1 Reply Latest reply: Jul 3, 2011 7:00 AM by EJP RSS

    SSL Authentication Error While consuming HTTPS webservice

    872915
      Hi, i am calling a JAX-RPC Webservice method through HTTPS. I am Getting 403 Forbidden Error followed by a message, Your browser sent a query that could not be understood by the server.
      The following is the SSL debug Trace

      *** CertificateRequest
      Cert Types: RSA, DSS,
      Cert Authorities:
      <CN=xxxxxx, OU=xxxxxx, O=xxxxxx, L=xxxxxx, ST=xxxxxx, C=xx, EMAILADDRESS=xxxxxx>
      <CN=xxx>
      <CN=xxx, DC=testcore, DC=test, DC=dir, DC=xxx, DC=com>
      <OU=TOC, O="xxx", C=xx, ST=xx, CN=xx Certificate Authority>
      <CN=xxxxxx, OU=xxx, O=xxx, L=xxx, ST=xxx, C=xxx, EMAILADDRESS=xxx>
      <CN=xxxxxx>
      *** ServerHelloDone
      *** Certificate chain
      ***
      *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
      Random Secret: { 3, 1, 35, 197, 161, 73, 249, 145, 160, 45, 56, 58, 176, 22, 174, 98, 174, 200, 1, 114, 151, 172, 122, 33, 46, 205, 154, 235, 253, 206, 42, 24, 20, 144, 7, 214, 139, 49, 23, 150, 5, 91, 58, 16, 163, 106, 159, 7 }
      main, WRITE: TLSv1 Handshake, length = 141
      SESSION KEYGEN:
      PreMaster Secret:
      0000: 03 01 23 C5 A1 49 F9 91 A0 2D 38 3A B0 16 AE 62 ..#..I...-8:...b
      0010: AE C8 01 72 97 AC 7A 21 2E CD 9A EB FD CE 2A 18 ...r..z!......*.
      0020: 14 90 07 D6 8B 31 17 96 05 5B 3A 10 A3 6A 9F 07 .....1...[:..j..
      CONNECTION KEYGEN:
      Client Nonce:
      0000: 4E 10 18 A0 40 A3 FF 91 D1 CB 92 C4 BB 29 E8 69 N...@........).i
      0010: 27 75 0A 1C ED 87 0F 5D 44 09 27 65 F1 22 E5 2F 'u.....]D.'e."./
      Server Nonce:
      0000: 00 00 8F C1 7D 92 67 9E 8D 06 26 81 E2 78 0B 34 ......g...&..x.4
      0010: 31 C7 1D 6C B8 45 F2 AD 5A E7 2C B6 54 60 2F FD 1..l.E..Z.,.T`/.
      Master Secret:
      0000: 3C 42 EF 0E A4 36 14 B8 3E 80 43 7E ED B9 70 34 <B...6..>.C...p4
      0010: 03 69 A3 56 EF 05 98 86 8E BE D7 67 FE 1D 23 8F .i.V.......g..#.
      0020: E6 1A 18 D4 E7 FF 36 AB 61 8D 93 B8 55 E1 B0 5A ......6.a...U..Z
      Client MAC write Secret:
      0000: 87 51 EB C6 E3 57 79 55 97 E1 BE BE 17 94 C1 31 .Q...WyU.......1
      Server MAC write Secret:
      0000: 17 FD DD 05 E1 FC EC E3 F5 1D E4 25 67 E3 0F 5D ...........%g..]
      Client write key:
      0000: 37 D4 E0 F9 33 A8 E4 95 B6 C6 4F CA D1 49 DF 3E 7...3.....O..I.>
      Server write key:
      0000: 4E 4B 6E 9B 83 C3 FB 92 8D C8 9C C0 43 01 33 2C NKn.........C.3,
      ... no IV for cipher
      main, WRITE: TLSv1 Change Cipher Spec, length = 1
      *** Finished
      verify_data: { 2, 28, 187, 61, 50, 197, 78, 249, 28, 45, 76, 180 }
      ***
      main, WRITE: TLSv1 Handshake, length = 32
      main, READ: TLSv1 Change Cipher Spec, length = 1
      main, READ: TLSv1 Handshake, length = 32
      *** Finished
      verify_data: { 107, 249, 181, 226, 207, 255, 168, 247, 141, 30, 175, 222 }
      ***
      %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
      main, WRITE: TLSv1 Application Data, length = 333
      main, WRITE: TLSv1 Application Data, length = 807
      main, READ: TLSv1 Application Data, length = 181
      java.rmi.RemoteException: HTTP Status-Code 403: Forbidden; nested exception is:
      HTTP Status-Code 403: Forbidden
      at xxx.EnrolmentReportingWebServiceServantInterface_Stub.getEnrolmentChangeSetByApplication(EnrolmentReportingWebServiceServantInterface_Stub.java:169)
      at webAgent.main(webAgent.java:16)
      Caused by: HTTP Status-Code 403: Forbidden
      at com.sun.xml.rpc.client.http.HttpClientTransport.checkResponseCode(HttpClientTransport.java:355)
      at com.sun.xml.rpc.client.http.HttpClientTransport.connectForResponse(HttpClientTransport.java:288)
      at com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTransport.java:109)
      at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:113)
      at xxxxxx.EnrolmentReportingWebServiceServantInterface_Stub.getEnrolmentChangeSetByApplication(EnrolmentReportingWebServiceServantInterface_Stub.java:145)
      ... 1 more

      I am stuck at this point. The Certificates provided by the Webservice team , they are saying is verified.

      Any help will be appreciated. Thanks in advance.

      Edited by: 869912 on Jul 3, 2011 12:43 AM