Jump to content

Client running on Weblogic 10 server is unable to connect after upgrading from Tibco EMS v8.3 to v8.5. Client also updated the Tibco client libraries to v8.5 but still unable to connect.

Recommended Posts

Here is the error we're seeing on the Weblogic side:



at java.lang.Class.forName0(Native Method)

at java.lang.Class.forName(Class.java:195)

at com.tibco.security.ssl.SSLFactory.init(SSLFactory.java:67)

at com.tibco.security.ssl.SSLFactory.getInstance(SSLFactory.java:87)

at com.tibco.tibjms.TibjmsxLinkSSL._initSSL(TibjmsxLinkSSL.java:302)



Caused By: java.lang.RuntimeException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

at com.tibco.security.ssl.B.D.super(CipherFilter.java:45)

at com.tibco.security.providers.SSLFactory_jsse.<clinit>(SSLFactory_jsse.java:74)

Link to comment
Share on other sites

Hi Kurian,

Thanks for your reply. I don't believe there are any other changes in the Weblogic side.

If the error is occurring before the TLS handshake, what could be the cause of the issue?

What usually takes place before the TLS handshake when a client is connecting to Tibco?

Link to comment
Share on other sites

The exception is thrown from Java library. Did you post the entire exception stack trace? 

Since the EMS client version did not change, I suspect something changed in the WebLogic environment or it is some misconfiguration. One suggestion that I have is to remove EMS v8.3 library JAR files from WebLogic classpath and keep only v8.5 library JAR files. I suspect it will fail with a similar exception but exception stack trace might provide more information. 

Link to comment
Share on other sites

  • 4 weeks later...

Hi Kurian,

Configured a WL 14c (WebLogic Server Version: environment and Java 1.8 (Java Version:1.8.0_291) but still unable to establish connectivity. Seeing the following errors in the WL logs.

<ExecuteThread: '1' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <cd4797ab-e33e-4ed8-9f35-4d0fd8c99a34-00000029> <1681335261841> <[severity-value: 128] [rid: 0] > <BEA-000000> <Exception processing peer certificates: peer not authenticated

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

       at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:574)

       at weblogic.servlet.provider.WlsSecurityProvider.getSSLAttributes(WlsSecurityProvider.java:284)

We're not seeing any connection attempts in the Tibco server logs.

The keystore and truststore looks good. We can see the tibco certificate imported along with the Root and Intermediate CA.

In the jndi.properties of Weblogic, the ssl_enable_verify_host  is set to False.

thanks for your help.

Link to comment
Share on other sites

It seems the 'peer not authenticated' exceptions are benign messages per Oracle/Weblogic support. They show up in the logs when SSL debug in Weblogic is enabled and not related to the Tibco connectivity issue.

It's puzzling we're not seeing any other exceptions and it seems WL is not even attempting the SSL handshake.

Just to make sure we're not missing anything, these are the steps we did in the WL server to connect to Tibco EMS.

  1. Copy the Tibco 8.5 client libraries to the WL lib directory.
  2. Add the path to the libraries to the WL setDomainenv
  3. Create a Foreign JMS server
  4. Restart WL

Do you know if we are missing any step?

Link to comment
Share on other sites

  • Create New...