Sunday, March 22, 2015

Invocation of https/SSL service is not working from OSB

Invocation of https/SSL service is not working from OSB

We were trying to install the wildcard certificate to enable the communication from OSB to end system, but the following exception was displayed in the log file and also the communication to the end system is failing even though the certificate installation was successful;

<Jan 23, 2015 10:45:05 PM PST> <Notice> <Security> <localhost> <AdminServer> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <bac54c313ca42523:46f5522b:14b61066510:-7ffd-000000000008b798> <1423456801909> <BEA-090898> <Ignoring the trusted CA certificate "CN=*.sample.com,O=Sample,L=Sample,ST=Sample,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.> 
After analysis, we found that JSSE flag should be enabled along with Custom Host Name Verification (weblogic.security.utils.SSLWLSWildcardHostnameVerifier) to support wildcard certificate.

ssl_config

 After enabling the JSSE flag, none of the https communication from OSB is working but https communication from BPEL is working fine even with the wildcard certificate(BPEL and OSB is running in the same server).

The following exception is thrown while invoking the https service from OSB.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>
BEA-380000: General runtime error: java.lang.NullPointerException
</faultstring>
<detail>
<con:fault xmlns:con="http://www.bea.com/wli/sb/context">
<con:errorCode>BEA-380000</con:errorCode>
<con:reason>
General runtime error: java.lang.NullPointerException
</con:reason>
<con:location>
<con:node>RouteToSFDC_SearchService_BS</con:node>
<con:path>request-pipeline</con:path>
</con:location>
</con:fault>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>

This is the internal OSB server issue; the cause of the issue is that the AsyncResponseHandler does not properly register JSSEFilter for JSSE SSL.
The Weblogic patch 11866509 based on the Weblogic server version (this issues is identified in Weblogic server version 10.3.4 and 10.3.5) should be installed to resolve the issue.

No comments:

Post a Comment