0

I am using rad with websphere version 8.0.0.9 and i get the error 

[7/5/2018 12:27:46:973 EEST] 0000002d webapp        E com.ibm.ws.webcontainer.webapp.WebApp logServletError SRVE0293E: [Servlet Error]-[gr.mess.web.servlets.LoginServlet]: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at com.ibm.jsse2.o.a(o.java:32)
    at com.ibm.jsse2.o.a(o.java:3)
    at com.ibm.jsse2.SSLSocketImpl.b(SSLSocketImpl.java:817)
    at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:500)
    at com.ibm.jsse2.SSLSocketImpl.h(SSLSocketImpl.java:645)
    at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:138)
    at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:268)
    at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:165)
    at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:27)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1043)
    at com.ibm.net.ssl.www2.protocol.https.b.getOutputStream(b.java:62)
    at gr.mess.web.servlets.LoginServlet.routeeAuthenticate(LoginServlet.java:131)
    at gr.mess.web.servlets.LoginServlet.doPost(LoginServlet.java:100)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1230)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:779)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:478)
    at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:178)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain.invokeTarget(WebAppFilterChain.java:136)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:79)
    at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:960)
    at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1064)
    at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:87)
    at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:914)
    at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1662)
    at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:200)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:453)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:515)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:306)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:277)
    at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
    at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
    at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175)
    at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
    at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
    at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
    at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
    at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:816)
    at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
    at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1702)

I am trying to connect to https://www.routee.net/ sms api. Two months ago i tried it and it was succesfull but now that i try i cannot seem to connect.I am tried many things like using bouncy castle providers with their jars (for jdk 1.6) ,adding local_policy.jar and US_export_policy.jar . I also tried to changed the security settings from websphere secure admin changing the ssl settings about ssl tsl versions but nothing seems to work for me.I also tried to receive certificate from port but the same ssl handshake error occures.I tried to receive certificate for other urls but this time i was succesfull(e.g www.google.com ) . What would be the case here?Something with the jdk 1.6 , the specific url? Any suggestions?

Here is the connection code example i found which worked two months ago

 private String routeeAuthenticate() throws MalformedURLException, IOException {
         /*  Base64.Encoder encoder = Base64.getEncoder();*/

    /*   String toEncode = "Encoding and Decoding in Base64 Test";*/
        //Encoding in b64
        /* routeeAppId.getBytes()*/
    /*  System.out.println(encoded);
        //Decoding in b64
        byte[] decodeResult = new BASE64Decoder().decodeBuffer(encoded);
        System.out.println(new String(decodeResult));*/

           String authString = routeeAppId + ":" + routeeAppSecret;
           String token = new BASE64Encoder().encode(authString.getBytes());
           //String token = encoder.encodeToString(authString.getBytes());
           String accessToken = "";
           URL url = new URL("https://auth.routee.net/oauth/token");
           HttpURLConnection connection = (HttpURLConnection) url.openConnection();
           connection.setRequestMethod("POST");
           connection.setRequestProperty("Authorization", "Basic " + token);
           connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
           connection.setDoOutput(true);
           DataOutputStream wr = new DataOutputStream (connection.getOutputStream());
           wr.writeBytes("grant_type=client_credentials");
           wr.close();
           BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
           String inputLine;
           StringBuffer response = new StringBuffer();
           while ((inputLine = in.readLine()) != null) {
               response.append(inputLine);
           }
           in.close();
           try {
               JSONParser parser = new JSONParser();
               JSONObject jsonObject = (JSONObject)parser.parse(response.toString());
               accessToken = (String) jsonObject.get("access_token");
               System.out.println("AccessToken======"+accessToken+"!!!");
           } catch (Exception e) {
               e.printStackTrace();
           }
           return accessToken;
        }
UnitTest404
  • 29
  • 2
  • 9

1 Answers1

3

The URL you are going to seem to require TLSv1.2 and the ECC ciphers. Can you enable Webphere to use either SSL_TLSv2 or TLSv1.2. To make WebSphere use the ECC ciphers with the HIGH security level you need to set the security property com.ibm.websphere.ssl.include.ECCiphers to true.

You can find information on it in the knowledge center here: https://www.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/usec_seccustomprop.html

or in Stackoverflow here: https://developer.ibm.com/answers/questions/303331/how-can-i-enable-elliptical-curve-cryptography-ecc/

Alaine
  • 419
  • 2
  • 5
  • Although ssllabs test seems to indicate it can still to 1.0 and 1.1. Or at least one of its IPs can, I didn't check them all. https://www.ssllabs.com/ssltest/analyze.html?d=www.routee.net&s=104.27.143.7. – dbreaux May 07 '18 at 13:50
  • I followed the two steps you gave to me and then i bypassed my problem.The ciphers where these time available and i only needed to extract the certificate files from the url(all 4 of them) and add them to trust store.Thank you very much! – UnitTest404 May 08 '18 at 06:04