Request Assistance::No X509TrustManager implementation available

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Sir/Madam,

 

Greetings for the day!

 

We have provided an application which invokes https URL. App server used is TOMCAT. The team who administers the application installed certificates under CACERTS. The certificate is available in a .JKS file.

 

Now the application works well for some days. After few days we get the error “No X509TrustManager implementation available”. When JVM is restarted it again works.

 

Exception captured by application is following à Error = javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available

 

Exception printed after enabling SSL debug is the following.

 

  Algorithm: [SHA256withRSA]

  Signature:

0000: 77 7C 68 19 57 39 A2 72   97 D3 73 BF 03 88 24 C4  w.h.W9.r..s...$.

0010: 96 B0 52 87 64 D0 A1 4C   C5 B5 6B 9A 41 CA 0B BE  ..R.d..L..k.A...

0020: 43 8A D5 AE 09 6D 54 3A   10 58 1D 40 53 4E A7 CA  C....mT:.X.@SN..

0030: 48 2E 6C FE ED 99 16 96   99 9F AD E8 F8 BE E7 F0  H.l.............

0040: A0 42 ED 62 29 A0 AB A4   26 B3 16 1D BF BE 9B 7A  .B.b)...&......z

0050: EE F2 DB 6A DE C9 9B C5   7F DA 06 CF 9F 64 9D E4  ...j.........d..

0060: 0C 5D 2E 1D 10 F5 F9 7D   05 89 0A B3 F3 72 B9 0B  .]...........r..

0070: 39 15 19 8A 5E 57 6A 1F   5C E7 F9 D7 29 42 15 AA  9...^Wj.\...)B..

0080: CD EA BA F2 71 B7 EB B8   F6 D7 A7 60 34 0C FF FA  ....q......`4...

0090: 5D DD 49 45 B5 23 60 4F   E4 E3 09 A9 EF DF CD 41  ].IE.#`O.......A

00A0: EA B8 75 23 5B 82 D7 B6   3E 17 1F 45 30 6F CE CF  ..u#[...>..E0o..

00B0: 55 E5 6A 65 C9 C1 5C 19   5F B0 98 66 F9 17 71 A9  U.je..\._..f..q.

00C0: 38 92 29 57 19 3F 2B B6   8F 58 8B B5 3E 94 23 E3  8.)W.?+..X..>.#.

00D0: 76 D3 40 8B F7 93 4F 64   2D 8B 62 EF C2 D1 1F B5  v.@xxxxx-.b.....

00E0: 02 94 7B 94 D7 2B D6 84   08 5C B0 0E EC 4C 51 E2  .....+...\...LQ.

00F0: AD 09 5A 1F 87 A0 30 E4   BF 28 E8 D7 1F DB 27 3B  ..Z...0..(....';

 

]

***

%% Invalidated:  [Session-14627, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]

Thread-9622, SEND TLSv1.2 ALERT:  fatal, description = certificate_unknown

Thread-9622, WRITE: TLSv1.2 Alert, length = 2

[Raw write]: length = 7

0000: 15 03 03 00 02 02 2E                               .......

Thread-9622, called closeSocket()

Thread-9622, handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available

 

When JVM is restarted, and users perform transaction, the application receives success message and debug captured is the following.

 

Algorithm: [SHA256withRSA]

  Signature:

0000: 77 7C 68 19 57 39 A2 72   97 D3 73 BF 03 88 24 C4  w.h.W9.r..s...$.

0010: 96 B0 52 87 64 D0 A1 4C   C5 B5 6B 9A 41 CA 0B BE  ..R.d..L..k.A...

0020: 43 8A D5 AE 09 6D 54 3A   10 58 1D 40 53 4E A7 CA  C....mT:.X.@SN..

0030: 48 2E 6C FE ED 99 16 96   99 9F AD E8 F8 BE E7 F0  H.l.............

0040: A0 42 ED 62 29 A0 AB A4   26 B3 16 1D BF BE 9B 7A  .B.b)...&......z

0050: EE F2 DB 6A DE C9 9B C5   7F DA 06 CF 9F 64 9D E4  ...j.........d..

0060: 0C 5D 2E 1D 10 F5 F9 7D   05 89 0A B3 F3 72 B9 0B  .]...........r..

0070: 39 15 19 8A 5E 57 6A 1F   5C E7 F9 D7 29 42 15 AA  9...^Wj.\...)B..

0080: CD EA BA F2 71 B7 EB B8   F6 D7 A7 60 34 0C FF FA  ....q......`4...

0090: 5D DD 49 45 B5 23 60 4F   E4 E3 09 A9 EF DF CD 41  ].IE.#`O.......A

00A0: EA B8 75 23 5B 82 D7 B6   3E 17 1F 45 30 6F CE CF  ..u#[...>..E0o..

00B0: 55 E5 6A 65 C9 C1 5C 19   5F B0 98 66 F9 17 71 A9  U.je..\._..f..q.

00C0: 38 92 29 57 19 3F 2B B6   8F 58 8B B5 3E 94 23 E3  8.)W.?+..X..>.#.

00D0: 76 D3 40 8B F7 93 4F 64   2D 8B 62 EF C2 D1 1F B5  v.@xxxxx-.b.....

00E0: 02 94 7B 94 D7 2B D6 84   08 5C B0 0E EC 4C 51 E2  .....+...\...LQ.

00F0: AD 09 5A 1F 87 A0 30 E4   BF 28 E8 D7 1F DB 27 3B  ..Z...0..(....';

 

]

***

Found trusted certificate:

 

So we are not able to figure out if there is an issue with certificate or key store or certificate chain. Any guidance/assistance in this regard to address the issue will be highly appreciated.

 

Please revert in case you need any additional details/information to provide guidance.

 

Thank you in advance.

 

Regards,
Rao KV


Disclaimer

This e-mail and the attachments thereto contain confidential information and are intended only for the individual to whom it is addressed. If you are not the intended addressee, then you are hereby notified that dissemination, distribution, disclosure, copying or taking any action in reliance on the contents, of this email and/or its attachments are strictly prohibited and shall entail legal consequences. You are requested to notify the sender immediately by return e-mail that you have received this e-mail by mistake and delete this e-mail from your system.

Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of i-exceed. 

E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of the e-mail transmission.

i-exceed technology solutions, www.i-exceed.com 


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux