You need to sign in to do that
Don't have an account?
javax.net.ssl.SSLHandshakeException -- SSL HANDSHAKE FAILURE
I built web app with partner wsdl 19.0 to connect to Force.com
App server: IBM WAS6, jre: 1.4.2 It works fine.
But after WAS6 upgrates to WAS7, and I changed the jre to 1.6. It has exceptions below:
I would really appreciate it if anyone could give me any clue?
Best Regards,
Atlantis
==========================================================
[8/4/10 15:47:25:861 CST] 00000029 servlet I com.ibm.ws.webcontainer.servlet.ServletWrapper init SRVE0242I: [FileStorageEAR] [/file] [FilterProxyServlet]: Initialization successful.
[8/4/10 15:47:25:891 CST] 00000029 servlet I com.ibm.ws.webcontainer.servlet.ServletWrapper init SRVE0242I: [FileStorageEAR] [/file] [AuthSvlt]: Initialization successful.
[8/4/10 15:47:31:790 CST] 00000029 WSX509TrustMa E CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN "CN=*.cs0.force.com, EMAILADDRESS=networkengineering@salesforce.com, OU=Applications, O="Salesforce.com, Inc.", L=San Francisco, ST=California, C=US" was sent from target host:port "c.cs2.visual.force.com:443". The signer may need to be added to local trust store "C:/Program Files/IBM/SDP/runtimes/base_v7/profiles/was70profile1/config/cells/FTD0098Node02Cell/nodes/FTD0098Node02/trust.p12" located in SSL configuration alias "NodeDefaultSSLSettings" loaded from SSL configuration file "security.xml". The extended error message from the SSL handshake exception is: "PKIX path building failed: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension".
[8/4/10 11:22:13:239 CST] 0000002c SystemErr R AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
at com.ibm.jsse2.n.a(n.java:42)
at com.ibm.jsse2.sc.a(sc.java:277)
at com.ibm.jsse2.gb.a(gb.java:354)
at com.ibm.jsse2.gb.a(gb.java:292)
at com.ibm.jsse2.hb.a(hb.java:118)
at com.ibm.jsse2.hb.a(hb.java:162)
at com.ibm.jsse2.gb.n(gb.java:262)
at com.ibm.jsse2.gb.a(gb.java:177)
at com.ibm.jsse2.sc.a(sc.java:71)
at com.ibm.jsse2.sc.g(sc.java:167)
at com.ibm.jsse2.sc.a(sc.java:357)
at com.ibm.jsse2.sc.startHandshake(sc.java:97)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at com.sforce.soap.partner.SoapBindingStub.getUserInfo(SoapBindingStub.java:3633)
at com.fidelity.bean.InteractWithSf.verify(InteractWithSf.java:41)
at com.fidelity.svlt.AuthSvlt.doPost(AuthSvlt.java:67)
at com.fidelity.svlt.AuthSvlt.doGet(AuthSvlt.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:718)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1661)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1595)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:104)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:932)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:500)
at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:178)
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:341)
at com.ibm.ws.webcontainer.servlet.FilterProxyServlet.dispatch(FilterProxyServlet.java:88)
at com.ibm.ws.webcontainer.servlet.FilterProxyServlet.service(FilterProxyServlet.java:62)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1661)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1595)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:104)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:997)
at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.invokeFilters(DefaultExtensionProcessor.java:985)
at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:682)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3826)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:931)
at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1583)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:186)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:455)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:384)
at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:83)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1550)
Caused by: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
at com.ibm.jsse2.util.e.b(e.java:78)
at com.ibm.jsse2.util.e.b(e.java:45)
at com.ibm.jsse2.util.d.a(d.java:12)
at com.ibm.jsse2.gc.a(gc.java:15)
at com.ibm.jsse2.gc.checkServerTrusted(gc.java:48)
at com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted(WSX509TrustManager.java:358)
at com.ibm.jsse2.hb.a(hb.java:116)
... 61 more
Caused by: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
at com.ibm.security.cert.PKIXCertPathBuilderImpl.createCASelector(PKIXCertPathBuilderImpl.java:705)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.buildCertPath(PKIXCertPathBuilderImpl.java:594)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.engineBuild(PKIXCertPathBuilderImpl.java:357)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:258)
at com.ibm.jsse2.util.e.b(e.java:51)
... 67 more
{http://xml.apache.org/axis/}hostname:FTD0098
Finally , i found a solution to fix it
I got a certificate from browser and import it into WAS7.
To find how to import cert into was7, refer to link
http://www.hostmultiplesites.com/googlewebsphere.html
Dont forget to restart was.
Anybody who wanna know the reason why was7 doesnt work, refer to
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/csec_sslsecinstallclientsignret.html
OK, now it works.
Also, thanks zg and simon's reply again.
