I am having a problem when performing a service request in my OSB domain (Weblogic 10.3.6.0). I get the following SSL error:
####<Nov 30, 2020 12:23:09 PM CET> <Debug> <SecuritySSL> < <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>>
<> <f9b85e75fb72f832:1390a2e1:1759de16345:-7fff-0000000000157332> <1606735389344> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Thre
ads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred during SSLEngine.unwrap(ByteBuffer,ByteBuffer[]).
javax.net.ssl.SSLException: Received fatal alert: unexpected_message
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
at sun.security.ssl.SSLEngineImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLEngineImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLEngineImpl.readNetRecord(Unknown Source)
at sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
at javax.net.ssl.SSLEngine.unwrap(Unknown Source)
at weblogic.security.SSL.jsseadapter.JaSSLEngine$5.run(JaSSLEngine.java:134)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:732)
at weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java:132)
at weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:511)
at weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.java:454)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:82)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:66)
at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:61)
at weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:396)
at weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:89)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at java.io.FilterOutputStream.flush(Unknown Source)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:191)
at weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:296)
at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.setRequestPayload(HttpOutboundMessageContext.java:351)
at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOutboundMessageContext.java:398)
at com.bea.wli.sb.transports.http.wls.HttpTransportProvider.sendMessageAsync(HttpTransportProvider.java:211)
at sun.reflect.GeneratedMethodAccessor556.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.bea.wli.sb.transports.Util$1.invoke(Util.java:83)
at com.sun.proxy.$Proxy146.sendMessageAsync(Unknown Source)
at com.bea.wli.sb.transports.LoadBalanceFailoverListener.sendMessageAsync(LoadBalanceFailoverListener.java:148)
at com.bea.wli.sb.transports.LoadBalanceFailoverListener.sendMessageToServiceAsync(LoadBalanceFailoverListener.java:510)
at com.bea.wli.sb.transports.LoadBalanceFailoverListener.sendMessageToService(LoadBalanceFailoverListener.java:445)
at com.bea.wli.sb.transports.TransportManagerImpl.sendMessageToService(TransportManagerImpl.java:582)
at com.bea.wli.sb.transports.TransportManagerImpl.sendMessageAsync(TransportManagerImpl.java:449)
at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:416)
at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:91)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:149)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:147)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:486)
at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(Unknown Source)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
I have a different domain created with weblogic 12.2.1.4 and imported the same certificate and it works fine.
Does anyone have a idea of why is this happening?
Cheers
Invoke your java class on client side with below options:
java -Dweblogic.ssl.SSLv2HelloEnabled=false -Djdk.tls.client.protocols="TLSv1.2" JAVA_CLASS_NAME
Disable the unwanted protocols in jdk. This has to be done on both sides client and server-side java
Modify $JAVA_HOME/jre/lib/security/java.security, add the following to disabled algorithms.
jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1
Add -Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2 in in setDomainEnv.sh file
Restart the server.