WPS 6.1 EJB Call - SSL HANDSHAKE FAILURE - Websphere

This is a discussion on WPS 6.1 EJB Call - SSL HANDSHAKE FAILURE - Websphere ; Hi All I have a WPS Express 6.1 (underlying WAS ND 6.1.0.15 + EJB3.0 6.1.0.15)on say “MachineWPS” and a separate WAS 6.1.0.13+ EJB3.0 6.1.0.13 in “MachineWAS” Machine 1 is used for Portal server. Machine 2 has my EJB 3.0 code ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: WPS 6.1 EJB Call - SSL HANDSHAKE FAILURE

  1. WPS 6.1 EJB Call - SSL HANDSHAKE FAILURE

    Hi All



    I have a WPS Express 6.1 (underlying WAS ND 6.1.0.15 + EJB3.0 6.1.0.15)on say “MachineWPS” and a separate WAS 6.1.0.13+ EJB3.0 6.1.0.13 in “MachineWAS”



    Machine 1 is used for Portal server.



    Machine 2 has my EJB 3.0 code and other stuff.



    I need to make EJB client call from MachineWPS to MachineWAS.



    prop.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.W snInitialContextFactory" );

    prop.put(Context.PROVIDER_URL,"iiop://192.168.1.65:2809" ) ;

    Context ctx;

    try { ctx = new InitialContext(prop);

    PrintWriter pw=response.getWriter();

    pw.println (ctx.getEnvironment());



    java.lang.Object obj = ctx.lookup("ejb/JPAEJBEARRemote/JPAEJB.jar/CreditorBean#com.dk.bs.ejb.CreditorI nterface");



    pw.println(obj.toString());



    CreditorInterface credInterface = (CreditorInterface)PortableRemoteObject.narrow(obj ,CreditorInterface.class);

    Creditor objCreditor = new Creditor(new Integer(1160), new Double(1),

    new String("work"), new Date(), new Date(),

    new Date(), "test", new Date());



    pw.println(credInterface.toString());

    credInterface.addCreditor(objCreditor);

    pw.println("Creditor Done");



    } catch (NamingException e)

    { e.printStackTrace();

    }


    I am getting a SSL Handshake error.



    7/25/08 10:55:34:767 IST 00000044 SystemOut O CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN "CN=192.168.1.65, O=IBM, C=US" was sent from target hostort "null:null". The signer may need to be added to local trust store "C:/IBM/WebSphere/wp_profile/config/cells/INFPW02136/nodes/INFPW02136/trust.p12 " located in SSL configuration alias "NodeDefaultSSLSettings" loaded from SSL configuration file "security.xml". The extended error message from the SSL handshake exception is: "No trusted certificate found".

    7/25/08 10:55:34:767 IST 00000044 SystemOut O

    7/25/08 10:55:34:814 IST 00000044 ServiceLogger I com.ibm.ws.ffdc.IncidentStreamImpl initialize FFDC0009I: FFDC opened incident stream file C:\IBM\WebSphere\wp_profile\logs\ffdc\WebSphere_Po rtal_00000044_08.07.25_10.55. 34_0.txt

    7/25/08 10:55:34:845 IST 00000044 ServiceLogger I com.ibm.ws.ffdc.IncidentStreamImpl resetIncidentStream FFDC0010I: FFDC closed incident stream file C:\IBM\WebSphere\wp_profile\logs\ffdc\WebSphere_Po rtal_00000044_08.07.25_10.55. 34_0.txt

    7/25/08 10:55:34:908 IST 00000044 ORBRas E com.ibm.ws.security.orbssl.WSSSLClientSocketFactor yImpl createSSLSocket WebContainer : 4 JSSL0080E: javax.net.ssl.SSLHandshakeException - The client and server could not negotiate the desired level of security. Reason: com.ibm.jsse2.util.h: No trusted certificate found javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found

    at com.ibm.jsse2.n.a(n.java:39)

    at com.ibm.jsse2.jc.a(jc.java:188)

    at com.ibm.jsse2.db.a(db.java:134)

    at com.ibm.jsse2.db.a(db.java:328)

    at com.ibm.jsse2.eb.a(eb.java:4)

    at com.ibm.jsse2.eb.a(eb.java:287)

    at com.ibm.jsse2.db.m(db.java:208)

    at com.ibm.jsse2.db.a(db.java:259)

    at com.ibm.jsse2.jc.a(jc.java:271)

    at com.ibm.jsse2.jc.g(jc.java:403)

    at com.ibm.jsse2.jc.a(jc.java:21)

