0 Replies Latest reply: May 7, 2013 11:26 AM by 691476 RSS

    Unable to use SSL

    691476
      Hi. This is Weblogic 11g web application. Single node, accessing from IE 8 on the same machine. My app or the WL console give the same result.

      works: http://localhost:7001/console

      fails: https://localhost:7002/console

      (result: Internet Explorere cannot display the webpage)

      I've tried various IE settings. Currently have Use SSL 3.0 and Use TLS 1.0 checked.

      Turned on SSL debugging. I don't see a place to upload a file, so I'll paste in snippets of the output.

      I've found some similar logs by searching, but so far the recommendation didn't help, or I wasn't sure how to follow it.

      Any suggestions would be welcome.

      Thanks
      Art

      Listen Address          :7002 (SSL)
      Public Address          N/A
      Http Enabled          true
      Tunneling Enabled     false
      Outbound Enabled     false
      Admin Traffic Enabled     true>

      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073747> <BEA-000000> <SSLContextManager: initializing SSL context for channel DefaultSecure>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073747> <BEA-000000> <Use Certicom SSL with Domestic strength>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073747> <BEA-000000> <Empty CA List is enabled :false>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073763> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073763> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073763> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073763> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073763> <BEA-000000> <........... Eating Exception ..........
      java.security.NoSuchAlgorithmException: ECDSA Signature not available
           at java.security.Signature.getInstance(Signature.java:193)
           at com.certicom.tls.provider.Signature.getInstance(Unknown Source)
           at com.certicom.tls.ciphersuite.CipherSuiteSupport.checkCryptography(Unknown Source)
           at com.certicom.tls.ciphersuite.CipherSuiteSupport.reset(Unknown Source)
           at com.certicom.tls.interfaceimpl.TLSSystem.<clinit>(Unknown Source)
           at com.certicom.net.ssl.SSLContext.<init>(Unknown Source)
           at com.bea.sslplus.CerticomSSLContext.<init>(Unknown Source)
           at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
           at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
           at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
           at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
           at java.lang.Class.newInstance0(Class.java:355)
           at java.lang.Class.newInstance(Class.java:308)
           at weblogic.security.utils.SSLSetup.getSSLDelegateInstance(SSLSetup.java:165)
           at weblogic.security.utils.SSLContextWrapper.<init>(SSLContextWrapper.java:59)
           at weblogic.security.utils.SSLContextWrapper.getInstance(SSLContextWrapper.java:54)
           at weblogic.security.utils.SSLContextManager.createServerSSLContext(SSLContextManager.java:432)
           at weblogic.security.utils.SSLContextManager.getChannelSSLContext(SSLContextManager.java:402)
           at weblogic.security.utils.SSLContextManager.getSSLServerSocketFactory(SSLContextManager.java:94)
           at weblogic.server.channels.DynamicSSLListenThread.<init>(DynamicSSLListenThread.java:59)
           at weblogic.server.channels.DynamicListenThreadManager.createListener(DynamicListenThreadManager.java:289)
           at weblogic.server.channels.DynamicListenThreadManager.start(DynamicListenThreadManager.java:129)
           at weblogic.t3.srvr.ListenerService.bindListeners(ListenerService.java:45)
           at weblogic.t3.srvr.EnableListenersHelper.start(EnableListenersHelper.java:47)
           at weblogic.t3.srvr.EnableListenersService.start(EnableListenersService.java:19)
           at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
           at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
           at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
      >
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073810> <BEA-000000> <Ignoring not supported JCE KeyAgreement: SunJCE version 1.6 for algorithm DiffieHellman>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073810> <BEA-000000> <Will use default KeyAgreement for algorithm DiffieHellman>
      ####<May 6, 2013 4:34:33 PM CDT> <Debug> <SecuritySSL> <USITGARDNAL1CW7> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1367876073810> <BEA-000000> <........... Eating Exception ..........
      java.security.NoSuchAlgorithmException: Algorithm ECDH not available
           at javax.crypto.KeyAgreement.getInstance(DashoA13*..)
           at com.certicom.tls.provider.KeyAgreement.getInstance(Unknown Source)
           at com.certicom.tls.ciphersuite.CipherSuiteSupport.checkCryptography(Unknown Source)
           at com.certicom.tls.ciphersuite.CipherSuiteSupport.reset(Unknown Source)
           at com.certicom.tls.interfaceimpl.TLSSystem.<clinit>(Unknown Source)
           at com.certicom.net.ssl.SSLContext.<init>(Unknown Source)
           at com.bea.sslplus.CerticomSSLContext.<init>(Unknown Source)
           at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
           at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
           at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
           at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
           at java.lang.Class.newInstance0(Class.java:355)
           at java.lang.Class.newInstance(Class.java:308)
           at weblogic.security.utils.SSLSetup.getSSLDelegateInstance(SSLSetup.java:165)
           at weblogic.security.utils.SSLContextWrapper.<init>(SSLContextWrapper.java:59)
           at weblogic.security.utils.SSLContextWrapper.getInstance(SSLContextWrapper.java:54)
           at weblogic.security.utils.SSLContextManager.createServerSSLContext(SSLContextManager.java:432)
           at weblogic.security.utils.SSLContextManager.getChannelSSLContext(SSLContextManager.java:402)
           at weblogic.security.utils.SSLContextManager.getSSLServerSocketFactory(SSLContextManager.java:94)
           at weblogic.server.channels.DynamicSSLListenThread.<init>(DynamicSSLListenThread.java:59)
           at weblogic.server.channels.DynamicListenThreadManager.createListener(DynamicListenThreadManager.java:289)
           at weblogic.server.channels.DynamicListenThreadManager.start(DynamicListenThreadManager.java:129)
           at weblogic.t3.srvr.ListenerService.bindListeners(ListenerService.java:45)
           at weblogic.t3.srvr.EnableListenersHelper.start(EnableListenersHelper.java:47)
           at weblogic.t3.srvr.EnableListenersService.start(EnableListenersService.java:19)
           at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
           at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
           at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
      >