Resolving SSL Renegotiation issue in OSB – IIS Server 2 way SSL

A friend of mine recently faced this SSL handshake  issue when configuring OSB to do a  2 way SSL with an IIS server hosted by Microsoft. OSB was at the client side and was trying to access a webservice provided by the Windows live platform. The endpoint to which OSB connected was an IIS Server which did the SSL handshaking with OSB.OSB side was configured correctly with PKI credential mapper, service key provider etc.
 The below stack trace was returned for the error with SSL debugging turned on.
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default KeyAgreement for algorithm ECDH>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DESede/CBC/NoPadding>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DES/CBC/NoPadding>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm AES/CBC/NoPadding>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSL Session TTL :90000>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSL enableUnencryptedNullCipher= false>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loading server SSL identity>
####<07/12/2011 12:12:09 PM EST> <Notice> <Security> <BEA-090171> <Loading the identity certificate and private key stored under the alias XXXXXX from the jks keystore file XXXXXXX.jks.>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Loaded public identity certificate chain:>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=XXXXXXX, OU=IT, O=XXXXXXX, L=XXXXX, ST=XXXXX, C=XXXXX; Issuer: CN=XXXXXXXXXX, OU=IT, O=XXXXXX, L=XXXX, ST=XXXX, C=XXX>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
####<07/12/2011 12:12:09 PM EST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file YYYYYYYYYYY.jks.>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loaded 4 trusted CAs from YYYYYYYYYYY.jks>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=XXXXXX, OU=IT, O=XXXXXXXX, L=XXXXXX, ST=XXXXXX, C=AU; Issuer: CN=XXXXXXX, O=XXXX, C=XXXXX>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=thawte Primary Root CA, OU=”(c) 2006 thawte, Inc. – For authorized use only”, OU=Certification Services Division, O=”thawte, Inc.”, C=US; Issuer: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=Thawte SSL CA, O=”Thawte, Inc.”, C=US; Issuer: CN=thawte Primary Root CA, OU=”(c) 2006 thawte, Inc. – For authorized use only”, OU=Certification Services Division, O=”thawte, Inc.”, C=US>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=ZZZZZZZZ, OU=ZZZZ, O=ZZZZZZ, L=ZZ, ST=ZZZZZ, C=ZZZZ; Issuer: CN=ZZZZZZZZ, OU=ZZZZZZZZ, OU=ZZZZZZZ, O=ZZZZ, C=ZZZZZ>
####<07/12/2011 12:12:09 PM EST> <Info> <WebLogicServer> <BEA-000307> <Exportable key maximum lifespan set to 500 uses.>
####<07/12/2011 12:12:09 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 64750357>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <64734525 SSL3/TLS MAC>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <64734525 received HANDSHAKE>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
####<07/12/2011 12:12:10 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
####<07/12/2011 12:12:17 PM EST> <Debug> <SecuritySSL> <BEA-000000> <64058782 SSL3/TLS MAC>
####<07/12/2011 12:12:17 PM EST> <Debug> <SecuritySSL> <BEA-000000> <64058782 received HANDSHAKE>
####<07/12/2011 12:12:17 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 100
java.lang.Exception: New alert stack
….
 The key is the alert type 100 which the wiki page on Transport Layer Security says is a No Renegotiation alert. Researchers recently discovered a security vulnerability in SSL Renegotiation ( google for details) which made many SSL implementations to disable this feature. The OSB domain had default SSL configuration i.e it used the default Certicom implementation for SSL.
  SSL renegotiation is not supported by Certicom by default. To enable it back set the flag -Dweblogic.security.SSL.enable.renegotiation=true in setDomainEnv . As per Oracle support this is documented only within Oracle internal documentation.
 What is SSL Renegotiation ?
 Check this infoq link to understand the anatomy of  a SSL handshake. In short, SSL  communication starts with a handshake where certificates and session keys are exchanged between client and server. Once handshake is complete, all further communications are for exchanging data. If a handshake is re-initiated in middle of data exchange, that is called SSL Re-Negotiation.  This can be initiated either by the client or the server. In this case, IIS server started the renegotiation to request the client certificate. This was in contrast to usual SSL server 2 way ssl  behaviour where  client certificates are requested by server in the initial handshake before any data exchange.
Advertisements

About atheek

I am a Weblogic consultant working in Middleware/Integration area.
This entry was posted in Security, Weblogic and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s