1 Reply Latest reply on May 26, 2008 1:37 AM by Mohammad Kargar

    Problem using ssl from JBoss 4.2.2

    Christopher Ljungblad Newbie

      Hi,

      Since we upgraded from JBoss AS 4.0.5 to JBoss AS 4.2.2 we ran into problems using ssl sockets to connect to a remote service. This works fine with JBoss 4.0.5 but we got the following exception when using 4.2.2:

      ---------------------------------------
      16:01:13,281 ERROR [ExceptionFilter] handling uncaught exception
      javax.servlet.ServletException: Servlet execution threw an exception
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:313)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
      at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:68)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:73)
      at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
      at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
      at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:44)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
      at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
      at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
      at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
      at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
      at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
      at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
      at java.lang.Thread.run(Thread.java:595)
      Caused by: java.lang.AbstractMethodError: com.verifyeasy.protocol.DTJSSESSLProtocolSocketFactory.createSocket(Ljava/lang/String;ILjava/net/InetAddress;ILorg/apache/commons/httpclient/params/HttpConnectionParams;)Ljava/net/Socket;
      at org.apache.commons.httpclient.HttpConnection.open(Unknown Source)
      at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source)
      at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source)
      at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
      at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
      at com.verifyeasy.protocol.HTTPClient.execute(HTTPClient.java:359)
      at com.verifyeasy.protocol.HTTPClient.post(HTTPClient.java:310)
      at com.verifyeasy.protocol.HTTPClient.post(HTTPClient.java:270)
      at com.verifyeasy.server.VEServer.doConnectRaw(VEServer.java:1335)
      at com.verifyeasy.server.VEServer.doConnect(VEServer.java:1351)
      at com.verifyeasy.server.VEServer.askIf3DSEnrolled(VEServer.java:585)
      at servlets.se.eavtal.egreement.ThreeDSServerPaymentServlet.performAuthenticationEnrollmentQuery(ThreeDSServerPaymentServlet.java:110)
      at servlets.se.eavtal.egreement.ThreeDSServerPaymentServlet.service(ThreeDSServerPaymentServlet.java:69)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      ... 37 more
      ---------------------------------------

      Any ideas why this occur?

      Regards
      JS

        • 1. Re: Problem using ssl from JBoss 4.2.2
          Mohammad Kargar Newbie

          After upgrading to 4.2.2 we got the exception below which complains about SSL certificate. The same code/configuration work fine with 4.0.4. What I found is that replacing the commons-httpclient.jar under server/xxx/lib with the old one (bundled with 4.0.4) will fix the problem!!

          Caused by: org.apache.commons.vfs.FileSystemException: Could not connect to HTTP server on "localhost".
          at org.apache.commons.vfs.provider.http.HttpClientFactory.createConnection(HttpClientFactory.java:105)
          at org.apache.commons.vfs.provider.http.HttpFileProvider.doCreateFileSystem(HttpFileProvider.java:81)
          at org.apache.commons.vfs.provider.AbstractOriginatingFileProvider.findFile(AbstractOriginatingFileProvider.java:81)
          at org.apache.commons.vfs.provider.AbstractOriginatingFileProvider.findFile(AbstractOriginatingFileProvider.java:62)
          at org.apache.commons.vfs.impl.DefaultFileSystemManager.resolveFile(DefaultFileSystemManager.java:641)
          at org.apache.commons.vfs.impl.DefaultFileSystemManager.resolveFile(DefaultFileSystemManager.java:602)
          at org.apache.commons.vfs.impl.DefaultFileSystemManager.resolveFile(DefaultFileSystemManager.java:593)
          at mondrian.rolap.RolapSchema.load(RolapSchema.java:286)
          ... 44 more
          Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
          at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
          at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
          at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
          at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
          at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
          at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
          at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)
          at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
          at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
          at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
          at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(Unknown Source)
          at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.flushRequestOutputStream(Unknown Source)
          at org.apache.commons.httpclient.HttpMethodBase.writeRequest(Unknown Source)
          at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source)
          at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source)
          at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source)
          at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
          at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
          at org.apache.commons.vfs.provider.http.HttpClientFactory.createConnection(HttpClientFactory.java:101)
          ... 51 more
          Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
          at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
          at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
          at sun.security.validator.Validator.validate(Validator.java:203)
          at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
          at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
          at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
          ... 69 more
          Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
          at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
          at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
          at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
          ... 74 more