Regards,
Atlantis
All Answers
[continued]
[8/4/10 11:22:13:239 CST] 0000002c SystemErr R javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.client.Call.invoke(Call.java:2767)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.client.Call.invoke(Call.java:2443)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.client.Call.invoke(Call.java:2366)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at org.apache.axis.client.Call.invoke(Call.java:1812)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.sforce.soap.partner.SoapBindingStub.getUserInfo(SoapBindingStub.java:3633)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.fidelity.bean.InteractWithSf.verify(InteractWithSf.java:41)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.fidelity.svlt.AuthSvlt.doPost(AuthSvlt.java:67)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.fidelity.svlt.AuthSvlt.doGet(AuthSvlt.java:51)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at javax.servlet.http.HttpServlet.service(HttpServlet.java:718)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1661)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1595)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:104)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:932)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:500)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:178)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:341)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.FilterProxyServlet.dispatch(FilterProxyServlet.java:88)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.FilterProxyServlet.service(FilterProxyServlet.java:62)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1661)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1595)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:104)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:997)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.invokeFilters(DefaultExtensionProcessor.java:985)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:682)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3826)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:931)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1583)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:186)
[8/4/10 11:22:13:249 CST] 0000002c SystemErr R at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:455)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:384)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:83)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1550)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R Caused by: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.n.a(n.java:42)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.sc.a(sc.java:277)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.gb.a(gb.java:354)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.gb.a(gb.java:292)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.hb.a(hb.java:118)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.hb.a(hb.java:162)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.gb.n(gb.java:262)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.gb.a(gb.java:177)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.sc.a(sc.java:71)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.sc.g(sc.java:167)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.sc.a(sc.java:357)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.sc.startHandshake(sc.java:97)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R ... 50 more
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R Caused by: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.util.e.b(e.java:78)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.util.e.b(e.java:45)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.util.d.a(d.java:12)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.gc.a(gc.java:15)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.gc.checkServerTrusted(gc.java:48)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted(WSX509TrustManager.java:358)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.hb.a(hb.java:116)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R ... 61 more
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R Caused by: java.security.cert.CertPathBuilderException: invalid certificate, key identifier is missing from authority key identifier extension
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.security.cert.PKIXCertPathBuilderImpl.createCASelector(PKIXCertPathBuilderImpl.java:705)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.security.cert.PKIXCertPathBuilderImpl.buildCertPath(PKIXCertPathBuilderImpl.java:594)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.security.cert.PKIXCertPathBuilderImpl.engineBuild(PKIXCertPathBuilderImpl.java:357)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:258)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R at com.ibm.jsse2.util.e.b(e.java:51)
[8/4/10 11:22:13:259 CST] 0000002c SystemErr R ... 67 more
BTW, the Axis version I used is 1.4
Hi, Atlantis
Take follow tips as references.
1), Please make sure the certificates in your trust store(trust.p12) are not expired.
2), The security provider --IBMJSSE2 is used. Is the same security provider used both after and before upgrade?
Thanks
zg
Hi zg,
Thank you for your reply.
1. I am not sure if I got the correct certificate. I can find two ways to get it.
Is there any other way to find available cert?
I test client cert and self-signed cert which will expire in 2011, but it doesnt work. I can see that the two cert's signer are not the one mentioned in the error msg.
2. both was6 and was 7 use IBMJSSE2.
In all, i think there are two questions i am facing.
1. did i get correct cert?
2. was the was7 configured correctly? (including import cert etc)
zg, what do you think?
Thanks
The client certs downloadable from the app are not related to SSL connections to salesforce (no client cert is needed for that). Its possible that your JSSE setup is missing the root certificate that the main saleforce certificate is signed with.
Hi Simon,
Thanks for your reply.
I am not familiar with this kind of JSSE setup, but I would appreciate it if you could tell me how to do it with screen shot?
Or show the other resources I can find.
Thank you and best regards,
Atlantis
Sorry, I've got no idea, from what i've seen the ibm library is nothing but trouble, not sure why you'd want to use it over the default implementation in the JDK.
Hi Simon,
I dont understand your statement.
"not sure why you'd want to use it over the default implementation in the JDK."
I didnt do anything in java.
Could you explain it more detailed?
Thanks
Atlantis
The JDK comes with a built-in implementation of the SSL support, something in your environment is overriding it to use the IBM JSEE library instead. (which is ultimately then generating the error you see)
Finally , i found a solution to fix it
I got a certificate from browser and import it into WAS7.
To find how to import cert into was7, refer to link
http://www.hostmultiplesites.com/googlewebsphere.html
Dont forget to restart was.
Anybody who wanna know the reason why was7 doesnt work, refer to
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/csec_sslsecinstallclientsignret.html
OK, now it works.
Also, thanks zg and simon's reply again.
Regards,
Atlantis