Hi, Can you try to create SSLContext using SSLv3 instead of TLS? I had a similar problem with mutual SSL and found out that SSLv2 and TLS have compatibility issue in some forums. SSLv3 worked for me.
Thanks, On Mon, Sep 1, 2014 at 10:21 AM, Jay <[email protected]> wrote: > Dear All, > > When Braintree connector was tested on ESB with Java SDK 1.6.0_22 all the > methods threw the following exception trace and failed. > > [2014-08-29 16:42:09,415] ERROR - CreateTransaction java.io.IOException: > subject key, java.lang.NullPointerException > com.braintreegateway.exceptions.UnexpectedException: java.io.IOException: > subject key, java.lang.NullPointerException > at com.braintreegateway.util.Http.getSSLSocketFactory(Http.java:156) > at com.braintreegateway.util.Http.httpRequest(Http.java:80) > at com.braintreegateway.util.Http.post(Http.java:60) > at > com.braintreegateway.TransactionGateway.sale(TransactionGateway.java:105) > at > > org.wso2.carbon.connector.braintree.CreateTransaction.createTransaction(CreateTransaction.java:401) > at > > org.wso2.carbon.connector.braintree.CreateTransaction.connect(CreateTransaction.java:75) > at > > org.wso2.carbon.connector.core.AbstractConnector.mediate(AbstractConnector.java:32) > at > > org.apache.synapse.mediators.ext.ClassMediator.mediate(ClassMediator.java:78) > at > > org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:77) > at > > org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:47) > at > > org.apache.synapse.mediators.template.TemplateMediator.mediate(TemplateMediator.java:77) > at > > org.apache.synapse.mediators.template.InvokeMediator.mediate(InvokeMediator.java:129) > at > > org.apache.synapse.mediators.template.InvokeMediator.mediate(InvokeMediator.java:78) > at > > org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:77) > at > > org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:47) > at > > org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:131) > at > > org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:166) > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) > at > > org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:344 > ) > at > > org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:385) > at > > org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183) > at > > org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) > at > > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > at > > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > at java.lang.Thread.run(Thread.java:662) > Caused by: java.security.cert.CertificateParsingException: > java.io.IOException: subject key, java.lang.NullPointerException > > However the methods work perfectly fine when using Java SDK 1.7 and Open > JDK > 1.6 (on Linux machines). > > It was also observed that the Braintree SDK works fine with direct calls > when using all Java 6 and 7 even 5. > > The following method in the Braintree SDK is where the exception is being > thrown from. > > Class com.braintreegateway.util.Http - > > private SSLSocketFactory getSSLSocketFactory() { > try { > KeyStore keyStore = > KeyStore.getInstance(KeyStore.getDefaultType()); > keyStore.load(null); > > for (String certificateFilename : certificateFilenames) { > CertificateFactory cf = > CertificateFactory.getInstance("X.509"); > InputStream certStream = > Http.class.getClassLoader().getResourceAsStream(certificateFilename); > > Collection<? extends Certificate> coll = > cf.generateCertificates(certStream); // This is the line which throws the > Exception > for (Certificate cert : coll) { > if (cert instanceof X509Certificate) { > X509Certificate x509cert = (X509Certificate) cert; > Principal principal = x509cert.getSubjectDN(); > String subject = principal.getName(); > keyStore.setCertificateEntry(subject, cert); > } > } > } > > KeyManagerFactory kmf = > KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); > kmf.init(keyStore, null); > TrustManagerFactory tmf = > TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); > tmf.init(keyStore); > > SSLContext sslContext = SSLContext.getInstance("TLS"); > sslContext.init((KeyManager[]) kmf.getKeyManagers(), > tmf.getTrustManagers(), SecureRandom.getInstance("SHA1PRNG")); > > return sslContext.getSocketFactory(); > } catch (Exception e) { > throw new UnexpectedException(e.getMessage(), e); > } > } > > The following approaches were tried to resolve the issue which apparently > proved useless. > 1. Imported the Braintree API X509 certificate into wso2carbon.jks and to > client-truststore.jks. > 2. Imported the same into cacerts (jre\lib\security\cacerts)file when > using > Java SDK 1.6. > 3. Tried installing OpenJDK 1.6 and ran the ESB using it. The connector > worked fine. > 4. Tried extracting the downloaded JCE jars to (jre\lib\security) folder. > > > Thanks, > > > > > -- > View this message in context: > http://wso2-oxygen-tank.10903.n7.nabble.com/Mutual-SSL-work-with-java-7-and-open-jdk-6-but-not-with-sun-java-6-tp102060.html > Sent from the WSO2 Development mailing list archive at Nabble.com. > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Waruna Perera Senior Software Engineer - Test Automation Mobile: +94 77 3867037 WSO2, Inc.; http://wso2.com/ lean . enterprise . middlewear.
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
