2

I want the last of these lines in a standalone application to pass with no exceptions thrown:

    Properties props = new Properties();
    props.setProperty("java.naming.factory.initial",
                      "weblogic.jndi.WLInitialContextFactory");
    props.setProperty("java.naming.provider.url",
                      "t3s://localhost:9002");
    props.setProperty("java.naming.security.principal",
                      "<username>");
    props.setProperty("java.naming.security.credentials",
                      "<password>");
    Context ctx = new InitialContext(props);

...but I get this information in an exception:

Warning Security BEA-090542 Certificate chain received from localhost - 127.0.0.1 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.

So, I created a keystore for the ca using this command:

keytool -keystore client.jks -importcert -file cacert.pem

...and referred to it using the property weblogic.security.TrustKeyStore=client.jks

This still doesn't work, most likely because I haven't supplied a password to the keystore. What have I missed? How can I supply this password? (or, how do I create the keystore without setting a password for it?)

Improve this question
2
  • Did you set up the queue and the connection factory in the admin console? Commented Sep 25, 2009 at 21:58
  • Yes, and everything works fine using the t3 protocol, without ssl. Using t3s, I never get all the way to the jndi lookup. The exception is thrown at the ssl handshake when creating the InitialContext instance. Commented Sep 26, 2009 at 6:26

1 Answer 1

Reset to default
9

Almost two months later, I returned to this issue. After finding this link, I found out that this works:

        System.setProperty("weblogic.security.SSL.ignoreHostnameVerification","true");
        System.setProperty("java.protocol.handler.pkgs", "weblogic.net");
        System.setProperty("weblogic.security.TrustKeyStore","CustomTrust");
        System.setProperty("weblogic.security.CustomTrustKeyStoreFileName", "<keystorelocation>");
        System.setProperty("weblogic.security.CustomTrustKeyStorePassPhrase","<keystorepassword>"); 
        System.setProperty("weblogic.security.CustomTrustKeyStoreType","JKS");

I only got it working using system properties.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.