3.5
Information in this document applies to any platform.

Symptoms

During a SSL-Handshake a WebLogic-Server Client is throwing a java.lang.NullPointerException
while validating the date. This appears only after activating the SSL debug...

<Feb 27, 2010 2:39:39 AM IST> <Debug> <SecuritySSL> <BEA-000000> <Exception during handshake, stack trace follows
java.lang.NullPointerException
at com.certicom.security.cert.internal.x509.X509V3CertImpl.checkValidity(Unknown Source)


At this stage it is checking whether the Server Certificate is already valid or still valid so the corresponding Exceptions are expected in case something is not OK with the Date-range of the Server Certificate.
For example if the Certificate is valid till the year 2009 the client must throw the Exception that the Certificate has expired.
In this use case, the certificate was valid from 2009 till the year about 4000.
In another use case the certificate had a valid date-range from 1969 till 2020 causing the same NullPointerException.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms