SSL minimum negotiable version configuration in SOA

Lots of web application are now using encryption. HTTP SSL encryption are very common however they are becoming old and new TLS(newer version to SSL) are getting implemented with more secure encryption and key exchange mechanism. You have decided to move your system to support latest SSL version however lots of your clients are still does not support it. A solution would be to keep your system upgraded to run on latest TLS with support to old SSL encryption.

SO, How to configure specific SSL version in SOA ? How to specify old SSL version negotiation in SOA? You can get some idea from below page.

Page Link : Minimum negotiable SSL version in SOA

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.

SOA/OSB managed servers start to ADMIN State

Do you ever face situation where you found during server start, managed servers are failed to start properly and goes to ADMIN state. This happen when server failed to initiate required resources. Below page will give you some idea on this and solution to avoid such situation.

Page Link : SOA OSB managed server start to ADMIN State

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.

Setup CORS Profile in Oracle API Gateway (OAG) v11.1.2.3 for REST Services

Cross origin request blocking is a security feature implemented by web browsers to prevent browser scripts making requests from a different domain. This some time causes issue when client service runs on a different domain and need to call a web service exposed on other domain.

To enable client scripts invoke REST services, different API providers have option called CORS profile which enable/allows HTTP call from cross domain from browser script.

Below page shows how to enable CORS profile in Oracle API Gateway, enabling REST call from a client(AJAX) fro a different domain.

Page Link : CORS Profile in Oracle API Gateway (OAG)

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.

oracle.security.jps.JpsException: JPS-01055: Could not create credential store instance

After changing security provider from OPSS to LDAP, Admin and managed servers failed to start.

Two files jps-config.xml and jps-config-jse.xml are modified and ldap configs are defaulted for which during server startup its not able to fetch security details from OPSS schema.

Please find fix in details at below link.

Page Link : Could not create credential store instance[JPS-01055]

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.

403 Forbidden Error in OSB 12.2

HTTP requests to OSB Services are resulting in 403 Forbidden error.

When the services are invoked from the OSB test console, they are working fine but external requests(e.g Invoking from soapUI) to the same services are failing with 403 Forbidden error message.

Solution:

In weblogic console, Un-target the “API Manager Starter Application” on the OSB server & restart osb server.

SSLProtocolException: handshake alert:unrecognized_name

Recently I have encountered with one issue while invoking a web service on HTTPS. It gives me error like “handshake alert:unrecognized_name” and after reading on this I found out this is because of SNI feature of TLS protocol. In this post I have included the problem statement, error message, reason and solution for the handshake error with some screen shots of steps to resolve the issue. Please find the post at below link.

Page Link: javax.net.ssl.SSLProtocolException: handshake alert:unrecognized_name

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.

Generate Java Keystore from PFX file

Know how to generate keystore file from a .pfx file. The keystore file is required for SSL configuration in weblogic.  To generate keystore file here we have used OpenSSL and ImportKey.java file.

Page Link: Generate Java Keystore from PFX file using OpenSSL

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.

Base64EncoderDecoder-Java Embedding-SOA-BPEL2.0

Sometime we faces situtations where we need to deal with Base 64 binary data. Check the below link to know how to use java embedding activity in BPEL 2.0 specification for Base64 Encoding and Decoding with screenshots. The post also describes some business scenarios and error descriptions related to Base64 data encoding and decoding.

Page Link: Base64EncoderDecoder-Java Embedding-SOA-BPEL2.0

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.

PKIX path building failed: SunCertPathBuilderException: unable to find valid certification path to requested target

A solution page on well known issue “PKIX path building failed: SunCertPathBuilderException: unable to find valid certification path to requested target”. Supported with Problem statement, Error message and Reason.

Page Link:   PKIX path building failed: SunCertPathBuilderException: unable to find valid certification path to requested target

Like it if you have learned something. Comment your views, queries. Any suggestion and corrections are always appreciated. Keep learning.