Versions Compared

Version Old Version 4 New Version Current
Changes made by

Marc Amouyal

Marc Amouyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

When using the SeaLights test listener as a javaagent in WebSphere, it fails to connect to our server with the exception "Cannot find the specified class ClassNotFoundException for com.ibm.websphere.ssl.protocol.SSLSocketFactory"

...

Code Block
languagetext
[SEALIGHTS] (...
<Certificate chain received from hostname - xxx.xxx.xxx.xxx --> app.sealights.co failed hostname verification check. Certificate contained *.sealights.co but check expected app.sealights.co>

Solution

...

) Error: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
	at javax.net.ssl.DefaultSSLSocketFactory.a(SSLSocketFactory.java:10)
	...

Cause

This is a known issue with WebSphere when SSL is enabled and using a JDK from the WebSphere Application Server . See https://www.ibm.com/support/knowledgecenter/en/was_beta_liberty/com(see references below).

When the IBM WebSphere Application Server starts up it sets the security property to the WebSphere default of com.ibm.websphere.wlpssl.nd.multiplatform.doc/ae/rwlp_trouble.html#rwlp_trouble__ssl01 for more details.
Therefore you should create protocol.SSLSocketFactory but this class is not visible to the Java agent, thus the ClassNotFoundException is raised when trying to open a secured connection to Sealights' servers.

Solution

This issue can be resolved by creating a file called sl.java.security with the following content

sl.java.security
Code Block
title
ssl.SocketFactory.provider=
ssl.ServerSocketFactory.provider=

And then add the following parameter to the JVM args arguments of webSphere WebSphere alongside out our javaagent: 

Code Block
-Djava.security.properties=fullPathTo/sl.java.security

Another solution is to set WebSphere SSL configuration to use the IBM JSSE implementation by defining the content of sl.java.security file as below

Code Block
ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl 
ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl

References

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@1422e
showSpacefalse
sortmodified
typepage
reversetrue

...

labels

...

Weblogic Java Certificate
cqllabel in ( "java" , "certificate" , "weblogic" ) and type = "page" and space = "SUP"

...


Page Properties
hiddentrue


Related issues