Security error in Weblogic - Weblogic

This is a discussion on Security error in Weblogic - Weblogic ; Configured security with the following message ore> icate()> ly loaded> ANAGER)> d CAs from TrustedCAFile: cacert512.pem> , 1 certs> tenThread.Default" listening on port 7002> Thread.Default" listening on port 7001> ic Admin Server "myserver" for domain "mydomain" running in Production Mode> ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Security error in Weblogic

  1. Security error in Weblogic

    Configured security with the following message

    <000000>
    ore>

    <000000>
    icate()>

    <000000>
    ly loaded>

    <000000>
    ANAGER)>

    <000000>
    d CAs from TrustedCAFile: cacert512.pem>

    <000000>
    , 1 certs>

    <000000>


    <000354>
    tenThread.Default" listening on port 7002>

    <000354>
    Thread.Default" listening on port 7001>

    <000329>
    ic Admin Server "myserver" for domain "mydomain" running in Production Mode>

    <000365>
    hanged to RUNNING>

    <000360>
    in RUNNING mode>

    https://localhost:7002

    gives this error

    <000000> <4998018 readRecord()>

    <000000> <4998018 received CHANGE_CI

    PHER_SPEC>

    <000000>
    s.record.alert.Alert@103ad6 Severity: 1 Type: 0

    java.lang.Throwable: Stack trace

    at weblogic.security.utils.SSLSetup.debug(SSLSetup.ja va:241)

    at com.certicom.tls.record.alert.Alert.(Unknown Source)

    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.c loseWriteHandler(Un

    known Source)

    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.c lose(Unknown Source

    )

    at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)

    at weblogic.t3.srvr.ListenThread.rejectCatastrophe(Li stenThread.java:436

    )

    at weblogic.t3.srvr.SSLListenThread$1.execute(SSLList enThread.java:419)

    at weblogic.kernel.ExecuteThread.execute(ExecuteThrea d.java:251)

    at weblogic.kernel.ExecuteThread.run(ExecuteThread.ja va:219)

    >


    <000000>
    s.record.alert.Alert@3bdbbd Severity: 2 Type: 70

    java.lang.Throwable: Stack trace

    at weblogic.security.utils.SSLSetup.debug(SSLSetup.ja va:241)

    at com.certicom.tls.record.alert.Alert.(Unknown Source)

    at com.certicom.tls.record.handshake.HandshakeHandler .handleVersion2Hand

    shakeMessages(Unknown Source)

    at com.certicom.tls.record.ReadHandler.interpretConte nt(Unknown Source)

    at com.certicom.tls.record.ReadHandler.readRecord(Unk nown Source)

    at com.certicom.tls.record.ReadHandler.readUntilHands hakeComplete(Unknow

    n Source)

    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.c ompleteHandshake(Un

    known Source)

    at com.certicom.net.ssl.CerticomContextWrapper.forceH andshakeOnAcceptedS

    ocket(Unknown Source)

    at weblogic.t3.srvr.SSLListenThread$1.execute(SSLList enThread.java:399)

    at weblogic.kernel.ExecuteThread.execute(ExecuteThrea d.java:251)

    at weblogic.kernel.ExecuteThread.run(ExecuteThread.ja va:219)

    >


    <000000>
    gth = 2>

    <000000>

    <000000>
    ntext(ctx): 3199646>

    <000802>
    java.lang.IndexOutOfBoundsException

    java.lang.IndexOutOfBoundsException

    at java.io.ByteArrayInputStream.read(ByteArrayInputSt ream.java:164)

    at com.certicom.tls.record.Util.readFully(Unknown Source)

    at com.certicom.tls.record.Util.readFully(Unknown Source)

    at com.certicom.tls.record.Util.readBytesLength24(Unk nown Source)

    at com.certicom.tls.record.handshake.HandshakeMessage .create(Unknown Sou

    rce)

    at com.certicom.tls.record.handshake.HandshakeHandler .handleHandshakeMes

    sages(Unknown Source)

    at com.certicom.tls.record.ReadHandler.interpretConte nt(Unknown Source)

    at com.certicom.tls.record.ReadHandler.readRecord(Unk nown Source)

    at com.certicom.tls.record.ReadHandler.readUntilHands hakeComplete(Unknow

    n Source)

    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.c ompleteHandshake(Un

    known Source)

    at com.certicom.tls.record.ReadHandler.read(Unknown Source)

    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.c loseWriteHandler(Un

    known Source)

    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.c lose(Unknown Source

    )

    at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)

    at weblogic.t3.srvr.ListenThread.rejectCatastrophe(Li stenThread.java:436

    )

    at weblogic.t3.srvr.SSLListenThread$1.execute(SSLList enThread.java:419)

    at weblogic.kernel.ExecuteThread.execute(ExecuteThrea d.java:251)

    at weblogic.kernel.ExecuteThread.run(ExecuteThread.ja va:219)

  2. Re: Security error in Weblogic

    Is there anything unusual with your SSL configuration? Maybe JRE has some non-default JCE providers installed?

    Pavel.

  3. Re: Security error in Weblogic

    Hi

    I am getting the same errors. I am using weblogic 8.1 sp2 on solaris 9. I am using the SSL cert that comes with the bea installation. The https access will work if I restart the weblogic server. However, after a few hours, the https access will hang and the following error messages appear in the log. Any help will be appreciated. Thanks.

    regards
    Beng Hee

    java.lang.IndexOutOfBoundsException.
    java.lang.IndexOutOfBoundsException
    at java.io.ByteArrayInputStream.read(ByteArrayInputSt ream.java:159)
    at com.certicom.tls.record.Util.readFully(Unknown Source)
    at com.certicom.tls.record.Util.readFully(Unknown Source)
    at com.certicom.tls.record.Util.readBytesLength24(Unk nown Source)
    at com.certicom.tls.record.handshake.HandshakeMessage .create(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler .handleHandshakeMessages(Unknown Source)
    at com.certicom.tls.record.ReadHandler.interpretConte nt(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readRecord(Unk nown Source)
    at com.certicom.tls.record.ReadHandler.readUntilHands hakeComplete(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.c ompleteHandshake(Unknown Source)
    at com.certicom.net.ssl.CerticomContextWrapper.forceH andshakeOnAcceptedSocket(Unknown Source)
    at weblogic.t3.srvr.SSLListenThread$1.execute(SSLList enThread.java:514)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThrea d.java:197)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.ja va:170)

  4. Re: Security error in Weblogic

    The server in this case is trying to read SSL record, and it looks like it is not receiving the complete record. Could it be that the client stopped writing in the middle of an ssl record? Are you saying after some time all the ssl connections are failing like this, even from different clients? Does your server configuration envolve some non-default jce providers?

    Pavel.

  5. Re: Security error in Weblogic

    Yes. After a restart, https access from MS internet explorer or mozilla from RedHat will be fine. But after a few hours, the https access will hung.
    Fortunately, BEA support has managed to resolve this problem. BEA support said that I am using DES ciphers and ask me to change the SSL entry in my config.xml to Ciphersuites="TLS_RSA_EXPORT_WITH_RC4_40_MD5". I do not have the https hanging issue after that.
    Thanks you for your help.

+ Reply to Thread