Hi we have a problem with our WAS 7.5 production environment, we are getting the following error with an application that had implemented google recaptcha:
javax.net.ssl.SSLException: SSLSocketFactory is null. This can occur if javax.net.ssl.SSLSocketFactory.getDefault() is called to create a socket and javax.net.ssl.* properties are not set.
We have the following code:
System.setProperty("javax.net.ssl.keyStoreType","jks");
System.setProperty("javax.net.ssl.trustStoreType","jks");
System.setProperty("javax.net.ssl.keyStore","/jks/ClientKeyStore.jks");
System.setProperty("javax.net.ssl.trustStore","/jks/ClientTrustStore.jks");
System.setProperty("javax.net.debug","ssl");
System.setProperty("javax.net.ssl.keyStorePassword","password$");
System.setProperty("javax.net.ssl.trustStorePassword","password$");
SSLSocketFactory sslsocketfactory = (SSLSocketFactory)
SSLSocketFactory.getDefault();
In our certification environment everything is working fine, anyone had a similar issue ? thanks in advance.
The problem was resolved editing the java.security file of JRE, changing the following lines:
# Default JSSE socket factories
ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl
ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl
# WebSphere socket factories (in cryptosf.jar)
#ssl.SocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLSocketFactory
#ssl.ServerSocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLServerSocketFactory
After the app severs were restarted the recaptcha code works.
Related
I have a Java agent that connects to a payment gateway to validate a CC transaction.
Everything seems to work fine when the Java logic is run on my IBM Notes client (9.0.1FP10IF3).
I am now migrating the logic to a managed bean on my Domino server (9.0.1FP6).
Whenever the connection is made through the bean, I observe the following error on the server console...
HTTP JVM: javax.net.ssl.SSLHandshakeException: Received fatal alert:
handshake_failure
I am certain it's because the payment gateway with which I am attempting to communicate has recently upgraded to enforce mandatory TLS 1.2 communications.
However, I'm not sure how to enforce those communications on the Domino server side?
I have set the recommended NOTES.INI variables...
DISABLE_SSLV3=1
SSL_DISABLE_TLS_10=1
... and set the 'SSLCipherSpec', but nothing is working.
Here is an excerpt from the logic I'm using to test everything out.
The 'DataOutputStream' line is what triggers the error...
URL url = new URL("https://host/endpoint");
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("POST");
connection.setAllowUserInteraction(false);
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setUseCaches(false);
connection.setRequestProperty("Content-type", "text/xml");
connection.setRequestProperty("Content-length", Integer.toString(postContent.length()));
DataOutputStream out = new DataOutputStream(connection.getOutputStream());
out.writeBytes(postContent);
out.flush();
out.close();
connection.disconnect();
Any advice/assistance would be most appreciated!
As Per answered, this document allowed me to resolve the issue straight away...
www-01.ibm.com/support/docview.wss?uid=swg21985289
I'm trying to publish to a MQTT topic thanks to the appropriate Apache Camel MQTT component.
So in my spring context XML I have the following:
<camel:to uri="mqtt:test?host=ssl://myhost:8883&publishTopicName=test&userName=test&password=test"/>
But I'm getting the following error at startup :
Failed to create Producer for endpoint:
Endpoint[mqtt:test?host=ssl://myhost:8883&publishTopicName=test&userName=test&password=test]. Reason: java.lang.NullPointerException
Everything is working fine when not using ssl, the following configuration (regular tcp instead of ssl) is working well :
<camel:to uri="mqtt:test?host=tcp://myhost:1883&publishTopicName=test&userName=test&password=test"/>
I've added the javax.net.ssl.trustStore JVM property pointing to my certificates store but without any effect.
Does someone already met this issue ? Is there something to specifically add in the spring DSL configuration file when using the camel mqtt component with ssl ?
