...
When using the SeaLights test listener as a javaagent in WebSphere, it fails to connect to our server with the exception Cannot find the specified class ClassNotFoundException for com.ibm.websphere.ssl.protocol.SSLSocketFactory
| Code Block | ||
|---|---|---|
| ||
[SEALIGHTS] (... <Certificate chain received from hostname - xxx.xxx.xxx.xxx --> app.sealights.co failed hostname verification check. Certificate contained *.sealights.co but check expected app.sealights.co>) Error: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory at javax.net.ssl.DefaultSSLSocketFactory.a(SSLSocketFactory.java:10) ... |
Cause
This is a known issue with WebSphere when SSL is enabled and using a JDK from the WebSphere Application Server (see references below).
When the IBM WebSphere Application Server starts up it sets the security property to the WebSphere default of com.ibm.websphere.ssl.protocol.SSLSocketFactory. Unfortunately the class com.ibm.websphere.ssl.protocol.SSLSocketFactory is but this class is not visible to the Java agent, thus the ClassNotFoundException is raised when trying to open a secured connection to Sealights' servers.
...
Another solution is to set WebSphere SSL configuration to use the IBM JSSE implementation with by defining the content of sl.java.security file as below
| Code Block |
|---|
ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl |
...