    at com.ibm.jsse2.jc.startHandshake(jc.java:228)

    at com.ibm.ws.security.orbssl.WSSSLClientSocketFactor yImpl.createSSLSocket(WSSSLCl ientSocketFactoryImpl.java:420)

    at com.ibm.ws.orbimpl.transport.WSSSLTransportConnect ion.createSocket(WSSSLTranspo rtConnection.java:228)

    at com.ibm.ws.orbimpl.transport.WSSSLTransportConnect ion.createSocket(WSSSLTranspo rtConnection.java:306)

    at com.ibm.CORBA.transport.TransportConnectionBase.co nnect(TransportConnectionBase .java:356)

    at com.ibm.ws.orbimpl.transport.WSTransport$1.run(WST ransport.java:495)

    at com.ibm.ws.security.util.AccessController.doPrivil eged(AccessController.java:11 8)

    at com.ibm.ws.orbimpl.transport.WSTransport.getConnec tion(WSTransport.java:492)

    at com.ibm.CORBA.transport.TransportBase.getConnectio n(TransportBase.java:187)

    at com.ibm.rmi.iiop.TransportManager.get(TransportMan ager.java:88)

    at com.ibm.rmi.iiop.GIOPImpl.getConnection(GIOPImpl.j ava:118)

    at com.ibm.rmi.iiop.GIOPImpl.locate(GIOPImpl.java:193 )

    at com.ibm.rmi.corba.ClientDelegate.locate(ClientDele gate.java:1944)

    at com.ibm.rmi.corba.ClientDelegate._createRequest(Cl ientDelegate.java:1969)

    at com.ibm.rmi.corba.ClientDelegate.createRequest(Cli entDelegate.java:1151)

    at com.ibm.rmi.corba.ClientDelegate.createRequest(Cli entDelegate.java:1248)

    at com.ibm.CORBA.iiop.ClientDelegate.createRequest(Cl ientDelegate.java:1322)

    at com.ibm.rmi.corba.ClientDelegate.createRequest(Cli entDelegate.java:1127)

    at com.ibm.CORBA.iiop.ClientDelegate.createRequest(Cl ientDelegate.java:1288)

    at com.ibm.rmi.corba.ClientDelegate.request(ClientDel egate.java:1847)

    at com.ibm.CORBA.iiop.ClientDelegate.request(ClientDe legate.java:1244)

    at org.omg.CORBA.portable.ObjectImpl._request(ObjectI mpl.java:458)

    at com.ibm.WsnBootstrap._WsnNameServiceStub.getProper ties(_WsnNameServiceStub.java :38)

    at com.ibm.ws.naming.util.WsnInitCtxFactory.mergeWsnN SProperties(WsnInitCtxFactory .java:1367)

    at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootCo ntextFromServer(WsnInitCtxFac tory.java:922)

    at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootJn diContext(WsnInitCtxFactory.j ava:846)

    at com.ibm.ws.naming.util.WsnInitCtxFactory.getInitia lContextInternal(WsnInitCtxFa ctory.java:531)

    at com.ibm.ws.naming.util.WsnInitCtx.getContext(WsnIn itCtx.java:117)

    at com.ibm.ws.naming.util.WsnInitCtx.getContextIfNull (WsnInitCtx.java:712)

    at com.ibm.ws.naming.util.WsnInitCtx.getEnvironment(W snInitCtx.java:677)

    at javax.naming.InitialContext.getEnvironment(Initial Context.java:500)

    at com.lti.bsonline.CreditorMB.getPageName(CreditorMB .java:97)

    at sun.reflect.NativeMethodAccessorImpl.invoke0(Nativ e Method)

    at sun.reflect.NativeMethodAccessorImpl.invoke(Native MethodAccessorImpl.java:79)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.ja va:43)

    at java.lang.reflect.Method.invoke(Method.java:618)

    at com.sun.faces.el.MethodBindingImpl.invoke(MethodBi ndingImpl.java:127)

    at com.sun.faces.application.ActionListenerImpl.proce ssAction(ActionListenerImpl.j ava:73)

    at javax.faces.component.UICommand.broadcast(UIComman d.java:312)

    at javax.faces.component.UIViewRoot.broadcastEvents(U IViewRoot.java:302)

    at javax.faces.component.UIViewRoot.processApplicatio n(UIViewRoot.java:419)

    at com.sun.faces.lifecycle.InvokeApplicationPhase.exe cute(InvokeApplicationPhase.j ava:77)

    at com.sun.faces.lifecycle.LifecycleImpl.phase(Lifecy cleImpl.java:220)

