WebSphere - Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory

Problem

When using the SeaLights test listener as a javaagent in WebSphere, it fails to connect to our server with ClassNotFoundException for com.ibm.websphere.ssl.protocol.SSLSocketFactory

[SEALIGHTS] (...) Error: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
	at javax.net.ssl.DefaultSSLSocketFactory.a(SSLSocketFactory.java:10)
	...

Cause

This is a known issue with WebSphere when SSL is enabled and using a JDK from the WebSphere Application Server (see references below).

When the IBM WebSphere Application Server starts up it sets the security property to the WebSphere default of com.ibm.websphere.ssl.protocol.SSLSocketFactory but this class is not visible to the Java agent, thus the ClassNotFoundException is raised when trying to open a secured connection to Sealights' servers.

Solution

This issue can be resolved by creating a file called sl.java.security with the following content

ssl.SocketFactory.provider=
ssl.ServerSocketFactory.provider=

And then add the following parameter to the JVM arguments of WebSphere alongside our javaagent:

-Djava.security.properties=fullPathTo/sl.java.security

Another solution is to set WebSphere SSL configuration to use the IBM JSSE implementation by defining the content of sl.java.security file as below

References

Page:

SeaLights Java Agent - AWS Lambda Support
Page:

.Net/.NetCore - I don't know what namespace to configure
Page:

SeaLights Java agent - Command Reference
Page:

SeaLights CD Agent
Page:

SeaLights CD Agent for Java Application

Problem

Cause

Solution

References

Related articles