从 Linux JMX 客户端连接到 Weblogic 10.3 t3s 协议的安全问题
当我尝试从 Linux 连接 Weblogic Server(安装在 Windows 上)t3s 协议时,它显示此错误:
Not enough cryptography available to enable a cipher suite!
java.lang.IllegalStateException: Not enough cryptography available to enable a cipher suite!
at com.certicom.tls.interfaceimpl.TLSSystem.resetCipherSuiteSupport(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSSystem.setCertificateSupport(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSSystem.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSSystem.<init>(Unknown Source)
at com.certicom.net.ssl.SSLContext.<init>(Unknown Source)
at com.bea.sslplus.CerticomSSLContext.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at java.lang.Class.newInstance0(Class.java:355)
at java.lang.Class.newInstance(Class.java:308)
at weblogic.security.utils.SSLSetup.getSSLDelegateInstance(SSLSetup.java:132)
at weblogic.security.utils.SSLContextWrapper.<init>(SSLContextWrapper.java:46)
at weblogic.security.utils.SSLContextWrapper.getInstance(SSLContextWrapper.java:41)
at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:313)
at weblogic.security.SSL.SSLClientInfo.getSSLSocketFactory(SSLClientInfo.java:101)
at weblogic.socket.ChannelSSLSocketFactory.getSocketFactory(ChannelSSLSocketFactory.java:126)
at weblogic.socket.ChannelSSLSocketFactory.createSocket(ChannelSSLSocketFactory.java:76)
at weblogic.socket.AbstractMuxableSocket.createSocket(AbstractMuxableSocket.java:223)
at weblogic.rjvm.t3.MuxableSocketT3.newSocketWithRetry(MuxableSocketT3.java:206)
at weblogic.rjvm.t3.MuxableSocketT3.connect(MuxableSocketT3.java:375)
at weblogic.rjvm.t3.ConnectionFactoryT3S.createConnection(ConnectionFactoryT3S.java:34)
at weblogic.rjvm.ConnectionManager.createConnection(ConnectionManager.java:1773)
at weblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.java:1416)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:437)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:315)
at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:251)
at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:194)
at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:225)
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:188)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:153)
at weblogic.jndi.WLInitialContextFactoryDelegate$1.run(WLInitialContextFactoryDelegate.java:344)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:339)
at weblogic.jndi.Environment.getContext(Environment.java:315)
at weblogic.jndi.Environment.getContext(Environment.java:285)
at weblogic.jndi.Environment.createInitialContext(Environment.java:208)
at weblogic.jndi.Environment.getInitialContext(Environment.java:192)
at weblogic.jndi.Environment.getInitialContext(Environment.java:170)
at com.itrsgroup.jmx.diagnostics.WebLogicDiagnostics.dumpInformation(WebLogicDiagnostics.java:115)
at com.itrsgroup.jmx.diagnostics.WebLogicDiagnostics.process(WebLogicDiagnostics.java:56)
at com.itrsgroup.jmx.diagnostics.Diagnostics.dumpSpecificUsage(Diagnostics.java:31)
at com.itrsgroup.jmx.diagnostics.Diagnostics.main(Diagnostics.java:18)
at com.itrsgroup.launchpad.Diagnostics.main(Diagnostics.java:9)
虽然之前已提出此问题 - Solaris JMS 客户端连接到 Weblogic 11g t3s 安全问题 - 我已经尝试过答案,设置wlserver_10.3/server/lib/wlfullclient.jar、wlcipher.jar 和 webserviceclient+ssl.jar 在 CLASSPATH 中,它没有帮助。
也不提供 -Dweblogic.security.TrustKeyStore=CustomTrust -Dweblogic.security.CustomTrustKeyStoreType=JKS -Dweblogic.security.CustomTrustKeyStoreFileName=mykeystore 作为命令中的选项:java -jar jarfile.jar。
我们将不胜感激您的帮助! (很抱歉,我是 stackoverflow 的新手,不确定是否可以将我的问题添加到原始问题链接中)。
更新:
我发现 java/Weblogic 没有考虑我的任何环境变量,例如 CLASSPATH 和 WEBLOGIC_HOME。为了指定 jar,当我将所有 jar 从 weblogic 文件夹复制到当前文件夹时,它可以工作(至少在 Linux 上)。当然,仅 wlfullclient.jar、wlcipher.jar 和 webserviceclient+ssl.jar 不足以连接到 WebLogic。
对于 WEBLOGIC_HOME,如果我在 java -jar 命令上将其指定为 -Dweblogic.home="Path\to\WeblogicHome",则它可以工作。
知道吗,我应该如何让 java/Weblogic 考虑我设置的环境变量?
