Dealing with SSL issues is no fun, especially when you have no debug logs and all you see is an ugly ‘Page Cannot be displayed’ in your browser.
Thankfully you can easily enable SSL debug on your Application to start seeing verbose logs that will clearly show the SSL handshake process. Here is how to do it:
Add the following JVM command line parameter and restart the Application Server:
-Djavax.net.debug=all
Note that since it is a Java System Property ( used by JSSE – Java Secure Sockets Extension), it will work on any JEE ApplicationServer such as WebSphere, WebLogic, Jboss, Tomcat etc.
How to do this in WebSphere ?
Depending on your WAS version, adding the above parameter is typically done by navigating to WAS Admin Console > Servers > Application Servers > YourServer > Process Management > Java Virtual Machine > Generic JVM arguments
The verbose logs will usually go to SystemOut.log
Note: If you are unable to update System Property via the java command line above for whatever reason, try OS level network packet monitoring tool first. Now what exactly are they? If you are running on Unix/Linux, try ‘snoop/tcpdump’. On windows, you are in luck – use Microsoft Network Monitor, a very powerful tool. You can also try wireshark (etheral) on Windows.