IBY Call (Authorizations) Fails With SSL HANDSHAKE FAILED if SSL Call Is Extended To External Webservers (Doc ID 1452767.1)

Last updated on AUGUST 01, 2016

Applies to:

Oracle Payments - Version 12.1.3 to 12.1.3 [Release 12.1]
Information in this document applies to any platform.

Symptoms

Authorizations fail when weblogic server is used. Unable to make an Outbound SSL call from a R12 IBY servlet [A code shipped with IBY Software which is on deployed on E-Business] to Weblogic Server(WLS 10.3.5).

 

Failing with the below error:

[Oct 25, 2011 10:09:50 AM
BST]:1319533790624:-1:-1:ausvmqtcdevap02.us.xxx.com:xx.xx.xx.xx:oacore.defa
ult_group.2:672996895:-1:-1:ANONYMOUS(-1):-1:Thread[AJPRequestHandler-HTTPThr
eadGroup-10,5,HTTPThreadGroup]:1319533766:xx.xxx.xx.xx:5997:0:2127:EXCEPTION:
[iby.net.NetUtils.writeHttpPost]:java.io.IOException:
javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
at oracle.security.ssl.OracleSSLSocketImpl.startHandshake(Unknown Source)
at oracle.apps.iby.net.NetUtils.openURLSocket(NetUtils.java:515)
at oracle.apps.iby.net.NetUtils.writeHttpPost(NetUtils.java:177)
at
oracle.apps.iby.net.DeliveryEnvelopeFunction.transmit(DeliveryEnvelopeFunctio
n.java:173)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.
java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.apps.iby.engine.CodePoint.invokeJava(CodePoint.java:250)
at oracle.apps.iby.engine.CodePoint.invoke(CodePoint.java:199)
at oracle.apps.iby.engine.TransmitConfig.transmit(TransmitConfig.java:289)
at oracle.apps.iby.engine.TransmitConfig.transmit(TransmitConfig.java:208)
at oracle.apps.iby.payment.proc.BatchCCPayment.pay(BatchCCPayment.java:306)
at oracle.apps.iby.payment.OraPmtRisk.oraPmtReqRisk(OraPmtRisk.java:183)
at oracle.apps.iby.ecapp.PmtECApp.oraPmtReq(PmtECApp.java:866)
at
oracle.apps.iby.ecapp.PaymentServiceImpl.oraPmtReq(PaymentServiceImpl.java:43
6)
at oracle.apps.iby.ecservlet.AuthService.service(AuthService.java:403)
at oracle.apps.iby.ecservlet.ECServlet.doPost(ECServlet.java:326)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at
com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.jav
a:64)
at
oracle.apps.jtf.base.session.ReleaseResFilter.doFilter(ReleaseResFilter.java:
26)
at
com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.jav
a:15)
at
oracle.apps.fnd.security.AppsServletFilter.doFilter(AppsServletFilter.java:31
8)
at
com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispat
cher.java:642)
at
com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequ
estDispatcher.java:391)
at
com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandl
er.java:908)
at
com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler
.java:458)
at
com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:313)
at
com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:199)
at
oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketRead
Handler.java:260)
at
oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAc
ceptHandler.java:234)
at
oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHa
ndler.java:29)
at
oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSo
cketAcceptHandler.java:879)
at
com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableRes
ourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:662)

 

Details:

- This uses NetUtils package which internally uses "oracle.security.ssl" API to attempt to do an SSL handshake with a remote site.

- If NetUtils package is changed to use Java SSL, then the HandShake happens without any issues.

- Users are able to make outbound SSL calls for NON-Weblogic hosts using the same code.

- Users are also able to connect using the same code with Oracle Application Server 10gR3.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms