...
When the IBM WebSphere Application Server starts up it sets the security property to the WebSphere default of com.ibm.websphere.ssl.protocol.SSLSocketFactory. Unfortunately the class com.ibm.websphere.ssl.protocol.SSLSocketFactory is not visible to the Java agent thus the ClassNotFoundException is raised when trying to open a secured connection to Sealights' servers.
Solution
This issue can be resolved by creating a file called sl.java.security with the following content
| Code Block |
|---|
ssl.SocketFactory.provider= ssl.ServerSocketFactory.provider= |
And then add the following parameter to the JVM argsarguments of webSphere WebSphere alongside our javaagent:
| Code Block |
|---|
-Djava.security.properties=fullPathTo/sl.java.security |
Another solution is to provide and enforce the usage of set WebSphere SSL configuration to use the IBM JSSE implementation with the following content of sl.java.security file
...