Hello Folks,
I am getting the security certification problem in a J2EE based application which is running on our production Tomcat server. The Web applications main functionality is to update user's details in Authentication Directory and reset users password, and we are getting error while resetting password. The application uses SSL communication while resetting password in AD and the rest of the things are done through non-SSL communication. NOTE: Our application is based on Struts framework JVM: j2re1.4.1_06 Tomcat: Tomcat 4.1 Windows: Windows 2000 SP4 Following are the error summary which I got after resetting user portal password. Please have a look into this. 20 Feb 2008 17:34:27,130 DEBUG : java.naming.factory.initial = com.sun.jndi.ldap.LdapCtxFactory [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : com.sunchemical.ldap.ads.port = 636 [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : com.sunchemical.ldap.ads.security.principal = [EMAIL PROTECTED] [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : java.naming.security.principal = [EMAIL PROTECTED] [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : com.sunchemical.ldap.ads.security.credentials = **** [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : java.naming.provider.url = ldap://10.156.34.140:636/dc=sunchem,dc=com [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : com.sunchemical.ldap.ads.security.authentication = simple [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : com.sunchemical.ldap.ads.host = 10.156.34.140 [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : com.sunchemical.ldap.ads.base.dn = dc=sunchem,dc=com [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : java.naming.security.protocol = ssl [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : com.sunchemical.ldap.ads.security.protocol = ssl [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,130 DEBUG : java.naming.security.credentials = **** [com.sunchemical.ldapapi.LDAPConnection] 20 Feb 2008 17:34:27,146 ERROR : Error in invoker.execute() [com.sunchemical.ldapapi.LDAPActionInvoker] javax.naming.CommunicationException: simple bind failed: 10.156.34.140:636. Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Could not find trusted certificate at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127) at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:390) at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:334) at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:193) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2597) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:275) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:173) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:191) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java: 136) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:6 6) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243) at javax.naming.InitialContext.init(InitialContext.java:219) at javax.naming.InitialContext.<init>(InitialContext.java:195) at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:8 0) at com.sunchemical.ldapapi.LDAPConnection.createContext(Unknown Source) at com.sunchemical.ldapapi.LDAPActionInvoker.execute(Unknown Source) at com.sunchemical.admanagement.struts.controller.user.ResetUserPasswordAct ion.execute(ResetUserPasswordAction.java:61) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestPr ocessor.java:484) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java: 274) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482) at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525) at javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFilterChain.java:247) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChain.java:193) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv e.java:256) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i nvokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 80) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv e.java:191) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i nvokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 80) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:241 5) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java :180) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i nvokeNext(StandardPipeline.java:643) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa lve.java:171) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i nvokeNext(StandardPipeline.java:641) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java :172) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i nvokeNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 80) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. java:174) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.i nvokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 80) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:59 4) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC onnection(Http11Protocol.java:392) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:56 5) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool .java:619) at java.lang.Thread.run(Thread.java:536) Caused by: java.security.cert.CertificateException: Could not find trusted certificate at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Das hoA6275) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Das hoA6275) ... 61 more 20 Feb 2008 17:34:27,161 ERROR : Error while resetting the user's password. Is this something JVM error, because sometime back we got the same error, and was fixed after installing the certificate on the same server. But after around 15 days it happens again. Please provide some valuable idea to get rid of this error, let me know if you need anymore details with regards to this. Thanks & Regards, Pranab Das Software Engineer | Birlasoft Ltd. | +91 (0) 9810509123 | [EMAIL PROTECTED] | www.birlasoft.com <http://www.birlasoft.com> *********************** No virus was detected in the attachment no filename No virus was detected in the attachment no filename Your mail has been scanned by InterScan. ***********-*********** ********************************************************************************************************************************************************************* "This message and any attachments are solely for the intended recipient and may contain Birlasoft confidential or privileged information. If you are not the intended recipient,any disclosure,copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail at ([EMAIL PROTECTED]) and permanently delete this message and any attachments. Thank you." *********************************************************************************************************************************************************************
