Sebastian Krupa created CXF-6777:
------------------------------------
Summary: javax.net.ssl.SSLKeyException: Hostname verification
failed on WLS 12.2.1
Key: CXF-6777
URL: https://issues.apache.org/jira/browse/CXF-6777
Project: CXF
Issue Type: Bug
Components: JAX-WS Runtime
Reporter: Sebastian Krupa
Could you help me - i have problem with Weblogic 12.2.1 when CXF 3.1.4 dynamic
client tries to invoke SSL based web services.
I have already reported it to Oracle support - but they said that it is CXF
problem not Weblogic, so here I am :) to ask you about it.
I'm putting here reported issue(number in my oracle support SR 3-11832157061),
note *2029567.1* is error that has same exception like mine by it has been
fixed(Oracle says so) in WLS 12.1.3
{panel:title=Fragments from Oracle support
page|borderStyle=dashed|borderColor=#ccc|titleBGColor=#F7D6C1|bgColor=#FFFFCE}
{color:red}We encountered a problem that is described in this note *2029567.1*
in one of our application that will be launched on WLS 12.2.1. This error ocurs
when dynamic Apache CXF client is invoked. Exception is like follows:{color}
<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <weblogic user
specified trustmanager validation status 0>
<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator
returns: 0>
<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE]
ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled
Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: No trust failure,
validateErr=0.>
<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <Performing
hostname validation checks: test.osb.ibis.vip>
<2015-12-07 11:55:09 CET> <Warning> <Security> <BEA-090504> <Certificate chain
received from test.osb.ibis.vip - 172.16.200.115 failed hostname verification
check. Certificate contained test.osb.ibis.vip but check expected
test.osb.ibis.vip>
<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <Hostname
Verification failed for certificate with CommonName 'test.osb.ibis.vip' against
hostname: test.osb.ibis.vip>
<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE]
ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled
Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred
during SSLEngine.wrap(ByteBuffer,ByteBuffer).
javax.net.ssl.SSLKeyException: Hostname verification failed:
HostnameVerifier=weblogic.security.utils.SSLWLSHostnameVerifier,
hostname=test.osb.ibis.vip.
at
weblogic.security.SSL.jsseadapter.JaSSLEngine.doPostHandshake(JaSSLEngine.java:677)
{color:red}Excpetion from admin server log:{color}
==AdminServer.log===
####<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <osb.soa.nbp.pl>
<AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
(self-tuning)'> <<WLS Kernel>> <>
<ff5cebf8-01ae-4b74-9b8b-cca7261fc32a-00000014> <1449485709084>
<[severity-value: 128] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] >
<BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default (self-tuning)',5,Pooled
Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred
during SSLEngine.unwrap(ByteBuffer,ByteBuffer[]).
javax.net.ssl.SSLKeyException: Hostname verification failed:
HostnameVerifier=weblogic.security.utils.SSLWLSHostnameVerifier,
hostname=test.osb.ibis.vip.
at
weblogic.security.SSL.jsseadapter.JaSSLEngine.doPostHandshake(JaSSLEngine.java:677)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:748)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java:132)
at weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:611)
at
weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.java:515)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:98)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:77)
at weblogic.socket.JSSESocket.startHandshake(JSSESocket.java:240)
at weblogic.net.http.HttpsClient.New(HttpsClient.java:574)
at weblogic.net.http.HttpsClient.New(HttpsClient.java:545)
at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:230)
at
weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:685)
at
weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:41)
at org.apache.cxf.resource.URIResolver.tryFileSystem(URIResolver.java:184)
at org.apache.cxf.resource.URIResolver.resolve(URIResolver.java:120)
at
org.apache.cxf.resource.ExtendedURIResolver.resolve(ExtendedURIResolver.java:41)
at
org.apache.cxf.transport.TransportURIResolver.resolve(TransportURIResolver.java:150)
at
org.apache.cxf.wsdl11.CatalogWSDLLocator.getBaseInputSource(CatalogWSDLLocator.java:74)
at
org.apache.cxf.wsdl11.AbstractWrapperWSDLLocator.getBaseInputSource(AbstractWrapperWSDLLocator.java:57)
at oracle.j2ee.ws.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:324)
at oracle.j2ee.ws.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:315)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:238)
at org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:163)
at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:74)
at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:296)
at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:241)
at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:234)
at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:189)
at
pl.nbp.view.test.RequesterBackingBean.sendRequest(RequesterBackingBean.java:129)
at pl.nbp.view.test.RequesterBackingBean.sendXML(RequesterBackingBean.java:110)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.sun.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:181)
at com.sun.el.parser.AstValue.invoke(AstValue.java:289)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304)
at
com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87)
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
at javax.faces.component.UICommand.broadcast(UICommand.java:315)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282)
at
com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
{panel}
Oracle tried to make a patch but ... they retreated from it with note that is
CXF error not Weblogic - so help me please to solve this issue or - if you can
- confirm that this is not CXF bug but Weblogic.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