EDIT :
The stacktrace of the NPE :
Caused by: java.lang.NullPointerException at
org.fusesource.hawtdispatch.transport.SslTransport.connecting(SslTransport.java:194)
at
org.fusesource.mqtt.client.CallbackConnection.createTransport(CallbackConnection.java:285)
at
org.fusesource.mqtt.client.CallbackConnection.connect(CallbackConnection.java:138)
at
org.apache.camel.component.mqtt.MQTTEndpoint.connect(MQTTEndpoint.java:305)
at
org.apache.camel.component.mqtt.MQTTProducer.doStart(MQTTProducer.java:38)
at
org.apache.camel.support.ServiceSupport.start(ServiceSupport.java:61)
at
org.apache.camel.impl.DefaultCamelContext.startService(DefaultCamelContext.java:3219)
at
org.apache.camel.impl.DefaultCamelContext.doAddService(DefaultCamelContext.java:1209)
at
org.apache.camel.impl.DefaultCamelContext.addService(DefaultCamelContext.java:1170)
at
org.apache.camel.impl.ProducerCache.doGetProducer(ProducerCache.java:442)
... 33 more
Debugging through javax.net.debug=ssl was useful.
Actually there were an issue on the java.security where the security.provider property was not set properly. That was manually changed for testing purpose related to another application.
Since, everything is working fine. Sorry for the post related to a internal specific mistake.
Alex.
I have the following code:
package ejbs;
import javax.annotation.Resource;
import javax.ejb.Singleton;
import javax.ejb.Timeout;
import javax.ejb.Timer;
import javax.ejb.TimerConfig;
import javax.ejb.TimerService;
#Singleton
public class timerbackup {
#Resource
private TimerService timerservice;
#Timeout
public void methodTimeout(Timer timer)
{
System.out.println("timeout");
}
public void settimer(long in)
{
Timer timer=timerservice.createSingleActionTimer(in,new TimerConfig());
}
}
After deploying the application appeared the error message "EJB Timer Service is not available".
To solve the problem i followed these steps:
Access the glash fish admin console (http://localhost:4848)
Go to Configurations->server-config->EJB Container
Select the tab EJB Timer Service
Then fill out Timer Datasource: with your JDBC Resource (i used "jdbc/projecto_final")
Restart the server
As suggested in Set/configure the EJB Timer Service’s DataSource.
This resulted but after sometime the TimerService stopped working. After deploying the application appears the following error messages:
Severe: Exception while loading the app
Severe: Undeployment failed for context /ProjetoEE1
Info: /file:/E:/formacaoJAVA/2moduloJEE/pratica/projecto_final /projfinal2/ProjetoEE1/build/web/WEB-INF/classes/_DEFAULT_PU logout successful
Warning: EJB Timer Service is not available. Timers for application with id 96332697224871936 will not be deleted
The Set/configure the EJB Timer Service’s DataSource also mention this problem, and present a solution in Glassfish DeploymentException: Error in linking security policy for.
The solutions presented in Glassfish DeploymentException: Error in linking security policy for consists basically in delete some files. The answer more voted suggests basically the following:
Stoped the Glassfish server
Deleted all the content from glassfishhome/glassfish/domains/ yourdomainname/generated
Started Glassfish
I have installed the "GlassFish Server 4.1.1", and this doesn´t work.
The second answer more voted suggests the basically the following:
1.All that's needed to fix this problem is delete the entire OSGi cache under $GLASSFISH_HOME/glassfish/domains//osgi-cache
This also doesn´t work.
What i can do? Any help will be very appreciate
Best regards,
Rafael Costa
I have solved the "same" problem in
deleting glassfish/domains/domain-name/generated folder completely
building application again
restarting glassfish application
In my case, I have installed a new version of my application after a Pull/Push operation with GIT and my application has stopped to work. So I know that before this new build my application worked well and that nothing has been changed on Glassfish.
I have found some explanation on another following site
https://dzone.com/articles/solving-ejb-timer-service-not-available-error-in-g-1
The Glassfish application server uses its embedded JAVADB to persist the state of its available EJB timers. Not setting the data resource for the timer service correctly prevents the EJB timers from being restored and eventually from functioning properly. In this case, normally the “EJB timer service not available” error message is returned. This problem prevents any application that uses an EJB timer service from being started or deployed.
There are two procedures available to overcome such blocking situations:
The first solution is to go to JDBC connection pools and double check the health of the Timerpool connection pool by pinging it. If the ping fails then the connection pool needs to be checked or to be redefined.
If pinging the connection pool is successful, then the problem could be the presence of the EJB timer marker file. A marker file is created whenever a problem occurs during the EJB timer service start-up or restore.
Deleting the marker will solve the problem. The marker file "ejb-timer-service-app" located under as-install-parent/glassfish/domains/domain-name/generated/ejb/. Dont forget to restart Glassfish !
