Not Able To Send Outbound XML Docs Using Client Authentication
(Doc ID 382657.1)
Last updated on AUGUST 07, 2024
Applies to:
Oracle XML Gateway - Version 11.5.9 to 11.5.9 [Release 11.5]Information in this document applies to any platform.
Symptoms
- SSL handshake issues arise with OXTA communicating with a 3rd Party supplier through XML hub. This was working before and stopped working when the verisign certificate was changed on the E-business site (not at the 3rd party vendor site).
The issue is got while doing client side OXTA authentication.(covered in <Note 286842.1> Enabling Client Authentication in Oracle Transport Agent (OTA) for Oracle Applications 11i).
Client site authentication is turned ON by setting the following parameters in xmlsvc.properties: - -DOXTAOutSSLServerPrivateKeyFile
- -DOASSLCACertFile
- -DOXTAOutSSLServerCertFile
- -DOXTAOutSSLServerSigningCACertFile
- -DOXTAOutSSLServerPrivateKeyPassword
When these are set, the following error messages are seen in the outbound XML messages log:
OXTA:Wed Jun 14 20:16:51 EDT 2006 :SSLConnection: SSL Exception :javax.net.ssl.SSLException: Certificate chain set to ssl context failed javax.net.ssl.SSLException: Certificate chain set to ssl context failed
at oracle.security.ssl.OracleSSLSocketImpl.setCertificate(Native Method)
at oracle.security.ssl.OracleSSLSocketImpl.setSSLCredentials(OracleSSLSocketImpl.java)
at oracle.security.ssl.OracleSSLSocketImpl.startHandshake(OracleSSLSocketImpl.java)
at oracle.apps.ecx.oxta.SSLConnection.getSSLConnection(SSLConnection.java:153)
at oracle.apps.ecx.oxta.SystemProperties.getSSLConnection(SystemProperties.java:475)
at oracle.apps.ecx.oxta.HTTPSTransportSender.getConnection(HTTPSTransportSender.java:40)
at oracle.apps.ecx.oxta.HTTPSTransportSender.getConn(HTTPSTransportSender.java:32)
at oracle.apps.ecx.oxta.HTTPTransportSender.run(HTTPTransportSender.java:170)
OXTA:Wed Jun 14 20:16:51 EDT 2006 :HTTPTransportSender: Exiting.
OXTA:Wed Jun 14 20:16:51 EDT 2006 :TransportHandler: Before retrying Checking the Code :31
OXTA:Wed Jun 14 20:16:51 EDT 2006 :TransportHandler: Before retrying Checking the MAX Attempt :5
OXTA:Wed Jun 14 20:16:51 EDT 2006 :TransportHandler: Before retrying Checking the Current Attempt :2
OXTA:Wed Jun 14 20:16:51 EDT 2006 :TransportHandler: Needs Retransport (based on ResultCode alone without considering attempt number)
OXTA:Wed Jun 14 20:16:51 EDT 2006 :TransportHandler: Result Code after evaluating resend :31
OXTA:Wed Jun 14 20:16:51 EDT 2006 :TransportHandler: Message need resend.Re-enqueuing. Currently attempt 3
OXTA:Wed Jun 14 20:16:51 EDT 2006 :ECXOutQueue: enQueue in process, delay = 300
OXTA:Wed Jun 14 20:16:51 EDT 2006 :ECXOutQueue: Message enqueued successfully.
OXTA:Wed Jun 14 20:16:51 EDT 2006 :SystemProperties: updating OXTALogMessageOXTA:Wed Jun 14 20:16:51 EDT 2006 : (ERROR) SystemProperties:Returning US text for the message code --- ECX_OXTA_SSLHANDSHAKE_FAILURE
Changes
The change which triggered this issue was that verisign certificate had expired and had to be renewed on the E-business site for the customer.
Before verisign certificate had expired, sending outbound XML messages (Orders, PO acknolwdgements etc) was working fine.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
Learned the following from Verisign customer support: |
This is what was done to resolve this issue: |
References |