Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
241 views
in Technique[技术] by (71.8m points)

java - Cannot access HTTPS from Weblogic

I have a problem with Weblogic accessing an HTTPS server, I can access other HTTPS urls, like google or microsoft. The code that tries to connect to the url is:

URL url = new URL("https://myserver.com");
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.setRequestProperty("User-Agent", "Mozilla/5.0");

// fails here
responseCode = connection.getResponseCode();

I get the following stack trace:

java.io.IOException: Connection closed, EOF detected
    at weblogic.socket.JSSEFilterImpl.handleUnwrapResults(JSSEFilterImpl.java:539)
    at weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.java:456)
    at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:80)
    at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:64)
    at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:59)
    at weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:390)
    at weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:78)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
    at java.io.FilterOutputStream.flush(FilterOutputStream.java:140)
    at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:186)
    at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:400)
    at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
    at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:1005)

In Weblogic's console I have the following setting set to true: Environment > Servers > [my server] > SSL > Advanced > Use JSSE SSL

If I disable that property I get the following stack trace:

javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
    at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
    at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
    at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
    at com.certicom.tls.record.WriteHandler.write(Unknown Source)
    at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
    at java.io.FilterOutputStream.flush(FilterOutputStream.java:140)
    at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:186)
    at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:400)
    at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
    at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:1005)

The server I try to access has a verified certificate and browsers don't complain about it.

Thanks

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Eventually it worked by setting these in the Weblogic arguments:

-DUseSunHttpHandler=true 
-Dssl.SocketFactory.provider=sun.security.ssl.SSLSocketFactoryImpl 
-Dssl.ServerSocketFactory.provider=sun.security.ssl.SSLSocketFactoryImpl

As per these posts: https://stackoverflow.com/a/7276163 and https://community.oracle.com/thread/2523332


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...