soalicious: March 2020

Wednesday, March 18, 2020

https service call - java.security.cert.CertPathValidatorException: Certificate chaining error

While we try to call a https external service from SOA composites, we face following kind of certificate error:
Error:
oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://external-service/soap/V2.ASMX" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error

Solution:
We need to import the certificate of this service to weblogic server lib location and then restart the impacted servers.

check steps here 12c-soa-weblogic-certificate-import.

12c - keytool - Delete certificate from Java Keystore using alias name

Solution
We need alias name to delete a specific certificate from java keystore.

Please use the following command:
Syntax:
keytool -delete
-alias keyAlias
-keystore keystore-name
-storepass password

Example:
/usr/java8_64/bin/keytool -delete -alias cavent -keystore SOAKeysTrust.jks -storepass CUSTOMPASS

here /usr/java8_64/bin/ is the java bin path added.

12c SOA -UMS Adapter send outbound email

To send an outbound email, we have to configure following 2 steps:

Email driver setup.
UMS adapter configurations.

Here I will show you the UMS adapter configuration and send outbound emails without attachment.

Implementation:
Create a SOA project.

Create a XSD:

<?xml version='1.0' encoding='windows-1252'?>

<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.email.soa" targetNamespace="http://www.email.soa" elementFormDefault="qualified">

<xsd:element name="EmailInput" type="EmailType"/>

<xsd:complexType name="EmailType">

<xsd:sequence>

<xsd:element name="Email">

<xsd:complexType>

<xsd:sequence>

<xsd:element name="EmailContent" type="xsd:string"/>

<xsd:element name="EmailSubject" type="xsd:string"/>

<xsd:element name="From" type="xsd:string"/>

<xsd:element name="To" type="xsd:string"/>

<xsd:element name="EmailAttachmentString" type="xsd:string"/>

</xsd:sequence>

</xsd:complexType>

</xsd:element>

</xsd:sequence>

</xsd:complexType>

</xsd:schema>

UMS Adapter Configuration:

Create a BPEL Process

Take a invoke and call the UMS partnerlink

Assign the email content.

In the invoke properties, we will assign the jca to from etc. properties.

Deploy and test

Tuesday, March 17, 2020

12c SOA - JMS Message rollback

Introduction:
When a JMS adapter consumes a message from a Weblogic JMS queue/topic, the message is removed from it. Imagine a situation where a SOA process consumes a messages from a JMS through JMS adapter but the process fails before its execution is complete. This will lead to message loss as the message was already removed from the JMS and cannot be recovered even if the SOA transcation is rolled back. JMS adapter in Oracle SOA behaves as an asynchronous service (one-way service). This will cause the BPEL engine to split the execution into two parts.

First, and always inside the caller transaction, the insert into the dlv_message table, and
secondly the transaction & new thread that executes the workitems, and creates a new instance.

Hence the JMS adapter and the SOA components (BPEL and Mediators) work in different transactions. The message consumed by JMS adapter from JMS is stored in dlv_message table and the transaction is committed. The BPEL worker threads then picks up the message from the dlv_message and executes in a different transaction.In case of any error in the BPEL process the message from the JMS is lost and cannot be retried.

Following way we can rollback the JMS messages without losing them in case of any error in the BPEL process.

Solution: Using Synchronous process
we modify the wsdl of the JMS adapter.
The wsdl of the JMS adapter that is generated is asynchronous(one-way) we change it to synchronous.

Add an empty element in the schema of the wsdl.
<element name="empty"/>
Create a new message type.
<wsdl:message name="Ignore_Message_msg">
<wsdl:part name="ignore" element="empty"/>
</wsdl:message>
Add an output to the operation in the wsdl with the newly created message.
<wsdl:output message="tns:Ignore_Message_msg"/>
This will make the wsdl as synchronous.

In the BPEL, add a reply activity and connect it to the JMS adapter, when asked for variable just mention the message type you have just created in the wsdl.