Java Agents 5.x and AM 6.x fail to install on IBM WebSphere when SSL is enabled
The purpose of this article is to provide assistance if Java Agents and AM fail with "java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory", when installing on IBM® WebSphere® with SSL is enabled. Additionally, this issue only occurs when using an IBM JVM.
1 reader recommends this article
Symptoms
The following error is shown in the Agent or AM install log after the failed install attempt:
09/23/2016 19:10:05:930 EDT] ValidateURL.isServerUrlValid threw exception : java.net.SocketException: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory at javax.net.ssl.DefaultSSLSocketFactory.a(SSLSocketFactory.java:7) at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:1) at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:62) at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:19) at com.ibm.net.ssl.www2.protocol.https.b.connect(b.java:57) at com.sun.identity.install.tools.configurator.ValidateURL.isServerURLValidInternal(ValidateURL.java:103) at com.sun.identity.install.tools.configurator.ValidateURL.access$000(ValidateURL.java:44) at com.sun.identity.install.tools.configurator.ValidateURL$URLValidatorProxy.run(ValidateURL.java:350) at java.lang.Thread.run(Thread.java:736) Caused by: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactoryRecent Changes
N/A
Causes
The IBM JVM does not contain any SSL implementation classes, which means com.ibm.websphere.ssl.protocol.SSLSocketFactory
is not found during the install process.
This is a known issue with WebSphere when SSL is enabled: Cannot find the specified class com.ibm.websphere.ssl.protocol.SSLSocketFactory
Solution
This issue can be resolved by either using the OpenJDK or Oracle® JVM instead of the IBM JVM or by making changes to the java.security file (located in the /path/to/websphere/java*/jre/lib/security directory).
To change the java.security file, you need to uncomment the two default JSSE socket factories and comment out the two WebSphere specific ones, so that it looks like this:
# Default JSSE socket factories ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl # WebSphere socket factories (in cryptosf.jar) #ssl.SocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLSocketFactory #ssl.ServerSocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLServerSocketFactorySee Also
Related Training
N/A
Related Issue Tracker IDs
N/A