joanne delara 3 Posted March 9, 2023 Share Posted March 9, 2023 They are using TLS v1.2 and ciphers used for the SSL connection exist in the Tibco server. Any other configuration either on the Weblogic or Tibco side that needs to be updated for the connection to work?Thank you. Link to comment Share on other sites More sharing options...
Kurian Kuruvilla Posted March 10, 2023 Share Posted March 10, 2023 Any errors on WebLogic side or TIBCO EMS side? Link to comment Share on other sites More sharing options...
joanne delara 3 Posted March 10, 2023 Author Share Posted March 10, 2023 Here is the error we're seeing on the Weblogic side:java.lang.ExceptionInInitializerError.java.lang.ExceptionInInitializerError at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:195) at com.tibco.security.ssl.SSLFactory.init(SSLFactory.java:67) at com.tibco.security.ssl.SSLFactory.getInstance(SSLFactory.java:87) at com.tibco.tibjms.TibjmsxLinkSSL._initSSL(TibjmsxLinkSSL.java:302)......Caused By: java.lang.RuntimeException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext) at com.tibco.security.ssl.B.D.super(CipherFilter.java:45) at com.tibco.security.providers.SSLFactory_jsse.<clinit>(SSLFactory_jsse.java:74) Link to comment Share on other sites More sharing options...
Kurian Kuruvilla Posted March 13, 2023 Share Posted March 13, 2023 It looks like WebLogic is still using EMS client library v8.3 (v8.4 and above don't use TIBCrypt). This shouldn't be a problem though. Also, the error is encountered before the TLS handshake is initiated. Did something else change on WebLogic side? Link to comment Share on other sites More sharing options...
joanne delara 3 Posted March 14, 2023 Author Share Posted March 14, 2023 Hi Kurian,Thanks for your reply. I don't believe there are any other changes in the Weblogic side.If the error is occurring before the TLS handshake, what could be the cause of the issue?What usually takes place before the TLS handshake when a client is connecting to Tibco? Link to comment Share on other sites More sharing options...
Kurian Kuruvilla Posted March 14, 2023 Share Posted March 14, 2023 The exception is thrown from Java library. Did you post the entire exception stack trace? Since the EMS client version did not change, I suspect something changed in the WebLogic environment or it is some misconfiguration. One suggestion that I have is to remove EMS v8.3 library JAR files from WebLogic classpath and keep only v8.5 library JAR files. I suspect it will fail with a similar exception but exception stack trace might provide more information. Link to comment Share on other sites More sharing options...
Kurian Kuruvilla Posted March 18, 2023 Share Posted March 18, 2023 "java.security.NoSuchAlgorithmException: Error constructing implementation"This could be caused by a misconfigured keystore or truststore so check that too. Link to comment Share on other sites More sharing options...
joanne delara 3 Posted March 20, 2023 Author Share Posted March 20, 2023 We removed all references to the EMS 8.3 library and kept only the 8.5 JAR files. Now seeing the following errors in Weblogic logs:java.lang.UnsupportedClassVersionError: com/tibco/tibjms/naming/TibjmsInitialContextFactory : Unsupported major.minor version 52.0. Link to comment Share on other sites More sharing options...
Kurian Kuruvilla Posted March 20, 2023 Share Posted March 20, 2023 Is the WebLogic environment using JRE version 1.7? If yes, using EMS 8.5 library JAR files might not be an option. Does the keystore/truststore configuration look fine? Link to comment Share on other sites More sharing options...
joanne delara 3 Posted March 20, 2023 Author Share Posted March 20, 2023 Thanks Kurian. Yes, the Weblogic environment is using Java 1.7. Is it ok if we use Tibco 8.3 libraries on the Weblogic server? Do you know if Weblogic 10 is compatible with EMS 8.5.1? Link to comment Share on other sites More sharing options...
joanne delara 3 Posted April 13, 2023 Author Share Posted April 13, 2023 Hi Kurian,Configured a WL 14c (WebLogic Server Version: 14.1.1.0.0) environment and Java 1.8 (Java Version:1.8.0_291) but still unable to establish connectivity. Seeing the following errors in the WL logs. <ExecuteThread: '1' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <cd4797ab-e33e-4ed8-9f35-4d0fd8c99a34-00000029> <1681335261841> <[severity-value: 128] [rid: 0] > <BEA-000000> <Exception processing peer certificates: peer not authenticatedjavax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:574) at weblogic.servlet.provider.WlsSecurityProvider.getSSLAttributes(WlsSecurityProvider.java:284)We're not seeing any connection attempts in the Tibco server logs. The keystore and truststore looks good. We can see the tibco certificate imported along with the Root and Intermediate CA.In the jndi.properties of Weblogic, the ssl_enable_verify_host is set to False.thanks for your help. Link to comment Share on other sites More sharing options...
Kurian Kuruvilla Posted April 13, 2023 Share Posted April 13, 2023 The exception is from WebLogic code. I am not familiar with WebLogic but it looks like WebLogic is trying to access certificates from a session. Does it mean that the a connection has been established? Do you have SSL handshake debug logs from WebLogic side? Link to comment Share on other sites More sharing options...
joanne delara 3 Posted April 17, 2023 Author Share Posted April 17, 2023 It seems the 'peer not authenticated' exceptions are benign messages per Oracle/Weblogic support. They show up in the logs when SSL debug in Weblogic is enabled and not related to the Tibco connectivity issue.It's puzzling we're not seeing any other exceptions and it seems WL is not even attempting the SSL handshake.Just to make sure we're not missing anything, these are the steps we did in the WL server to connect to Tibco EMS.Copy the Tibco 8.5 client libraries to the WL lib directory.Add the path to the libraries to the WL setDomainenvCreate a Foreign JMS serverRestart WLDo you know if we are missing any step? Link to comment Share on other sites More sharing options...
Kurian Kuruvilla Posted April 20, 2023 Share Posted April 20, 2023 I am not familiar with WebLogic. See if the article at the following location helps. https://support.tibco.com/s/article/Tibco-KnowledgeArticle-Article-28957 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now