Weblogic: даже после предоставления собственного HostName Verifier ---- та же проблема SSL - PullRequest
Новая
       0

Weblogic: даже после предоставления собственного HostName Verifier ---- та же проблема SSL

1 голос
/ 03 февраля 2012

Эксперты!

Я изо всех сил пытался заставить мой клиент Webservice (используя https URL) работать в Weblogic Server 10.3.2, что вызывало проблему, как показано ниже:

3 февраля 2012 г. 10:50:28 EST Предупреждение Безопасность BEA-090504 Цепочка сертификатов получена от apcple.XXX.com - 113.128.90.16 Не удалось проверить имя хоста.Сертификат содержал apcple.XXX.com, но ожидаемую проверку apcple.XXX.com

Если я отключаю проверку имени хоста, используя -Dweblogic.security.SSL.ignoreHostnameVerification = true , кодРАБОТАЕТ нормальноНет проблем.Но это НЕ то, что нужно.

a) Я включил отладки SSL weblogic.

b) Я ввел свой Custom HostNameVerifier и предоставил его через консоль, в журналах я вижу, что Мой пользовательский верификаторвыбирается и выполняет сравнение имени хоста с URL-адресом хоста по сравнению с CN-именем Certiicate, и оно успешно завершается, и код возвращает true.

c) Если вы видите операторы отладки SSL, соединение с сервером установлено и в первый раз оно пытаетсяпроверить цепочку сертификатов 0, 1, 2 и ЗАГРУЗИТЬ my CUSTOM HostName Verifier.

d) После нескольких пройденных строк, он снова пытается проверить сертификаты в той же серии, и ВТОРОЙ раз он НЕ загружал My Custome HostName Verifier AND FAILSсо стандартной ошибкой безопасности BEA, как указано выше.

Не могли бы вы помочь мне выяснить, чего не хватает?

Любая помощь в этом отношении будет высоко оценена.

ПОСМОТРЕТЬ SNIPPET ЗАЯВЛЕНИЙ ОТЛАДКИ SSL 

Feb 3, 2012 10:50:23 AM EST Info WebLogicServer BEA-000307 Exportable key maximum      lifespan set to 500 uses. 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Filtering JSSE SSLSocket
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 SSLIOContextTable.addContext(ctx): 30958379
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 SSLSocket will  be Muxing 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 write SSL_20_RECORD 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 746666 received HANDSHAKE 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 HANDSHAKEMESSAGE: ServerHello 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 HANDSHAKEMESSAGE: Certificate 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Validating certificate 0 in  the chain: Serial number: 1208925819615937499602513
Issuer:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Subject:C=US, ST=Texas, L=Irving, O=XXX LLC, OU=ns, EMAIL=aes.eng@XXX.com,    CN=apcple.XXX.com
Not Valid Before:Fri Jun 17 10:48:17 EDT 2011
Not Valid After:Sun Jun 17 10:48:17 EDT 2012
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Validating certificate 1 in the chain: Serial number: 120010508
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Not Valid Before:Wed Sep 08 13:35:16 EDT 2010
Not Valid After:Tue Sep 08 13:34:08 EDT 2020
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Validating certificate 2 in the chain: Serial number: 33554617
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Not Valid Before:Fri May 12 14:46:00 EDT 2000
Not Valid After:Mon May 12 19:59:00 EDT 2025
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 validationCallback:   validateErr = 0 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000   cert[0] = Serial number:  1208925819615937499602513
Issuer:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Subject:C=US, ST=Texas, L=Irving, O=XXX LLC, OU=ns, EMAIL=aes.eng@XXX.com,  CN=apcple.XXX.com
Not Valid Before:Fri Jun 17 10:48:17 EDT 2011
Not Valid After:Sun Jun 17 10:48:17 EDT 2012
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000   cert[1] = Serial number: 120010508
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Not Valid Before:Wed Sep 08 13:35:16 EDT 2010
Not Valid After:Tue Sep 08 13:34:08 EDT 2020
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000   cert[2] = Serial number: 33554617
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Not Valid Before:Fri May 12 14:46:00 EDT 2000
Not Valid After:Mon May 12 19:59:00 EDT 2025
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 weblogic user specified   trustmanager validation status 0 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 SSLTrustValidator returns: 0 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Trust status (0): NONE 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Performing hostname  validation checks: apcple.XXX.com 


############ BELOW  6 LINES INDICATES MY CUSTOM HOST NAME VERIFIER GOT PICKED UP ########
Custom HostName Verifier Called =com.XXX.sys.WeblogicHostNameVerifier
Rcvd. Host Name=apcple.XXX.com SSL Session=javax.net.ssl.impl.SSLSessionImpl@1760238
Parsing COMMON Name from Certificates 
getPeerLeafCert()....Start
Parsed CN = apcple.XXX.com
HOST NAME AND COMMON NAME MATCH FOUND 


Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 HANDSHAKEMESSAGE: ServerHelloDone 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE  Mac: SunJCE version 1.6 for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm MD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Using JCE Cipher: SunJCE version 1.6 for algorithm RC4 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Using JCE Cipher: SunJCE version 1.6 for algorithm RSA 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 write HANDSHAKE, offset = 0, length = 262 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 write CHANGE_CIPHER_SPEC, offset = 0, length = 1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Using JCE Cipher: SunJCE version 1.6 for algorithm RC4 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HMACMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 write HANDSHAKE, offset = 0, length = 16 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 746666 received CHANGE_CIPHER_SPEC 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Using JCE Cipher: SunJCE version 1.6 for algorithm RC4 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HMACMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 746666 received HANDSHAKE 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 HANDSHAKEMESSAGE: Finished 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE  Mac: SunJCE version 1.6 for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacMD5 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 Will use default Mac for algorithm HmacSHA1 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 write APPLICATION_DATA, offset = 0, length = 193 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 31771821 read(offset=0, length=8192) 
Feb 3, 2012 10:50:23 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 746666 received APPLICATION_DATA: databufferLen 0, contentLength 143 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read databufferLen 143 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read A returns 143 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read(offset=143, length=8049) 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 746666 received APPLICATION_DATA: databufferLen 0, contentLength 3819 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read databufferLen 3819 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read A returns 3819 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read(offset=3962, length=4230) 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 746666 received APPLICATION_DATA: databufferLen 0, contentLength 8 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read databufferLen 8 
Feb 3, 2012 10:50:24 AM EST Debug SecuritySSL BEA-000000 31771821 read A returns 8 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 write APPLICATION_DATA, offset = 0, length = 193 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read(offset=3970, length=4222) 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 746666 received APPLICATION_DATA: databufferLen 0, contentLength 143 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read databufferLen 143 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read A returns 143 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read(offset=4113, length=4079) 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 746666 received APPLICATION_DATA: databufferLen 0, contentLength 3819 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read databufferLen 3819 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read A returns 3819 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read(offset=7932, length=260) 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 746666 SSL3/TLS MAC 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 746666 received APPLICATION_DATA: databufferLen 0, contentLength 8 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read databufferLen 8 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 31771821 read A returns 8 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 SSLSetup: loading trusted CA certificates 
Feb 3, 2012 10:50:25 AM EST Notice Security BEA-090898 Ignoring the trusted CA  certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11. 
Feb 3, 2012 10:50:25 AM EST Notice Security BEA-090898 Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11. 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 clientInfo has HostnameVerifier 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 Filtering JSSE SSLSocket 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 SSLIOContextTable.addContext(ctx): 25583909 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 SSLSocket will  be Muxing 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 write SSL_20_RECORD 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 isMuxerActivated: false 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 28097422 SSL3/TLS MAC 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 28097422 received HANDSHAKE 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 HANDSHAKEMESSAGE: ServerHello 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 HANDSHAKEMESSAGE: Certificate 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 Validating certificate 0 in  the chain: Serial number: 1208925819615937499602513
Issuer:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Subject:C=US, ST=Texas, L=Irving, O=XXX LLC, OU=ns, EMAIL=aes.eng@XXX.com,   CN=apcple.XXX.com
Not Valid Before:Fri Jun 17 10:48:17 EDT 2011
Not Valid After:Sun Jun 17 10:48:17 EDT 2012
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 Validating certificate 1 in  the chain: Serial number: 120010508
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Not Valid Before:Wed Sep 08 13:35:16 EDT 2010
Not Valid After:Tue Sep 08 13:34:08 EDT 2020
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 Validating certificate 2 in  the chain: Serial number: 33554617
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Not Valid Before:Fri May 12 14:46:00 EDT 2000
Not Valid After:Mon May 12 19:59:00 EDT 2025
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 validationCallback: validateErr = 0 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000   cert[0] = Serial number: 1208925819615937499602513
Issuer:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Subject:C=US, ST=Texas, L=Irving, O=XXX LLC, OU=ns, EMAIL=aes.eng@XXX.com,     CN=apcple.XXX.com
Not Valid Before:Fri Jun 17 10:48:17 EDT 2011
Not Valid After:Sun Jun 17 10:48:17 EDT 2012
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000   cert[1] = Serial number: 120010508
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:O=Cybertrust Inc, CN=Cybertrust Public SureServer SV CA
Not Valid Before:Wed Sep 08 13:35:16 EDT 2010
Not Valid After:Tue Sep 08 13:34:08 EDT 2020
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000   cert[2] = Serial number: 33554617
Issuer:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Subject:C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
Not Valid Before:Fri May 12 14:46:00 EDT 2000
Not Valid After:Mon May 12 19:59:00 EDT 2025
Signature Algorithm:SHA1withRSA

Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 weblogic user specified trustmanager validation status 0 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 SSLTrustValidator returns: 0 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 Trust status (0): NONE 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 Performing hostname validation checks: apcple.XXX.com 
Feb 3, 2012 10:50:25 AM EST Warning Security BEA-090504 Certificate chain received  from apcple.XXX.com - 113.128.90.16 failed hostname verification check. Certificate contained apcple.XXX.com but check expected apcple.XXX.com 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 Hostname Verification failed for certificate with CommonName 'apcple.XXX.com' against hostname: apcple.XXX.com 
Feb 3, 2012 10:50:25 AM EST Debug SecuritySSL BEA-000000 NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.init(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle (Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown  Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:158)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:363)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream (SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:952)
at  com.sun.xml.ws.transport.http.client.HttpClientTransport.readResponseCodeAndMessage (HttpClientTransport.java:213)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process (HttpTransportPipe.java:172)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest (HttpTransportPipe.java:101)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
at com.sun.xml.ws.client.Stub.process(Stub.java:248)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:135)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
at $Proxy189.updateMilestone(Unknown Source)
at com.XXX.sys.apc.APCProcessor.updateMilestoneToApc(APCProcessor.java:95)
at com.XXX.sys.apc.APCProcessor.sendAsrFeed(APCProcessor.java:50)
at com.XXX.sys.apc.APCLookupBean.onMessage(APCLookupBean.java:94)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at  com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection     (AopUtils.java:310)
at  com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoin     point(ReflectiveMethodInvocation.java:182)
at   com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed        (ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke     (ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed        (ReflectiveMethodInvocation.java:171)
at    com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doPro     ceed(DelegatingIntroductionInterceptor.java:131)
at   com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invok     e(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed        (ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke   (JdkDynamicAopProxy.java:204)
at $Proxy148.onMessage(Unknown Source)
at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:466)
at weblogic.ejb.container.internal.MDListener.transactionalOnMessage  (MDListener.java:371)
at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:327)
at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4585)
at weblogic.jms.client.JMSSession.execute(JMSSession.java:4271)
at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3747)
at weblogic.jms.client.JMSSession.access$000(JMSSession.java:114)
at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5096)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)'
...