HTTPS Web service call, that works on localhost, fails on test environment with exception: javax.net.ssl.SSLException: SSLSocketFactory is null

Question

We are accesing SOAP web service via HTTPS. We have multiple environments set up, for development, testing, user acceptence, production. The main problem is, that our SSL web service call on the developement environment is working, but when we deploy it to test environment, we get

javax.net.ssl.SSLException: SSLSocketFactory is null. This can occur if javax.net.ssl.SSLSocketFactory.getDefault() is called to create a socket and javax.net.ssl.* properties are not set.

when trying to establish connection. The target web service is the same for developement and testing.

We use IBM Websphere 7.0 on both environments. It uses Java 1.6.

I've noticed, that there is a difference in system properties betwen local and test server JRE.

localhost: java.fullversion=JRE 1.6.0 IBM J9 2.4 Windows 7 x86-32 jvmwi3260sr15-20131016_170922 (JIT enabled, AOT enabled) J9VM - 20131016_170922 JIT - r9_20130920_46510ifx2 GC - GA24_Java6_SR15_20131016_1337_B170922

TestServer: java.fullversion=JRE 1.6.0 IBM J9 2.4 Windows Server 2008 amd64-64 jvmwa6460sr15-20131016_170922 (JIT enabled, AOT enabled) J9VM - 20131016_170922 JIT - r9_20130920_46510ifx2 GC - GA24_Java6_SR15_20131016_1337_B170922_CMPRSS

We are setting all the necesery system properties for SSL in the code:

String certLoc = Configuration.getString("CERT_LOCATION");

System.setProperty("javax.net.ssl.keyStore", certLoc + "\\certificate.pfx");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", certLoc + "\\TRUSTSTORE.jks");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStorePassword", "password");

If I check system properties on each environment, the values for javax.net.ssl.* are set corectly.

Did someone have similar problems? Can You please share Your solution with me?

Thank You!

Answer 1

Since you are running in a test environment (or any system remote from your development machine), make sure that your code does get the right system property values by logging them (maybe switching log levels to debug). It could be possible that the "user" running the code has a different set of system/runtime properties, or not being set at all.

If you've confirmed that your development properties are indeed defined in the context of the running code in your test environment, check that the full file path pointed to by your properties exist, and your code has read access to it (specially in *nix systems). Also, check that the value of certloc has the right separators in the environment.

For greater portability, when building string path values, consider using file.separator and path.separator that you can retrieve from System.properties, https://docs.oracle.com/javase/tutorial/essential/environment/sysprop.html.