You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2016/02/16 15:06:18 UTC
[jira] [Resolved] (CXF-6777) javax.net.ssl.SSLKeyException:
Hostname verification failed on WLS 12.2.1
[ https://issues.apache.org/jira/browse/CXF-6777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-6777.
--------------------------------------
Resolution: Not A Problem
> javax.net.ssl.SSLKeyException: Hostname verification failed on WLS 12.2.1
> --------------------------------------------------------------------------
>
> Key: CXF-6777
> URL: https://issues.apache.org/jira/browse/CXF-6777
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Reporter: Sebastian Krupa
> Attachments: SR Oracle.zip
>
>
> Could you help me - i have problem with Weblogic 12.2.1 when CXF 3.1.4 dynamic client tries to invoke SSL based web services.
> I have already reported it to Oracle support - but they said that it is CXF problem not Weblogic, so here I am :) to ask you about it.
> I'm putting here reported issue(number in my oracle support SR 3-11832157061), note *2029567.1* is error that has same exception like mine by it has been fixed(Oracle says so) in WLS 12.1.3
> {panel:title=Fragments from Oracle support page|borderStyle=dashed|borderColor=#ccc|titleBGColor=#F7D6C1|bgColor=#FFFFCE}
> {color:red}We encountered a problem that is described in this note *2029567.1* in one of our application that will be launched on WLS 12.2.1. This error ocurs when dynamic Apache CXF client is invoked. Exception is like follows:{color}
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 0>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: No trust failure, validateErr=0.>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: test.osb.ibis.vip>
> <2015-12-07 11:55:09 CET> <Warning> <Security> <BEA-090504> <Certificate chain received from test.osb.ibis.vip - 172.16.200.115 failed hostname verification check. Certificate contained test.osb.ibis.vip but check expected test.osb.ibis.vip>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <Hostname Verification failed for certificate with CommonName 'test.osb.ibis.vip' against hostname: test.osb.ibis.vip>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred during SSLEngine.wrap(ByteBuffer,ByteBuffer).
> javax.net.ssl.SSLKeyException: Hostname verification failed: HostnameVerifier=weblogic.security.utils.SSLWLSHostnameVerifier, hostname=test.osb.ibis.vip.
> at weblogic.security.SSL.jsseadapter.JaSSLEngine.doPostHandshake(JaSSLEngine.java:677)
> {color:red}Excpetion from admin server log:{color}
> ==AdminServer.log===
> ####<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <osb.soa.nbp.pl> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <ff5cebf8-01ae-4b74-9b8b-cca7261fc32a-00000014> <1449485709084> <[severity-value: 128] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred during SSLEngine.unwrap(ByteBuffer,ByteBuffer[]).
> javax.net.ssl.SSLKeyException: Hostname verification failed: HostnameVerifier=weblogic.security.utils.SSLWLSHostnameVerifier, hostname=test.osb.ibis.vip.
> at weblogic.security.SSL.jsseadapter.JaSSLEngine.doPostHandshake(JaSSLEngine.java:677)
> at weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:748)
> at weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java:132)
> at weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:611)
> at weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.java:515)
> at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:98)
> at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:77)
> at weblogic.socket.JSSESocket.startHandshake(JSSESocket.java:240)
> at weblogic.net.http.HttpsClient.New(HttpsClient.java:574)
> at weblogic.net.http.HttpsClient.New(HttpsClient.java:545)
> at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:230)
> at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:685)
> at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:41)
> at org.apache.cxf.resource.URIResolver.tryFileSystem(URIResolver.java:184)
> at org.apache.cxf.resource.URIResolver.resolve(URIResolver.java:120)
> at org.apache.cxf.resource.ExtendedURIResolver.resolve(ExtendedURIResolver.java:41)
> at org.apache.cxf.transport.TransportURIResolver.resolve(TransportURIResolver.java:150)
> at org.apache.cxf.wsdl11.CatalogWSDLLocator.getBaseInputSource(CatalogWSDLLocator.java:74)
> at org.apache.cxf.wsdl11.AbstractWrapperWSDLLocator.getBaseInputSource(AbstractWrapperWSDLLocator.java:57)
> at oracle.j2ee.ws.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:324)
> at oracle.j2ee.ws.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:315)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:238)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:163)
> at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:74)
> at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:296)
> at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:241)
> at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:234)
> at org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:189)
> at pl.nbp.view.test.RequesterBackingBean.sendRequest(RequesterBackingBean.java:129)
> at pl.nbp.view.test.RequesterBackingBean.sendXML(RequesterBackingBean.java:110)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:497)
> at com.sun.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:181)
> at com.sun.el.parser.AstValue.invoke(AstValue.java:289)
> at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304)
> at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
> at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87)
> at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
> at javax.faces.component.UICommand.broadcast(UICommand.java:315)
> at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790)
> at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282)
> at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
> {panel}
> Oracle tried to make a patch but ... they retreated from it with note that is CXF error not Weblogic - so help me please to solve this issue or - if you can - confirm that this is not CXF bug but Weblogic.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)