WebSphere 4.0.x EJB client fails to contact WebSphere 5.0.x EJB when security was enabled.

Technote (FAQ)
Problem
Client application to server connection works properly on WebSphere 4.0.x to 4.0.x and from 5.0.x to 5.0.x. Client connections failed for WebSphere 4.0.x client to 5.0.x server.

Stack traces showed following messages:
Ý14.08.03 03:02:59:514 CEST¨ 515445 ORBRas X
com.ibm.CORBA.iiop.IIOPConnection send(IIOPOutputStream, OneWay)
RM1:ldapmon The following exception was logged
java.io.IOException: Socket Closed
at java.net.PlainSocketImpl.getOutputStream(PlainSocketImpl.java:487)
at java.net.Socket$2.run(Socket.java:350)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.Socket.getOutputStream(Socket.java:347)
at com.ibm.sslite.bb.a(bb.java)
at com.ibm.sslite.k.a(k.java)
at com.ibm.sslite.l.<init>(l.java)
at com.ibm.sslite.bb.a(bb.java)
at com.ibm.sslite.bb.<init>(bb.java)
at com.ibm.jsse.bd.a(Unknown Source)
at com.ibm.jsse.b.a(Unknown Source)
at com.ibm.jsse.b.write(Unknown Source)
at com.ibm.CORBA.iiop.CommTraceOS.writeTo(CommTraceOS.java:88)
at com.ibm.CORBA.iiop.IIOPConnection.send(IIOPConnection.java:1428)
at com.ibm.CORBA.iiop.IIOPConnection.locate(IIOPConnection.java:1834)
at com.ibm.CORBA.iiop.GIOPImpl.locate(GIOPImpl.java:194)
at
com.ibm.CORBA.iiop.ClientDelegate.createRequest(ClientDelegate.java:1070

ORB and JSSE traces shows that the reason for the Socket being closed is because of a
"unknown certificate" error.
Cause
In this case WebSphere's default dummykey files were being used on both servers. WebSphere 5.0.x is using a new, different, set of self-signed certificates than is being used in the 4.0.x version.
Solution
Export the certificate from the WebSphere 5.0.x server's DummyServerKeyfile.jks and import the certificate into the WebSphere's 4.0.x DummyServerTrustfile.jks, DummyClientKeyfile.jks and DummyClientTrustfile.jks.

NOTE: It is NEVER recommended to use the default key files in production environments.

See the infocenter for further information on using the Ikeyman tool for creating and editing keyring files.












Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Security
Operating system(s): Multi-Platform
Software version: 3.5, 4.0, 5.0
Reference #: 1177013
IBM Group: Software Group
Modified date: 2004-08-14