Oracle, WebLogic Server March 16, 2014 0

WebLogic Server exceptions while connecting to external applications over SSL, HTTPs

WebLogic Server 10.3.5 exceptions while connecting to external applications over SSL

Exceptions examples:

java.lang.ClassCastException: weblogic.net.http.SOAPHttpsURLConnection
javax.xml.ws.WebServiceException: javax.net.ssl.SSLKeyException: 
[Security:090550] The certificate chain received from ...
contained a V3 CA certificate which indicated a certificate 
chain path length in the basic constraints that was exceeded.

This is caused by an incorrectly ordered certificate chain sent from the third party server or load balancer.

Workaround: 

Enforce WebLogic Server to use SUN SSL implementation. Add -DUseSunHttpHandler=true  to JVM arguments.

In Admin Console navigate to Home –> Summary of Servers –> <managed server name>, Configuration > “Server Start” Tab. Add –DUseSunHttpHandler=true to “Arguments” section. Restart Managed server(s).

2014-03-19_001776

Solution:

The solution to this is to contact the third party vendor and request them to reorder their certificate chain to comply with the TLS 1.2 specification.

You can also find information regarding to this issue at Oracle Support:

“Certificate chain path length exceeded” When Invoking HTTPS Webservice (Doc ID 1382106.1) 

Cheers!!