[
https://issues.apache.org/jira/browse/CXF-6777?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15171597#comment-15171597
]
Sebastian Krupa commented on CXF-6777:
--------------------------------------
Without Weblogic - from standalone client - everything works perfectly.I've
tried to explain this to Oracle support but they aren't listening :) and this
is the reason why i've opened this "bug".
> javax.net.ssl.SSLKeyException: Hostname verification failed on WLS 12.2.1
> --------------------------------------------------------------------------
>
> Key: CXF-6777
> URL: https://issues.apache.org/jira/browse/CXF-6777
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Reporter: Sebastian Krupa
> Attachments: SR Oracle.zip
>
>
> Could you help me - i have problem with Weblogic 12.2.1 when CXF 3.1.4
> dynamic client tries to invoke SSL based web services.
> I have already reported it to Oracle support - but they said that it is CXF
> problem not Weblogic, so here I am :) to ask you about it.
> I'm putting here reported issue(number in my oracle support SR
> 3-11832157061), note *2029567.1* is error that has same exception like mine
> by it has been fixed(Oracle says so) in WLS 12.1.3
> {panel:title=Fragments from Oracle support
> page|borderStyle=dashed|borderColor=#ccc|titleBGColor=#F7D6C1|bgColor=#FFFFCE}
> {color:red}We encountered a problem that is described in this note
> *2029567.1* in one of our application that will be launched on WLS 12.2.1.
> This error ocurs when dynamic Apache CXF client is invoked. Exception is like
> follows:{color}
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <weblogic user
> specified trustmanager validation status 0>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000>
> <SSLTrustValidator returns: 0>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000>
> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter:
> SSLENGINE: No trust failure, validateErr=0.>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <Performing
> hostname validation checks: test.osb.ibis.vip>
> <2015-12-07 11:55:09 CET> <Warning> <Security> <BEA-090504> <Certificate
> chain received from test.osb.ibis.vip - 172.16.200.115 failed hostname
> verification check. Certificate contained test.osb.ibis.vip but check
> expected test.osb.ibis.vip>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000> <Hostname
> Verification failed for certificate with CommonName 'test.osb.ibis.vip'
> against hostname: test.osb.ibis.vip>
> <2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <BEA-000000>
> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter:
> SSLENGINE: Exception occurred during SSLEngine.wrap(ByteBuffer,ByteBuffer).
> javax.net.ssl.SSLKeyException: Hostname verification failed:
> HostnameVerifier=weblogic.security.utils.SSLWLSHostnameVerifier,
> hostname=test.osb.ibis.vip.
> at
> weblogic.security.SSL.jsseadapter.JaSSLEngine.doPostHandshake(JaSSLEngine.java:677)
>
> {color:red}Excpetion from admin server log:{color}
> ==AdminServer.log===
> ####<2015-12-07 11:55:09 CET> <Debug> <SecuritySSL> <osb.soa.nbp.pl>
> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue:
> 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <>
> <ff5cebf8-01ae-4b74-9b8b-cca7261fc32a-00000014> <1449485709084>
> <[severity-value: 128] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] >
> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue:
> 'weblogic.kernel.Default (self-tuning)',5,Pooled
> Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred
> during SSLEngine.unwrap(ByteBuffer,ByteBuffer[]).
> javax.net.ssl.SSLKeyException: Hostname verification failed:
> HostnameVerifier=weblogic.security.utils.SSLWLSHostnameVerifier,
> hostname=test.osb.ibis.vip.
> at
> weblogic.security.SSL.jsseadapter.JaSSLEngine.doPostHandshake(JaSSLEngine.java:677)
> at
> weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:748)
> at weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java:132)
> at weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:611)
> at
> weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.java:515)
> at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:98)
> at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:77)
> at weblogic.socket.JSSESocket.startHandshake(JSSESocket.java:240)
> at weblogic.net.http.HttpsClient.New(HttpsClient.java:574)
> at weblogic.net.http.HttpsClient.New(HttpsClient.java:545)
> at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:230)
> at
> weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:685)
> at
> weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:41)
> at org.apache.cxf.resource.URIResolver.tryFileSystem(URIResolver.java:184)
> at org.apache.cxf.resource.URIResolver.resolve(URIResolver.java:120)
> at
> org.apache.cxf.resource.ExtendedURIResolver.resolve(ExtendedURIResolver.java:41)
> at
> org.apache.cxf.transport.TransportURIResolver.resolve(TransportURIResolver.java:150)
> at
> org.apache.cxf.wsdl11.CatalogWSDLLocator.getBaseInputSource(CatalogWSDLLocator.java:74)
> at
> org.apache.cxf.wsdl11.AbstractWrapperWSDLLocator.getBaseInputSource(AbstractWrapperWSDLLocator.java:57)
> at oracle.j2ee.ws.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:324)
> at oracle.j2ee.ws.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:315)
> at
> org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:238)
> at
> org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:163)
> at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:74)
> at
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:296)
> at
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:241)
> at
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:234)
> at
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:189)
> at
> pl.nbp.view.test.RequesterBackingBean.sendRequest(RequesterBackingBean.java:129)
> at
> pl.nbp.view.test.RequesterBackingBean.sendXML(RequesterBackingBean.java:110)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:497)
> at com.sun.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:181)
> at com.sun.el.parser.AstValue.invoke(AstValue.java:289)
> at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304)
> at
> com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
> at
> javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87)
> at
> com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
> at javax.faces.component.UICommand.broadcast(UICommand.java:315)
> at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790)
> at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282)
> at
> com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
> {panel}
> Oracle tried to make a patch but ... they retreated from it with note that is
> CXF error not Weblogic - so help me please to solve this issue or - if you
> can - confirm that this is not CXF bug but Weblogic.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
