`
j2ee_zhongqi
  • 浏览: 209529 次
  • 性别: Icon_minigender_1
  • 来自: 深圳
社区版块
存档分类
最新评论

javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificat

阅读更多
an error occur when i log in my system through Ldap validate password on websphere 6.1.0.29.the error as following:
javax.naming.CommunicationException: simple bind failed: bluepages.ibm.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found]
Unexpected LDAP error occurred

Resolve question:
If you are experiencing problems connecting to bulepages.ibm.com websites from Websphere 6.1 only, and not from any other web servers like Tomcat, then this might be the solution to your problem.  It took me three days to figure out, and I don't want others to go through the same pain that I did.

The error message from Paypal will have a code of -12 and message:Timeout waiting for response Exceeded Reconnect attempts, check context for error, Current reconnect attempt = 4

If you turn on log debugging for Payflow API , then the java Stack Trace will contain a cause that looks like this:

javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found
at com.ibm.jsse2.n.a(n.java:37)

The solution is to add the signer certificates for the paypal test and live websites to your trust store in WebSphere 6.1.

Here are the steps:

Under the Websphere admin console, on the left menu, Select Security -> SSL certificate and key management.
In the right side main window, under Related Items section, choose "Key stores and certificates".
In the new window that pops up, you should see three links:

NodeDefaultKeyStore
NodeDefaultTrustStore
NodeLTPAKeys
Click on "NodeDefaultTrustStore".
In the "NodeDefaultTrustStore" window's "Configuration" tab, under the "Additional Properties" section, click on "Signer Certificates".
In the signer certificates window, you should see three entries:

-default
-dummyclientsigner
-dummyserversigner

You should also see four buttons - Add, Delete, Extract, Retrieve from port.
Select "Retrieve from port" if you don't already have the signer certificate from the paypal website.
In order to retrieve the signer certificate for the test paypal website, these are the values to type in:
Host: bluepages.ibm.com
Port: 636
Alias: bluepages, this can be anything you want, its just a
short name for the site.

Click the button "Retrieve signer information".  This
will return the signer certificate info for the paypal test website.
Hit Apply.
You will be prompted to "Save" or "Retrieve".  Click "Save" to save
the signer certificate for the pilot Payflow web service into the trust keystore.
This will return the signer certificate info.
If you would like to see snapshots of the Websphere admin console, please visit this link that shows how to solve the same problem for the Google website at  http://www.hostmultiplesites.com/googlewebsphere.html
分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics