Discussion:
Tomcat 8 and Oracle Wallets
Christophe Vanlancker
2018-11-15 12:24:10 UTC
Permalink
Hello,

I'm having an issue with setting up SSL encrypted connections to an Oracle database.

I looked up on many websites and places and got the impression that either people abandon setting up the encryption or implemented the connection in code rather than through the jndi context in Tomcat itself.

Tomcat 8.5.34
JDK 1.8.0_171
RedHat 7.4 (Selinux permissive)
OracleDB 12.2.0.1.0

I've written a simple Java application which just connects to the database using TCPS and makes a simple query.
This works.

java -D oracle.net.tns_admin ="./oracle_wallets/" -D oracle.net.wallet_location ="(SOURCE=(METHOD=FILE) (METHOD_DATA = (DIRECTORY=./oracle_wallets)))" -cp ./: ./lib/ ojdbc8.jar :./lib/ oraclepki.jar DataSourceSample

I'm using the official ojdbc8.jar from Oracle appropriate for the version of Java and the Oracle database.

Because Oracle Wallets is an invention of Oracle itself, I added the appropriate security provider in java.security: security.provider.4=oracle.security.pki.OraclePKIProvider ( loaded before com.sun.net.ssl.internal.ssl.Provider ) so it gets loaded before the default PKCS implementation in Java.

cwallet.sso cwallet.sso.lck ewallet.p12 ewallet.p12.lck sqlnet.ora tnsnames.ora are all placed inside the ./oracle_wallets.

As said before, the little Java app that I wrote is able to open the wallets and connect to the database:

AArray = [***@6328d34a
AArray = [***@145eaa29
AArray = [***@15bb6bea
....
Driver Name: Oracle JDBC driver
Driver Version: 12.2.0.1.0
Default Row Prefetch Value is: 20
Database Username is: MY_USER
....
82062920015 SomeResults1
87093009324 SomeResults2
74031825702 SomeResults3
....


I translated this to Tomcat in the following way:

I placed the ojdbc8.jar and oraclepki.jar in the libs folder of Catalina.

I added the Java options in bin/setenv.sh:

export CATALINA_OPTS="$CATALINA_OPTS -Doracle.net.tns_admin=<full path>/oracle_wallets/"
export CATALINA_OPTS="$CATALINA_OPTS -Doracle.net.wallet_location='(SOURCE=(METHOD=FILE) (METHOD_DATA = (DIRECTORY= <full path> /oracle_wallets)))'"

The entries in the context.xml file look like this:

<Resource name="jdbc/dominoDataSource"
auth="Container"
type="javax.sql.DataSource"
username="MY_USER"
password="*************"
url="jdbc:oracle:thin:@MY_DATABASE"
driverClassName="oracle.jdbc.OracleDriver"
timeBetweenEvictionRunsMillis="120000"
testOnBorrow="True"
logAbandoned="True"
removeAbandonedTimeout="3600"
maxIdle="20"
initialSize="32"
removeAbandonedOnBorrow="True"
maxTotal="256"
validationQuery="select 1 from dual"
removeAbandonedOnMaintenance="True"
maxWaitMillis="300000"
/>

I can confirm that the rights on the filesystem for the wallets are permissive enough for Tomcat to read them.
Tomcat is able to connect to the database.

But for some reason it's as if it's unable to read the wallets.


Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:523)
at oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:521)
at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:660)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:286)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1438)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:518)
... 68 more
Caused by: oracle.net.ns.NetException: Unable to initialize ssl context.
at oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:564)
at oracle.net.nt.TcpsNTAdapter.connect(TcpsNTAdapter.java:143)
at oracle.net.nt.ConnOption.connect(ConnOption.java:161)
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:470)
... 73 more
Caused by: oracle.net.ns.NetException: Unable to initialize the key store.
at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:642)
at oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:547)
... 76 more
Caused by: java.security.KeyStoreException: SSO not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:628)
... 77 more
Caused by: java.security.NoSuchAlgorithmException: SSO KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 78 more

I tried checking if it was maybe linked to the application by removing it, but the same result.

Would be nice if anyone has tried this similarly with or without succes.


Regards,
Christophe
--
--
Christophe Vanlancker <***@inuits.eu>
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu
Christophe Vanlancker
2018-11-16 11:03:08 UTC
Permalink
I ran a strace on the Tomcat process, and see that Tomcat actually IS able to see and read the wallets.



[pid 21880] open("< full path to wallets>/oracle_wallets/cwallet.sso", O_RDONLY) = 362


So I think this means that the problem lies somewhere between Tomcat and the OJDBC driver.


Regards,
Christophe
--
--
Christophe Vanlancker <***@inuits.eu>
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu


From: "Christophe Vanlancker" <***@inuits.eu>
To: "users" <***@tomcat.apache.org>
Sent: Thursday, 15 November, 2018 13:24:10
Subject: Tomcat 8 and Oracle Wallets

Hello,

I'm having an issue with setting up SSL encrypted connections to an Oracle database.

I looked up on many websites and places and got the impression that either people abandon setting up the encryption or implemented the connection in code rather than through the jndi context in Tomcat itself.

Tomcat 8.5.34
JDK 1.8.0_171
RedHat 7.4 (Selinux permissive)
OracleDB 12.2.0.1.0

I've written a simple Java application which just connects to the database using TCPS and makes a simple query.
This works.

java -D oracle.net.tns_admin ="./oracle_wallets/" -D oracle.net.wallet_location ="(SOURCE=(METHOD=FILE) (METHOD_DATA = (DIRECTORY=./oracle_wallets)))" -cp ./: ./lib/ ojdbc8.jar :./lib/ oraclepki.jar DataSourceSample

I'm using the official ojdbc8.jar from Oracle appropriate for the version of Java and the Oracle database.

Because Oracle Wallets is an invention of Oracle itself, I added the appropriate security provider in java.security: security.provider.4=oracle.security.pki.OraclePKIProvider ( loaded before com.sun.net.ssl.internal.ssl.Provider ) so it gets loaded before the default PKCS implementation in Java.

cwallet.sso cwallet.sso.lck ewallet.p12 ewallet.p12.lck sqlnet.ora tnsnames.ora are all placed inside the ./oracle_wallets.

As said before, the little Java app that I wrote is able to open the wallets and connect to the database:

AArray = [***@6328d34a
AArray = [***@145eaa29
AArray = [***@15bb6bea
....
Driver Name: Oracle JDBC driver
Driver Version: 12.2.0.1.0
Default Row Prefetch Value is: 20
Database Username is: MY_USER
....
82062920015 SomeResults1
87093009324 SomeResults2
74031825702 SomeResults3
....


I translated this to Tomcat in the following way:

I placed the ojdbc8.jar and oraclepki.jar in the libs folder of Catalina.

I added the Java options in bin/setenv.sh:

export CATALINA_OPTS="$CATALINA_OPTS -Doracle.net.tns_admin=<full path>/oracle_wallets/"
export CATALINA_OPTS="$CATALINA_OPTS -Doracle.net.wallet_location='(SOURCE=(METHOD=FILE) (METHOD_DATA = (DIRECTORY= <full path> /oracle_wallets)))'"

The entries in the context.xml file look like this:

<Resource name="jdbc/dominoDataSource"
auth="Container"
type="javax.sql.DataSource"
username="MY_USER"
password="*************"
url="jdbc:oracle:thin:@MY_DATABASE"
driverClassName="oracle.jdbc.OracleDriver"
timeBetweenEvictionRunsMillis="120000"
testOnBorrow="True"
logAbandoned="True"
removeAbandonedTimeout="3600"
maxIdle="20"
initialSize="32"
removeAbandonedOnBorrow="True"
maxTotal="256"
validationQuery="select 1 from dual"
removeAbandonedOnMaintenance="True"
maxWaitMillis="300000"
/>

I can confirm that the rights on the filesystem for the wallets are permissive enough for Tomcat to read them.
Tomcat is able to connect to the database.

But for some reason it's as if it's unable to read the wallets.


Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:523)
at oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:521)
at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:660)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:286)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1438)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:518)
... 68 more
Caused by: oracle.net.ns.NetException: Unable to initialize ssl context.
at oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:564)
at oracle.net.nt.TcpsNTAdapter.connect(TcpsNTAdapter.java:143)
at oracle.net.nt.ConnOption.connect(ConnOption.java:161)
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:470)
... 73 more
Caused by: oracle.net.ns.NetException: Unable to initialize the key store.
at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:642)
at oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:547)
... 76 more
Caused by: java.security.KeyStoreException: SSO not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:628)
... 77 more
Caused by: java.security.NoSuchAlgorithmException: SSO KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 78 more

I tried checking if it was maybe linked to the application by removing it, but the same result.

Would be nice if anyone has tried this similarly with or without succes.


Regards,
Christophe
--
--
Christophe Vanlancker <***@inuits.eu>
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu
Luis Rodríguez Fernández
2018-11-16 14:04:23 UTC
Permalink
Hello Christophe,

Very interesting, thanks!

Would it be possible in your scenario to export the certificates from the
wallet and import them to a different keystore (PCKS12 or JKS)? You can
have a look at [1]

Hope it helps,

Luis

[1]
https://blogs.oracle.com/dev2dev/ssl-connection-to-oracle-db-using-jdbc,-tlsv12,-jks-or-oracle-wallets






El vie., 16 nov. 2018 a las 12:03, Christophe Vanlancker (<
Post by Christophe Vanlancker
I ran a strace on the Tomcat process, and see that Tomcat actually IS able
to see and read the wallets.
[pid 21880] open("< full path to wallets>/oracle_wallets/cwallet.sso", O_RDONLY) = 362
So I think this means that the problem lies somewhere between Tomcat and the OJDBC driver.
Regards,
Christophe
--
--
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu
Sent: Thursday, 15 November, 2018 13:24:10
Subject: Tomcat 8 and Oracle Wallets
Hello,
I'm having an issue with setting up SSL encrypted connections to an Oracle database.
I looked up on many websites and places and got the impression that either
people abandon setting up the encryption or implemented the connection in
code rather than through the jndi context in Tomcat itself.
Tomcat 8.5.34
JDK 1.8.0_171
RedHat 7.4 (Selinux permissive)
OracleDB 12.2.0.1.0
I've written a simple Java application which just connects to the database
using TCPS and makes a simple query.
This works.
java -D oracle.net.tns_admin ="./oracle_wallets/" -D
oracle.net.wallet_location ="(SOURCE=(METHOD=FILE) (METHOD_DATA =
(DIRECTORY=./oracle_wallets)))" -cp ./: ./lib/ ojdbc8.jar :./lib/
oraclepki.jar DataSourceSample
I'm using the official ojdbc8.jar from Oracle appropriate for the version
of Java and the Oracle database.
Because Oracle Wallets is an invention of Oracle itself, I added the
security.provider.4=oracle.security.pki.OraclePKIProvider ( loaded before
com.sun.net.ssl.internal.ssl.Provider ) so it gets loaded before the
default PKCS implementation in Java.
cwallet.sso cwallet.sso.lck ewallet.p12 ewallet.p12.lck sqlnet.ora
tnsnames.ora are all placed inside the ./oracle_wallets.
As said before, the little Java app that I wrote is able to open the
....
Driver Name: Oracle JDBC driver
Driver Version: 12.2.0.1.0
Default Row Prefetch Value is: 20
Database Username is: MY_USER
....
82062920015 SomeResults1
87093009324 SomeResults2
74031825702 SomeResults3
....
I placed the ojdbc8.jar and oraclepki.jar in the libs folder of Catalina.
export CATALINA_OPTS="$CATALINA_OPTS -Doracle.net.tns_admin=<full path>/oracle_wallets/"
export CATALINA_OPTS="$CATALINA_OPTS
-Doracle.net.wallet_location='(SOURCE=(METHOD=FILE) (METHOD_DATA =
(DIRECTORY= <full path> /oracle_wallets)))'"
<Resource name="jdbc/dominoDataSource"
auth="Container"
type="javax.sql.DataSource"
username="MY_USER"
password="*************"
driverClassName="oracle.jdbc.OracleDriver"
timeBetweenEvictionRunsMillis="120000"
testOnBorrow="True"
logAbandoned="True"
removeAbandonedTimeout="3600"
maxIdle="20"
initialSize="32"
removeAbandonedOnBorrow="True"
maxTotal="256"
validationQuery="select 1 from dual"
removeAbandonedOnMaintenance="True"
maxWaitMillis="300000"
/>
I can confirm that the rights on the filesystem for the wallets are
permissive enough for Tomcat to read them.
Tomcat is able to connect to the database.
But for some reason it's as if it's unable to read the wallets.
Caused by: oracle.net.ns.NetException: The Network Adapter could not
establish the connection
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:523)
at
oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:521)
at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:660)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:286)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1438)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:518)
... 68 more
Caused by: oracle.net.ns.NetException: Unable to initialize ssl context.
at
oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:564)
at oracle.net.nt.TcpsNTAdapter.connect(TcpsNTAdapter.java:143)
at oracle.net.nt.ConnOption.connect(ConnOption.java:161)
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:470)
... 73 more
Caused by: oracle.net.ns.NetException: Unable to initialize the key store.
at
oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:642)
at
oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:547)
... 76 more
Caused by: java.security.KeyStoreException: SSO not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at
oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:628)
... 77 more
Caused by: java.security.NoSuchAlgorithmException: SSO KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 78 more
I tried checking if it was maybe linked to the application by removing it,
but the same result.
Would be nice if anyone has tried this similarly with or without succes.
Regards,
Christophe
--
--
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu
--
"Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."

- Samuel Beckett
Christophe Vanlancker
2018-11-19 13:24:38 UTC
Permalink
Hi Luis,

Thank you very much for the hint. I wasn't able to export the Oracle Wallets due to not knowing the password the DBA put on it.
However, I was able to obtain the original JKS from which the Oracle Wallets were created from.

I removed all edits I made in setenvs.sh and worked purely with the context.xml:

1. Add the following jar files in lib/ of Tomcat:
ojdbcx.jar (x = relevante major versie van Java, vbl: 8)
2. In ./jre/lib/security/java.security add the following: security.provider.10=oracle.security.pki.OraclePKIProvider
3. In context.xml:
- url="jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCPS)(HOST=<IP/DNS of the database server>)(PORT=2484)))(CONNECT_DATA=(SERVICE_NAME=< SERVICE NAME >)))"
- connectionProperties="javax.net.ssl.trustStore=./keystores/oracle_keystore/mykeystore.jks;javax.net.ssl.trustStorePassword=changeme;javax.net.ssl.trustStoreType=JKS;javax.net.ssl.keyStore=./keystores/oracle_keystore/mykeystore.jks;javax.net.ssl.keyStorePassword=changeme;javax.net.ssl.keyStoreType=JKS;"

Now it works!

Regards,
Christophe
--
--
Christophe Vanlancker <***@inuits.eu>
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu

----- Original Message -----
From: "Luis Rodríguez Fernández" <***@gmail.com>
To: "users" <***@tomcat.apache.org>
Sent: Friday, 16 November, 2018 15:04:23
Subject: Re: Tomcat 8 and Oracle Wallets

Hello Christophe,

Very interesting, thanks!

Would it be possible in your scenario to export the certificates from the
wallet and import them to a different keystore (PCKS12 or JKS)? You can
have a look at [1]

Hope it helps,

Luis

[1]
https://blogs.oracle.com/dev2dev/ssl-connection-to-oracle-db-using-jdbc,-tlsv12,-jks-or-oracle-wallets






El vie., 16 nov. 2018 a las 12:03, Christophe Vanlancker (<
***@inuits.eu>) escribió:



I ran a strace on the Tomcat process, and see that Tomcat actually IS able
to see and read the wallets.



[pid 21880] open("< full path to wallets>/oracle_wallets/cwallet.sso",
O_RDONLY) = 362


So I think this means that the problem lies somewhere between Tomcat and
the OJDBC driver.


Regards,
Christophe
--
--
Christophe Vanlancker <***@inuits.eu>
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu


From: "Christophe Vanlancker" <***@inuits.eu>
To: "users" <***@tomcat.apache.org>
Sent: Thursday, 15 November, 2018 13:24:10
Subject: Tomcat 8 and Oracle Wallets

Hello,

I'm having an issue with setting up SSL encrypted connections to an Oracle
database.

I looked up on many websites and places and got the impression that either
people abandon setting up the encryption or implemented the connection in
code rather than through the jndi context in Tomcat itself.

Tomcat 8.5.34
JDK 1.8.0_171
RedHat 7.4 (Selinux permissive)
OracleDB 12.2.0.1.0

I've written a simple Java application which just connects to the database
using TCPS and makes a simple query.
This works.

java -D oracle.net.tns_admin ="./oracle_wallets/" -D
oracle.net.wallet_location ="(SOURCE=(METHOD=FILE) (METHOD_DATA =
(DIRECTORY=./oracle_wallets)))" -cp ./: ./lib/ ojdbc8.jar :./lib/
oraclepki.jar DataSourceSample

I'm using the official ojdbc8.jar from Oracle appropriate for the version
of Java and the Oracle database.

Because Oracle Wallets is an invention of Oracle itself, I added the
appropriate security provider in java.security:
security.provider.4=oracle.security.pki.OraclePKIProvider ( loaded before
com.sun.net.ssl.internal.ssl.Provider ) so it gets loaded before the
default PKCS implementation in Java.

cwallet.sso cwallet.sso.lck ewallet.p12 ewallet.p12.lck sqlnet.ora
tnsnames.ora are all placed inside the ./oracle_wallets.

As said before, the little Java app that I wrote is able to open the
wallets and connect to the database:

AArray = [***@6328d34a
AArray = [***@145eaa29
AArray = [***@15bb6bea
....
Driver Name: Oracle JDBC driver
Driver Version: 12.2.0.1.0
Default Row Prefetch Value is: 20
Database Username is: MY_USER
....
82062920015 SomeResults1
87093009324 SomeResults2
74031825702 SomeResults3
....


I translated this to Tomcat in the following way:

I placed the ojdbc8.jar and oraclepki.jar in the libs folder of Catalina.

I added the Java options in bin/setenv.sh:

export CATALINA_OPTS="$CATALINA_OPTS -Doracle.net.tns_admin=<full
path>/oracle_wallets/"
export CATALINA_OPTS="$CATALINA_OPTS
-Doracle.net.wallet_location='(SOURCE=(METHOD=FILE) (METHOD_DATA =
(DIRECTORY= <full path> /oracle_wallets)))'"

The entries in the context.xml file look like this:

<Resource name="jdbc/dominoDataSource"
auth="Container"
type="javax.sql.DataSource"
username="MY_USER"
password="*************"
url="jdbc:oracle:thin:@MY_DATABASE"
driverClassName="oracle.jdbc.OracleDriver"
timeBetweenEvictionRunsMillis="120000"
testOnBorrow="True"
logAbandoned="True"
removeAbandonedTimeout="3600"
maxIdle="20"
initialSize="32"
removeAbandonedOnBorrow="True"
maxTotal="256"
validationQuery="select 1 from dual"
removeAbandonedOnMaintenance="True"
maxWaitMillis="300000"
/>

I can confirm that the rights on the filesystem for the wallets are
permissive enough for Tomcat to read them.
Tomcat is able to connect to the database.

But for some reason it's as if it's unable to read the wallets.


Caused by: oracle.net.ns.NetException: The Network Adapter could not
establish the connection
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:523)
at
oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:521)

at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:660)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:286)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1438)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:518)
... 68 more
Caused by: oracle.net.ns.NetException: Unable to initialize ssl context.
at
oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:564)

at oracle.net.nt.TcpsNTAdapter.connect(TcpsNTAdapter.java:143)
at oracle.net.nt.ConnOption.connect(ConnOption.java:161)
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:470)
... 73 more
Caused by: oracle.net.ns.NetException: Unable to initialize the key store.
at
oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:642)

at
oracle.net.nt.CustomSSLSocketFactory.getSSLSocketEngine(CustomSSLSocketFactory.java:547)

... 76 more
Caused by: java.security.KeyStoreException: SSO not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at
oracle.net.nt.CustomSSLSocketFactory.getKeyManagerArray(CustomSSLSocketFactory.java:628)

... 77 more
Caused by: java.security.NoSuchAlgorithmException: SSO KeyStore not
available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 78 more

I tried checking if it was maybe linked to the application by removing it,
but the same result.

Would be nice if anyone has tried this similarly with or without succes.


Regards,
Christophe
--
--
Christophe Vanlancker <***@inuits.eu>
+32 (494) 232277 | Linux & Open-Source consultant - Inuits.eu
--
"Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."

- Samuel Beckett


---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Loading...