堆栈内存溢出
  简体   繁体   English

HTTPS上的Weblogic服务器SSL问题

[英]Weblogic servers SSL issue on HTTPS

 原文  2014-04-24 03:47:45       java/ https/ ssl-certificate/ keystore/ weblogic-10.x

问题描述

I'm using weblogic 10.3.6 and I've deployed application A and B into the same box but different server instance. 我使用的是weblogic 10.3.6,并且已将应用程序A和B部署到同一框中,但服务器实例不同。

Both servers are choosing 'Client Certs Not Requested' for the two way client cert behavior in SSL configurations. 两台服务器都为SSL配置中的双向客户端证书行为选择了“未请求客户端证书”。

Everytime we restart the servers, it was working fine on the same day. 每次我们重新启动服务器时,它在同一天运行良好。 However from the next day onward, I am getting the following error when application A try to invoke a https server request to application B. 但是从第二天开始,当应用程序A尝试向应用程序B调用https服务器请求时,出现以下错误。

Weblogic server log trace: Weblogic服务器日志跟踪: 

    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 455813> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will  be Muxing> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <20666515 SSL Version 2 with no padding> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 SSL3/TLS MAC> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 received SSL_20_RECORD> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ClientHelloV2> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 58> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 4809> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 4> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 SSL3/TLS MAC> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 received ALERT> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 46
    java.lang.Exception: New alert stack
        at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
        at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown Source)
        at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
        at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
        at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
        at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
        at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
        at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
        at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
        at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    > 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <Alert received from peer, notifying peer we received it: com.certicom.tls.record.alert.Alert@925980> 
    <Apr 15, 2014 10:32:34 AM SGT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from serverB- 192.168.1.XXX. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <close(): 20666515> 
    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <close(): 20666515>

1 个解决方案

解决方案1
 0  2014-04-24 07:19:11

do you use apache proxy (mod_weblogic), or you direct requests directly to weblogic server. 您使用apache代理(mod_weblogic),还是将请求直接定向到weblogic服务器。 If second option is true, you have to make sure you have proper certificates on server. 如果第二个选项为true,则必须确保服务器上具有正确的证书。 All must be valid. 全部必须有效。

Also try to check/uncheck "Use JSSE SSL": 也尝试检查/取消选中“使用JSSE SSL”: 

Domain -> Servers -> choose managed node -> Configuration -> SSL -> Advanced -> Use JSSE SSL

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 代号一中的HTTPS(SSL)连接问题 - HTTPS (SSL) connections issue in Codename One 部署到Weblogic受管服务器 - Deploying to Weblogic Managed Servers HTTPS GET请求的SSL证书问题,而不是HTTPS POST请求的SSL证书问题 - SSL Certificate Issue for HTTPS GET request and not for HTTPS POST request Weblogic上的SSL连接错误 - SSL Connection error on Weblogic CXF + SSL + WebLogic 9.10 - CXF + SSL + WebLogic 9.10 通过https SSL配置在2个不同服务器(jboss中的app1和app2-tomcat)中的Java应用之间的通信 - Communication between Java apps on 2 different servers(app1 in jboss and app2-tomcat) with https SSL configuration 无法从Weblogic访问HTTPS - Cannot access HTTPS from Weblogic https servlet调用和weblogic配置 - https servlet call and weblogic configuration 如何在Weblogic上启用群集服务器的JMX?(不是Weblogic AdminServer本身) - How to enable the JMX of cluster servers on Weblogic?(not the Weblogic AdminServer itself) 是否可以在Java中创建Weblogic服务器实例进行测试? - Is it possible to create weblogic servers instances in java for testing?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM