Invoking webservice from a spring-ws client deployed in weblogic: HANDSHAKE_FAILURE

[NomadLearner]

Context: I have an application (consumer) deployed in EAR mode in weblogic server. This application invokes several external webservices (provider) in http mode. Now we need the application to invoke a new webservice in https/ssl mode.

Issue: I used following piece of code to attach the required certs to the JVM before the client invokes a webservice call.

System.setProperty("javax.net.debug", "ssl");

System.setProperty("javax.net.ssl.trustStore", "foo.jks");

System.setProperty("javax.net.ssl.trustStorePasswo rd", "pwdt");

System.setProperty("javax.net.ssl.keyStore", "soo.jks");

System.setProperty("javax.net.ssl.keyStorePassword ", "pwd");
It's working fine when the code is run from eclipse - outside of weblogic. However when I deploy the same code in weblogic, it fails with following error.

Caused by: javax.net.ssl.SSLHandshakeException: [Security:090497]HANDSHAKE_FAILURE alert received from sxgtest.nordstrom.net - 10.16.216.30. Check both sides of the SSL configuration for mismatches in supported ciphers, supported protocol versions, trusted CAs, and hostname verification settings.

I have verified that everything thing is same - code/certs etc in the both the cases. The only difference is it works if executed as a normal java client outside of weblogic and it fails if dexcuted from an ear deployed in weblogic.

I have very minimal idea of weblogic. Is there any setting or configuration in weblogic that needs to be turned on? If not what am I missing?

Thanks

[pilerou]

Do your trustStore and your jre cacerts have last verisign certificates ?

I had a problem with a provider since first days of july because Verisign added new certificates you have to add in your cacerts.

Since i had it in my cacerts file, it worked.