When I try to connect Weblogic Server (installed on Windows) t3s protocol from Linux, it shows this error:
Not enough cryptography available to enable a cipher suite!
java.lang.IllegalStateException: Not enough cryptography available to enable a cipher suite!
at com.certicom.tls.interfaceimpl.TLSSystem.resetCipherSuiteSupport(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSSystem.setCertificateSupport(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSSystem.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSSystem.<init>(Unknown Source)
at com.certicom.net.ssl.SSLContext.<init>(Unknown Source)
at com.bea.sslplus.CerticomSSLContext.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at java.lang.Class.newInstance0(Class.java:355)
at java.lang.Class.newInstance(Class.java:308)
at weblogic.security.utils.SSLSetup.getSSLDelegateInstance(SSLSetup.java:132)
at weblogic.security.utils.SSLContextWrapper.<init>(SSLContextWrapper.java:46)
at weblogic.security.utils.SSLContextWrapper.getInstance(SSLContextWrapper.java:41)
at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:313)
at weblogic.security.SSL.SSLClientInfo.getSSLSocketFactory(SSLClientInfo.java:101)
at weblogic.socket.ChannelSSLSocketFactory.getSocketFactory(ChannelSSLSocketFactory.java:126)
at weblogic.socket.ChannelSSLSocketFactory.createSocket(ChannelSSLSocketFactory.java:76)
at weblogic.socket.AbstractMuxableSocket.createSocket(AbstractMuxableSocket.java:223)
at weblogic.rjvm.t3.MuxableSocketT3.newSocketWithRetry(MuxableSocketT3.java:206)
at weblogic.rjvm.t3.MuxableSocketT3.connect(MuxableSocketT3.java:375)
at weblogic.rjvm.t3.ConnectionFactoryT3S.createConnection(ConnectionFactoryT3S.java:34)
at weblogic.rjvm.ConnectionManager.createConnection(ConnectionManager.java:1773)
at weblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.java:1416)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:437)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:315)
at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:251)
at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:194)
at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:225)
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:188)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:153)
at weblogic.jndi.WLInitialContextFactoryDelegate$1.run(WLInitialContextFactoryDelegate.java:344)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:339)
at weblogic.jndi.Environment.getContext(Environment.java:315)
at weblogic.jndi.Environment.getContext(Environment.java:285)
at weblogic.jndi.Environment.createInitialContext(Environment.java:208)
at weblogic.jndi.Environment.getInitialContext(Environment.java:192)
at weblogic.jndi.Environment.getInitialContext(Environment.java:170)
at com.itrsgroup.jmx.diagnostics.WebLogicDiagnostics.dumpInformation(WebLogicDiagnostics.java:115)
at com.itrsgroup.jmx.diagnostics.WebLogicDiagnostics.process(WebLogicDiagnostics.java:56)
at com.itrsgroup.jmx.diagnostics.Diagnostics.dumpSpecificUsage(Diagnostics.java:31)
at com.itrsgroup.jmx.diagnostics.Diagnostics.main(Diagnostics.java:18)
at com.itrsgroup.launchpad.Diagnostics.main(Diagnostics.java:9)
Although this question had been asked before - Solaris JMS Client connect to Weblogic 11g t3s security problem - I have tried the answers, setting wlserver_10.3/server/lib/wlfullclient.jar, wlcipher.jar and webserviceclient+ssl.jar in CLASSPATH, it does not help.
Nor does providing -Dweblogic.security.TrustKeyStore=CustomTrust -Dweblogic.security.CustomTrustKeyStoreType=JKS -Dweblogic.security.CustomTrustKeyStoreFileName=mykeystore as options in command: java -jar jarfile.jar.
Your help will be appreciated! (I am sorry I am new to stackoverflow and not sure if I could have added my problem to original problem link).
UPDATE:
I figured out that java/Weblogic is not considering any of my environment variables such as CLASSPATH and WEBLOGIC_HOME. For specifying the jars, when I copy all the jars from weblogic folder to my current folder, its works (atleast on Linux). And definitely, only wlfullclient.jar, wlcipher.jar and webserviceclient+ssl.jar are not sufficient for connecting to WebLogic.
For WEBLOGIC_HOME, if I specify this as -Dweblogic.home="Path\to\WeblogicHome" on the java -jar command, it works.
Any idea, how should I make java/Weblogic consider the environment variables that I set?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论