1 Reply Latest reply: Feb 10, 2011 4:48 AM by Faisal Khan RSS

    weblogic.security.CipherException: Incorrect block length 256 (modulus

    Mohammed Rayan-Oracle
      Hi,

      I have a stand alone java client which runs in the weblogic 8.1 server and when I tried to connect to the external site using the weblogic's HttpsURLConnection ,its throws the below exception.



      weblogic.security.CipherException: Incorrect block length 256 (modulus length 128)
      -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

      <Info> <Security> <BEA-090511> <The following exception has occurred:

      weblogic.security.CipherException: Incorrect encrypted block
           at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:205)
           at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
           at weblogic.security.X509.verifySignature(X509.java:246)
           at weblogic.security.X509.verify(X509.java:176)
           at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:133)
           at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
           at weblogic.security.SSL.Handshake.input(Handshake.java:121)
           at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
           at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
           at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
           at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
           at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
           at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
           at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
           at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
           at weblogic.net.http.HttpClient.New(HttpClient.java:228)
           at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
           at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:217)
           at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:319)
           at HttpsConnect.main(HttpsConnect.java:13)


      <Info> <SSL> <000000> <weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate>
      java.io.IOException: weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate
      at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:172)
      at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
      at weblogic.security.SSL.Handshake.input(Handshake.java:121)
      at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
      at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
      at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
      at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
      at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
      at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
      at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
      at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
      at weblogic.net.http.HttpClient.New(HttpClient.java:228)
      at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
      at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:359)
      at HttpsConnect.main(HttpsConnect.java:13)



      I verified the certifiate chain by using the weblogic's ValidateCertChain utility, and the output seems to be confusing for the intermediate site and the entity site.
      java utils.ValidateCertChain -pem inter.cer
      Cert[0]: CN=VeriSign Class 3 International Server CA - G3,OU=Terms of use at https://www.verisign.com/r
      pa (c)10,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US
      Certificate chain is incomplete, can't confirm the entire chain is valid
      Certificate chain appears valid



      Any pointers will be appreciated.