Romowski Romowski - 28 days ago 6
Java Question

SSL authentication not works in Mule ESB project (illegal_parameter)

I wrote some code which authenticates in HTTPS server over SSL. It working fine.

Now I have to move this part to my Mule ESB project.

Here is my working method:

public boolean authenticate() {
try {
System.setProperty("jsse.enableSNIExtension", "false");
System.setProperty("com.sun.net.ssl.enableECC", "false");

CookieManager manager = new CookieManager();
manager.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
CookieHandler.setDefault(manager);

URL url = new URL("https://...");
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();

con.setRequestMethod("GET");
con.setUseCaches(false);
con.setInstanceFollowRedirects(true);
con.setConnectTimeout(5000);
con.setReadTimeout(5000);

// KeyStore
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream("PATH/TO/.P12/file"), "P12password".toCharArray());
keyManagerFactory.init(keyStore, "P12password".toCharArray());
// ---

// TrustStore
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream("PATH/TO/.JKS/file"), "JKSpassword".toCharArray());
trustManagerFactory.init(trustStore);
// ---

SSLContext context = SSLContext.getInstance("SSLv3");
context.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());

con.setSSLSocketFactory(context.getSocketFactory());

con.getContent();
CookieStore cookieJar = manager.getCookieStore();
List<HttpCookie> cookies = cookieJar.getCookies();
for (HttpCookie cookie: cookies) {
if (COOKIE_NAME.equals(cookie.getName())) {
COOKIE_VALUE = cookie.getValue();
return true;
}
}
return false;
} catch (Exception e) {
e.printStackTrace();
return false;
}
}


In Mule ESB project I call authenticate in processor:

@Override
public MuleEvent process(MuleEvent event) throws MuleException {
MuleMessage message = event.getMessage();

try {
String payloadString = new String(message.getPayloadAsBytes());
LOGGER.info("\nMessage payload:\n" + payloadString + "\n\n");

String xml = extractXMLFromSOAPMessage(payloadString);
LOGGER.info("\nXML: " + xml + "\n\n");

if (authenticate()) {
//send request to server
}
} catch (Exception e) {
LOGGER.error("EXCEPTION: " + e.getMessage());
e.printStackTrace();
}

return event;
}


On this line
con.getContent();
exception is raised: SSLException: Received fatal alert: illegal_parameter

This error also appeared in my JAVA project. But adding these parameters helped:

System.setProperty("jsse.enableSNIExtension", "false");
System.setProperty("com.sun.net.ssl.enableECC", "false");


Both JAVA and Mule are on the same machine.

Thanks in advance!

P.S. Sorry for my english (:




Solution is turned out to be very simple.

System.setProperty
not working in Mule project.

So all JVM parameters can be configured in MULE_HOME/conf/wrapper.conf.

Here is my solution:

wrapper.java.additional.16=-Djsse.enableSNIExtension=FALSE
wrapper.java.additional.17=-Dcom.sun.net.ssl.enableECC=FALSE


Thank to Vijay Pande.

Answer

Have you tried setting JVM parameters as described in mule documentation.