    at com.sun.faces.lifecycle.LifecycleImpl.execute(Life cycleImpl.java:91)

    at com.ibm.faces.portlet.FacesPortlet.processAction(F acesPortlet.java:158)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletFi lterChainImpl.doFilter(Portle tFilterChainImpl.java:77)

    at com.ibm.wps.propertybroker.standard.filter.Propert yBrokerActionFilter.doFilter( PropertyBrokerActionFilter.java:731)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletFi lterChainImpl.doFilter(Portle tFilterChainImpl.java:69)

    at com.ibm.wps.propertybroker.standard.filter.C2APort letFilter.doFilter(C2APortlet Filter.java:168)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletFi lterChainImpl.doFilter(Portle tFilterChainImpl.java:69)

    at com.ibm.wps.engine.dpr.portlet.impl.ProcessActionM emoFilter.doFilter(ProcessAct ionMemoFilter.java:88)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletFi lterChainImpl.doFilter(Portle tFilterChainImpl.java:69)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvlet.doDispatch(PortletServl et.java:527)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvletCollaboratorChainImpl.do Collaborator(PortletServletCollaboratorChainImpl.j ava:114)

    at com.ibm.isclite.container.collaborator.PortletServ letCollaborator.doAction(Port letServletCollaborator.java:56)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvletCollaboratorChainImpl.do Collaborator(PortletServletCollaboratorChainImpl.j ava:101)

    at com.ibm.ws.portletcontainer.rrd.RRDServerPortletSe rvletCollaborator.doAction(RR DServerPortletServletCollaborator.java:117)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvletCollaboratorChainImpl.do Collaborator(PortletServletCollaboratorChainImpl.j ava:101)

    at com.ibm.ws.portletcontainer.cache.CacheCollaborato r.doAction(CacheCollaborator. java:84)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvletCollaboratorChainImpl.do Collaborator(PortletServletCollaboratorChainImpl.j ava:101)

    at com.ibm.wps.pe.pc.waspc.core.impl.PortletServletCo llaboratorImpl.doAction(Portl etServletCollaboratorImpl.java:146)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvletCollaboratorChainImpl.do Collaborator(PortletServletCollaboratorChainImpl.j ava:101)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvlet.doDispatch(PortletServl et.java:301)

    at com.ibm.ws.portletcontainer.invoker.impl.PortletSe rvletCollaboratorChainImpl.do Collaborator(P




    Can someone please guide me with how to configure these machines for a SSL handshake?

  2. Re: WPS 6.1 EJB Call - SSL HANDSHAKE FAILURE

    Ravi Hariharan wrote:
    > Hi All
    >
    >
    >
    > I have a WPS Express 6.1 (underlying WAS ND 6.1.0.15 + EJB3.0 6.1.0.15)on say “MachineWPS” and a separate WAS 6.1.0.13+ EJB3.0 6.1.0.13 in “MachineWAS”
    >
    >
    >
    > Machine 1 is used for Portal server.
    >
    >
    >
    > Machine 2 has my EJB 3.0 code and other stuff.
    >
    >
    >
    > I need to make EJB client call from MachineWPS to MachineWAS.
    >


    >
    >
    > Can someone please guide me with how to configure these machines for a SSL handshake?


    This seesms fairly self-explanatory:

    "The signer may need to be added to local trust store"

    You need to add the signing certificate from the client (Portal) to the
    WAS trust store that is in use for this particular SSL repertoire.

  3. Re: WPS 6.1 EJB Call - SSL HANDSHAKE FAILURE

    thanks for reply.
    Can u pls let me know the steps to configure portal to WAS trust store

  4. Re: WPS 6.1 EJB Call - SSL HANDSHAKE FAILURE

    i have configured the SSL but now i am getting the following error.


    NMSV0610I: A NamingException is being thrown from a
    javax.naming.Context implementation. Details follow:
    Context implementation: com.ibm.ws.naming.jndicos.CNContextImpl
    Context method: lookupExt
    Context name: infpw02428Node01Cell/nodes/infpw02428Node01/servers/
    server1
    Target name: ejb/JPAEJBEAR/JPAEJB.jar/
    CreditorBean#com.dk.bs.ejb.CreditorInterface
    Other data: ""
    Exception stack trace: javax.naming.NoPermissionException:
    NO_PERMISSION exception caught [Root exception is
    org.omg.CORBA.NO_PERMISSION: JSAS0202E: [{0}] Credential token
    expired. {1} vmcid: 0x49424000 minor code: 306 completed: No]

    if u have any any material a link to me..

    thanks

+ Reply to Thread