Replace
import javax.ejb.Singleton;
With
import javax.inject.Singleton;
It worked for me. I'm using Derby database is it the case for you?
I solved the problem. If i remenber, i created a new JDBC resource and a new JDBC Connection Pool.
The following link explains how to create a JDBC resource and a JDBC Connection Pool.
General Steps for Creating a JDBC Resource
The JDBC resource and the JDBC Connection Pool can be created using the admin console or the asadmin utility.
The following link explains how to use the asadmin utility.Using the asadmin Utility
(I used this utility because in the admin console when i tried to create a JDBC resource and a JDBC Connection Pool appeared an error)
In the admin console, in the created JDBC Resource the field "Pool Name" should equals the name of the created JDBC Connection Pool.
After that i followed these steps:
Configurations->server-config->EJB Container
Select the tab EJB Timer Service
Fill the field Timer Datasource with the name of the JDBC resource.
Restart the server
Any question please feel free.
Best Regards Rafael Santos Costa
Hello I met the same problem if you have glassfish 4.1.1 there is probably an instability in the server with respect to timer.
Solution: update glassfish 4.1 to glassfish 5 and deploy the web application in this new server
I'm running a site and several sub domains on ColdFuson 10 Standard, we have just upgraded from ColdFusion 9 where everything was working fine.
The sites have a wildcard ssl certificate installed so all the sub domains are secured. I'm making http calls between the sites but getting the I/O Exception: peer not authenticated error.
Charset [empty string]
ErrorDetail I/O Exception: peer not authenticated
Filecontent Connection Failure
Header [empty string]
Mimetype Unable to determine MIME type of file.
Responseheader struct [empty]
Statuscode Connection Failure. Status code unavailable.
Text YES
I've installed the certificate in the correct key store and verified it's there using keytool -listand restarted, but still get the authentication error.
I know this is a common problem and is usually fixed by installing the certificate and there are workarounds for ColdFusion Enterprise but I'm struggling to get this working on Standard. Any suggestions?
After many days of investigation I came across this blog post which leads to bug report #3598342.
It turns out to be an issue on Windows 2012 servers running IIS 8. There is an option on the site binding to 'Require Server Name Indication' or 'SNI'. Turning this option off allows cfhttp to connect via https.
It turns out this is an issue with the HttpClient library and has been fixed in builds 288845, 288846 and 290605. Which doesn't really help as the last update 13 only gives me build 287689.
This could be an issue I have run across where I had to import the secure server certificate into coldfusion before it would allow me to connect.
http://helpx.adobe.com/coldfusion/kb/import-certificates-certificate-stores-coldfusion.html
Import Certificate for ColdFusion10
Hope that helps. I know it helped me!
I have been trying to follow this article on communicating with a WCF service from a mobile device (using compact framework 3.5). I have the service running on the desktop, and it tells me that it's running as:
http://localhost:1414/MyService.svc
I can see this in my client, but when I try to access it, I get this error:
There was no endpoint listening at http://localhost:1414/MyService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
So I did:
InnerException: {"No connection could be made because the target machine actively refused it"}
I am running from the emulator, which the article states did not work - I therefore suspect that I have encountered the same issue. So my question is, does anyone know why this issue may occur?
EDIT:
Just to clarify, this works fine when deployed to the device. It's just the emulator that has the problem.
EDIT:
Thanks to #Shiraz Bhaiji I have made some progress with this now, but am now getting the error returned:
CFFaultException
This seems to be the only error information I can get, and it's caused by the call:
MyServiceServiceClient client = new MyServiceServiceClient(binding, endpoint);
returnString = client.MyFunc1();
I have changed the endpoint to reference my I.P. address directly as follows (the WCF service is running on my PC at the minute):
Binding binding = MyServiceServiceClient.CreateDefaultBinding();
string remoteAddress = MyServiceServiceClient.EndpointAddress.Uri.ToString();
EndpointAddress endpoint = new EndpointAddress("http://1.1.1.1/MyService/MyService.svc");
Check Eric Schneider's answer on this link: http://social.msdn.microsoft.com/Forums/en/netfxcompact/thread/b5be4c83-40ca-423b-9068-8614779fed5f
Connect to the server using the IP address.
Try changing localhost to the actual name of your computer.