Thursday, March 1, 2012

WebLogic 10.3.5 SSL Handshake

As a function of the SSL handshake, WebLogic Server compares the common name in the SubjectDN in the SSL server’s digital certificate with the host name of the SSL server used to initiate the SSL connection. If these names do not match, the SSL connection is dropped. The SSL client is the actual party that drops the SSL connection if the names do not match.

The following Java Program can be run from the  $MW_HOME/common/bin directory to see if the SSL handshake is happening. Also, before running the Java Code, the commEnv.sh need to be run to setup the Java environment.
import java.net.*;
import java.io.*;

public class SSLTest {

    public SSLTest() {
        super();
    }

    public static void main(String[] args) throws Exception {
        
        URL verisign = new URL("https://someserver.net:999/someservice?wsdl");
        System.out.println("Opening URL: " + verisign.toString());

        BufferedReader in =
            new BufferedReader(new InputStreamReader(verisign.openStream()));

        String inputLine;
        while ((inputLine = in.readLine()) != null)
            System.out.println(inputLine);

        in.close();
    }
}


Before running the Java Code, the following environment variables need to be set.
-Djavax.net.ssl.trustStorePassword=trustPassword 

-Dssl.debug=true 

-Dweblogic.StdoutDebugEnabled=true 

-Djavax.net.debug=ssl,handshake,verbose 

-Djavax.net.ssl.trustStore=C:\OSB\Middleware\wlserver_10.3\server\lib\mindtelligent-trust.jks 
-Djavax.net.ssl.keyStore=C:\OSB\Middleware\wlserver_10.3\server\lib\mindtelligent-identity.jks  


-Djavax.net.ssl.keyStorePassword=IdentityPassword

No comments:

Post a Comment

SOA Cloud 12c GIT Repository

When a project is created, you can choose to initialize the project with one project Git repository for the project. A Maven repository is a...