Problem Summary
---------------------------------------------------
B2B documents failed due to TransportException:SSL handshake
Message Transmission Transport Exception
Transport Error Code is OTA-HTTP-SEND-1000
StackTrace oracle.tip.transport.TransportException: [IPT_HttpSendError] HTTP encounters send error :.
at oracle.tip.transport.TransportException.create(TransportException.java:91)
at oracle.tip.transport.basic.HTTPSender.createTransportResponse(HTTPSender.java:848)
at oracle.tip.transport.basic.HTTPSender.send(HTTPSender.java:637)
at oracle.tip.transport.b2b.B2BTransport.send(B2BTransport.java:312)
at oracle.tip.adapter.b2b.transport.TransportInterface.send(TransportInterface.java:1069)
at oracle.tip.adapter.b2b.msgproc.Request.requestRetry(Request.java:3027)
at oracle.tip.adapter.b2b.engine.Engine.messageRetry(Engine.java:2856)
at oracle.tip.adapter.b2b.engine.Engine.handleTimeoutEvent(Engine.java:2730)
at oracle.tip.adapter.b2b.engine.Engine.processEvents(Engine.java:2485)
at oracle.tip.adapter.b2b.data.MsgListener.onMessage(MsgListener.java:530)
at oracle.tip.adapter.b2b.data.MsgListener.run(MsgListener.java:376)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.io.IOException: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
at oracle.security.ssl.OracleSSLSocketImpl.startHandshake(Unknown Source)
at HTTPClient.OracleSSL.getSSLSocket(OracleSSL.java:255)
at HTTPClient.OracleSSL.getSSLSocket(OracleSSL.java:263)
at HTTPClient.HTTPConnection.getSSLSocket(HTTPConnection.java:4220)
at HTTPClient.HTTPConnection.doConnect(HTTPConnection.java:4038)
at HTTPClient.HTTPConnection.sendRequest(HTTPConnection.java:3003)
at HTTPClient.HTTPConnection.handleRequest(HTTPConnection.java:2843)
at HTTPClient.HTTPResponse.handleResponse(HTTPResponse.java:769)
at HTTPClient.HTTPResponse.getStatusCode(HTTPResponse.java:196)
at oracle.tip.transpo
============================================
Solution ==>
Below logs shows this is for an issue with the certificates being used.
Caused by: java.io.IOException: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
this is a http handshake error, and the root cause is: incomplete certificate chain.
Please follow below technical note in B2B 10g dealing with Security configuration:
B2B-TN026: OHS Setup, HTTPs, FTPs, Signing, Encryption & sFTP
http://www.oracle.com/technetwork/testcontent/b2b-tn-026-security-133755.pdf
Please setup carefully the OHS/HTTPS as per that document.
Second, Please make sure that certificate being used (in a wallet, in a keystore, or as a standalone X509 certificate) it must contain the whole certificate chain which means:
Certificate Authority (CA) pulic key, any Intermediate Certificate Authority public key, and certificate.
Remember, a CA releases a certificate for us, but when the CA provides us the certificate, it also provides us its public key (CA public key)+ any intermediate CA public key (if this is the case).
So, as a second action plan would be as below :
-> make sure that you imported in the SSL wallet the full chain for certificates
-> make sure that you imported in the SSL wallet the full chain for partner certificates
-> make sure that the certificate configured in B2B for host TP contain the full chain of certificates
-> make sure that the certificate configured in B2B for remote TP contain the full chain of certificates
No comments:
Post a Comment