Re: [Dev] ESB Connector - SSLHandshakeException
Hi, ESB should trust the server you are trying to connect to in order to create a SSH handshake. In order to trust it, the public certificate of the server should be added to ESB. You can use keytool to add the certificate to client-trustore. Please find a guide on [1] which shows how to add a CA to ESB trust store. [1] http://udaraliyanage.wordpress.com/2014/06/16/add-a-ca-certificate-to-wso2-truststore/ On Wed, Sep 3, 2014 at 1:36 PM, Jay wrote: > Hi Naasheer, > > Import particular certificate in to > \repository\resources\security\client-truststore.jks keystore. > > Regards, > Janaka > > > > -- > View this message in context: > http://wso2-oxygen-tank.10903.n7.nabble.com/ESB-Connector-SSLHandshakeException-tp102207p102211.html > Sent from the WSO2 Development mailing list archive at Nabble.com. > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Udara Liyanage Software Engineer WSO2, Inc.: http://wso2.com lean. enterprise. middleware web: http://udaraliyanage.wordpress.com phone: +94 71 443 6897 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] ESB Connector - SSLHandshakeException
Hi Naasheer, Import particular certificate in to \repository\resources\security\client-truststore.jks keystore. Regards, Janaka -- View this message in context: http://wso2-oxygen-tank.10903.n7.nabble.com/ESB-Connector-SSLHandshakeException-tp102207p102211.html Sent from the WSO2 Development mailing list archive at Nabble.com. ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] ESB Connector - SSLHandshakeException
Hi Naasheer, I hope this will be useful http://www.webapper.com/blog/index.php/2007/02/09/troubleshooting-javaxnetsslsslhandshakeexception/ try this keytool -export -alias wso2carbon -keystore ESB_HOME/repository/resources/security/wso2carbon.jks -storepass wso2carbon -file wso2carbon.pem keytool -import -alias wso2crbon -file wso2carbon.pem -keystore JAVA_HOME/jre/lib/security/cacerts On Wed, Sep 3, 2014 at 1:13 PM, Naasheera Ali wrote: > When we invoke our services into proxy we got this error: > > [2014-09-03 11:24:57,617] ERROR - TargetHandler I/O error: General > SSLEngine problem > javax.net.ssl.SSLHandshakeException: General SSLEngine problem > at > com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:1015) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:485) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1108) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1080) > at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:452) > at > org.apache.http.nio.reactor.ssl.SSLIOSession.doWrap(SSLIOSession.java:220) > at > org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:254) > at > org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:380) > at > org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118) > at > org.apache.http.impl.nio.reactor.BaseIOReactor.validate(BaseIOReactor.java:220) > at > org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:284) > at > org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106) > at > org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604) > at java.lang.Thread.run(Thread.java:662) > Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1508) > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:243) > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135) > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) > at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Handshaker.java:533) > at java.security.AccessController.doPrivileged(Native Method) > at > com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Handshaker.java:952) > at > org.apache.http.nio.reactor.ssl.SSLIOSession.doRunTask(SSLIOSession.java:238) > at > org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:270) > ... 7 more > Caused by: sun.security.validator.ValidatorException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323) > at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217) > at sun.security.validator.Validator.validate(Validator.java:218) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1188) > ... 14 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) > at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) > at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) > ... 20 more > [2014-09-03 11:24:57,621] WARN - EndpointContext Endpoint : > AnonymousEndpoint will be marked SUSPENDED as it failed > [2014-09-03 11:24:57,621] WARN - EndpointContext Suspending endpoint : > AnonymousEndpoint - last suspend duration was : 3ms and current suspend > duration is : 3ms - Next retry after : Wed Sep 03 11:25:27 IST 2014 > > > Naasheer Ali > Associate Software Engineer > WSO2 Inc. > > Mob: +94 754284288 > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Thanks & Best Regards, Tharindu Edirisinghe Software Engineer *WSO2 Inc* *email : tharin...@wso2.com * *
[Dev] ESB Connector - SSLHandshakeException
When we invoke our services into proxy we got this error: [2014-09-03 11:24:57,617] ERROR - TargetHandler I/O error: General SSLEngine problem javax.net.ssl.SSLHandshakeException: General SSLEngine problem at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:1015) at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:485) at com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1108) at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1080) at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:452) at org.apache.http.nio.reactor.ssl.SSLIOSession.doWrap(SSLIOSession.java:220) at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:254) at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:380) at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118) at org.apache.http.impl.nio.reactor.BaseIOReactor.validate(BaseIOReactor.java:220) at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:284) at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106) at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604) at java.lang.Thread.run(Thread.java:662) Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1508) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:243) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Handshaker.java:533) at java.security.AccessController.doPrivileged(Native Method) at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Handshaker.java:952) at org.apache.http.nio.reactor.ssl.SSLIOSession.doRunTask(SSLIOSession.java:238) at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:270) ... 7 more Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217) at sun.security.validator.Validator.validate(Validator.java:218) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1188) ... 14 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) ... 20 more [2014-09-03 11:24:57,621] WARN - EndpointContext Endpoint : AnonymousEndpoint will be marked SUSPENDED as it failed [2014-09-03 11:24:57,621] WARN - EndpointContext Suspending endpoint : AnonymousEndpoint - last suspend duration was : 3ms and current suspend duration is : 3ms - Next retry after : Wed Sep 03 11:25:27 IST 2014 Naasheer Ali Associate Software Engineer WSO2 Inc. Mob: +94 754284288 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev