IIB JSSE trace SoapRequest node

Hi Team,
Inorder to enable the JSSE SSL trace on IIB/WMB. , following the below documentation. https://www-01.ibm.com/support/docview.wss?uid=swg21300238. This says it works for HTTPRequest node. attempted the same setup for a SOAPRequest flow with EG specific trustores. The setting of the environment variable is not giving an logs in windows 10 IIB. Could you please advise if any additional adjustments needs to be done to the Env variable to make it work on SOAPRequest windows 10, IIB10. Thanks


  • No Related Posts

42873 SSL Medium Strength Cipher Suites Supported — 94437 SSL 64-bit Block Size Cipher Suites Supported (SWEET32) — 65821 SSL RC4 Cipher Suites Supported

Hi All ,

these questions pls , for the above mentioned Nessus issue :

in Unix Aix 6.1 Server with ssh and openssl 1.0.2k , java sdk 6 (64bit)
and java 131 and 141 (but only 32 bit, not 64 mh..) ,

i have checked java security files .. there are no the FIPS :
-r–r–r– 1 bin bin 132 May 16 10:51 javaws.policy
-r–r–r– 1 bin bin 10051 May 16 10:51 java.security
-r–r–r– 1 bin bin 2854 May 16 10:51 java.policy

List of providers and their preference orders (see above):


openssl ciphers -V , gives me all the 64bit SSLV3 Ciphers/MACs , for the SSL usage

no restrictions ,

only few TLS v.1.2 Ciphers/MACS that will be perfect for me .with AES 128 Bit

So … ,

gentily somebody could tell me how i can configure for having in the major part of the connnections , if not all the connnections, SSL usage with TLS v 1.2 Ciphers/MACs type, and ,limiting strongly SSLv3 usage ?

Thanx a lot for what you could suggest.

All the best.



Illegal Argument Exception for UUID using newly upgraded UCD 6.2.4 when trying to upload artifacts


First a little background:
we came from UCD 6.1.1 and recently updated to 6.2.4 successfully. We have some components with artifacts and some without. Our RTC build pushes new versions into the UCD repository and the new versions show up correctly. However the problem starts when RTC tries to add artifacts to the components. We get this error:

2017-04-05 17:22:30,019 ERROR https-jsse-nio- com.urbancode.commons.web.filter.ExceptionHandlingFilter – java.lang.IllegalArgumentException: Invalid UUID string: stored-procedures.6.1.0
java.lang.IllegalArgumentException: Invalid UUID string: stored-procedures.1.1.2
at java.util.UUID.fromString(UUID.java:194)
at com.urbancode.commons.webext.util.JSONUtilities.getUUIDFromJsonObject(JSONUtilities.java:59)
at com.urbancode.ds.web.cli.internal.rest.VersionCLIInternalResource.stageVersionFile(VersionCLIInternalResource.java:222)

I cut the error message here since the “helpful” info is already there (I could also post the whole message if necessary) The UUID.fromString method does not accept our string “stored-procedure.1.1.2” and detects it as an invalid argument. This worked fine in UCD 6.1.1 (also with openJDK 1.7 java while we have 1.8 now with the new server) So does anyone have any clue why the name was accepted before and is not accepted anymore?


z/OS Connect EE V2.0.7 ssl handshake failing – javax.net.ssl.SSLHandshakeException: null cert chain

We are not able to get our SSL connection to our z/OS Connect EE server to complete. The browser keeps getting ssl handshake failures.

We are expecting a popup in our browser to enter the userid and password over ssl. Our server.xml has the following for security setup…


We turned on the following tracing to see if we could determine why the handshake fails.

Also in the zCEE server startup JCL in the //STDENV DD we added the JSSE tracing option and then restarted the server.


The trace shows the following fatal ssl handshake exception…

[3/2/17 23:37:32:219 EST] 000000c4 SystemOut
O *** ServerHelloDone
[3/2/17 23:37:32:219 EST] 000000c4 SystemOut
O Default Executor-thread-143, WRITE: TLSv1.2
Handshake, length = 5111
[3/2/17 23:37:32:226 EST] 0000009c SystemOut
O Default Executor-thread-103, READ: TLSv1.2
Handshake, length = 7
[3/2/17 23:37:32:226 EST] 0000009c SystemOut
O *** Certificate chain
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O ***
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O Default Executor-thread-103, fatal error: 40:
null cert chain
javax.net.ssl.SSLHandshakeException: null cert chain
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O %% Invalidated: [Session-4,
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O Default Executor-thread-103
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O fatal,
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O description = handshake_failure
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O Default Executor-thread-103, WRITE: TLSv1.2
Alert, length = 2
[3/2/17 23:37:32:227 EST] 0000009c SystemOut
O Default Executor-thread-103, fatal: engine
already closed. Rethrowing javax.net.ssl.SSLHandshakeException: null
cert chain

We still cannot understand why the ssl handshake is failing…any suggestions?


SSL client authentication: It’s a matter of trust

This article introduces client authentication with SSL (Secure Sockets Layer, a security protocol), discusses its benefits and explains how to set up SSL client authentication on a Domino 4.6 or 4.6.1 server.