Monday, May 19, 2014

WebLogic SSL : Cipher not initialized

you can fix it by adding "-Dweblogic.security.SSL.nojce=true" to the JAVA_OPTIONS in the DOMAIN_HOME/bin/setDomainEnv.sh (and restart all).

This flag is well explained in the Oracle Doc "What does "-Dweblogic.security.SSL.nojce=true" do? Does it make WLS less secure? (Doc ID 1299207.1)" .

My understanding is that some SSL implementation requires you to be able to handle a cipher which is FIPS 140 compliant. Unless you have installed JCE , your second best bet is to use the WebLogic internal implementation - which by default is disabled. That's why you MUST explicitly enable it with this -Dweblogic.security.SSL.nojce=true.



2 comments:

el_schalo said...

We have been completely on the wrong track until one of us foud your posting.
JavaMonAmour.org helped us with our OSB11.1.1.3/11.1.1.7 - now the third time already :)

So THANKS A LOT - and keep on posting! :)

Melissa Tan said...

We recently ran into this issue after applying an F5 load balancer hot fix 11.5.1 which included SSL fixes.

So we did enable the WebLogic internal implementation with -Dweblogic.security.SSL.nojce=true as well as installed JCE in the JDK/JRE on the server where java agents were running that connected to Weblogic JMS.