CipherException

I am getting "weblogic.security.CipherException: Incorrect encrypted block" error
for SSLServerCertificateChainFile. I tried to follow the instruction in
http://www.bea.com/support/askbea/wls/S-07188.shtml
but I had a problem in the very last step.
1. go to http://www.verisign.com/repository/root.html
You'll find Class I to Class III root certificates and a Server CA.
Take the plain text Server CA and save this to a file.
2. Use a conversion utility, which can be found within OpenSSL, to convert the
plain text to a .der format.
How do I convert the text file to .der format using openssl? I am sorry that
I have never used openssl before... Any help will be appreciated. Thanks.
Sumire
============== complete exception message ================
weblogic.security.CipherException: Incorrect encrypted block
at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:208)
at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
at weblogic.security.X509.verifySignature(X509.java:243)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<Aug 28, 2001 4:03:40 PM PDT> <Alert> <WebLogicServer> <Inconsistent security
configuration, weblogic.security.AuthenticationException: Incorrect encrypted
block possibly incorrect SSLServerCertificateChainFileName set for this server
certificate>
weblogic.security.AuthenticationException: Incorrect encrypted block possibly
incorrect SSLServerCertificateChainFileName set for this server certificate
at weblogic.security.X509.verifySignature(X509.java:251)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)

Hi,
I have the following suggestions:
(a). If your private key for the WLS is password encrypted please check the Key
Encrypted enabled (under SSL) and use thejava command-line option to start
WebLogic Server.
-Dweblogic.management.pkpassword=password
where password is the password for the private key.
(Please see the doc.:
http://e-docs.bea.com/wls/docs61///adminguide/cnfgsec.html#1054513).
(b). Please make sure you have the RootCA file specified correctly in the
ServerCertificateChainFileName attribute of SSL. The RootCA file can be obtained
from the vendor who provided the SSL certificates. Please make sure this is
correct.
Please inform whether the above suggestions have resolved the problem.
Thank you.
Thomas Ziebermayr wrote:
Hello,
I try to install a SSL Certificate, but during server startup the following
exception occurs:
java.io.IOE
xception: weblogic.security.CipherException: Unknown PKCS5 algorithm>
java.io.IOException: weblogic.security.CipherException: Unknown PKCS5
algorithm
at
weblogic.security.RSAPrivateKeyPKCS8.input(RSAPrivateKeyPKCS8.java:14
5)
at
weblogic.security.RSAPrivateKeyPKCS8.<init>(RSAPrivateKeyPKCS8.java:1
25)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:391)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1064)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:492)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
Does anybody knows what's wrong? I followed the instructions in the bea docs
for
installing ssl certificates.
Thanks for all replies
Thomas--
Developer Relations Engineer
BEA Support

Similar Messages

  • Weblogic.security.CipherException: Invalid padding length

    I am having some difficulties configuring SSL for WebLogic 6.0.2J (Japanese).
    Here is the history of my problem:
    1. A CSR was generated, but on a completely different platform (Windows) and
    for a slightly older version of WebLogic (6.0.1J)
    2. I was then brought in to install and configure WebLogic 6.0.2J on UNIX.
    3. I was then given the encrypted private key (security_net-chef_net-key.der),
    the CSR files, and the server cert from VeriSign Japan (cert.pem). I went to VeriSign
    Japan to get an intermediate CA cert (Server Chain Cert), which I saved as ca.pem.
    4. In the Admin Console, I configured the server in my target domain with: Server
    Certificate File Name = cert.pem, Trusted CA File Name = ca.pem, and Trusted CA
    File Name = security_net-chef_net-key.der.
    5. When I attempt to start my target server, I am seeing the following alert:
    ===========================================================
    <2001/08/07 13:22:25:JST> <Alert> <WebLogicServer> <&#35469;&#35388;&#12501;&#12449;&#12452;&#12523;
    config/net-chef
    /security_net-chef_net-key.der &#12395;&#12475;&#12461;&#12517;&#12522;&#12486;&#12451;
    &#12467;&#12531;&#12501;&#12451;&#12464;&#12524;&#12540;&#12471;&#12519;&#12531;&#19978;&#12398;&#21839;&#38988;&#12364;&#12354;&#12426;
    &#12414;&#12377;&#12290;java.io.IOException: weblogic.security.CipherException:
    Invalid padding le
    ngth 72>
    java.io.IOException: weblogic.security.CipherException: Invalid padding length
    7
    2
    at weblogic.security.RSAPrivateKeyPKCS8.input(RSAPrivateKeyPKCS8.java:15
    7)
    at weblogic.security.RSAPrivateKeyPKCS8.<init>(RSAPrivateKeyPKCS8.java:1
    25)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:387)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    ===========================================================
    Please note that as I am doing this on a Japanese OS, some of the above messages
    may be rendered illegible.
    If anyone out there has a clue to why I am seeing the above error, I would greatly
    appreciate your help.
    Thanks and aloha in advance,
    Brooke

    See Posting 5457.

  • Weblogic.security.CipherException: Incorrect block length 256 (modulus

    Hi,
    I have a stand alone java client which runs in the weblogic 8.1 server and when I tried to connect to the external site using the weblogic's HttpsURLConnection ,its throws the below exception.
    weblogic.security.CipherException: Incorrect block length 256 (modulus length 128)
    <Info> <Security> <BEA-090511> <The following exception has occurred:
    weblogic.security.CipherException: Incorrect encrypted block
         at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:205)
         at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
         at weblogic.security.X509.verifySignature(X509.java:246)
         at weblogic.security.X509.verify(X509.java:176)
         at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:133)
         at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
         at weblogic.security.SSL.Handshake.input(Handshake.java:121)
         at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
         at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
         at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
         at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
         at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
         at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
         at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
         at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
         at weblogic.net.http.HttpClient.New(HttpClient.java:228)
         at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
         at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:217)
         at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:319)
         at HttpsConnect.main(HttpsConnect.java:13)
    <Info> <SSL> <000000> <weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate>
    java.io.IOException: weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate
    at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:172)
    at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
    at weblogic.security.SSL.Handshake.input(Handshake.java:121)
    at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
    at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
    at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
    at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
    at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
    at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
    at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
    at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
    at weblogic.net.http.HttpClient.New(HttpClient.java:228)
    at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
    at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:359)
    at HttpsConnect.main(HttpsConnect.java:13)
    I verified the certifiate chain by using the weblogic's ValidateCertChain utility, and the output seems to be confusing for the intermediate site and the entity site.
    java utils.ValidateCertChain -pem inter.cerCert[0]: CN=VeriSign Class 3 International Server CA - G3,OU=Terms of use at https://www.verisign.com/r
    pa (c)10,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US
    Certificate chain is incomplete, can't confirm the entire chain is valid
    Certificate chain appears valid
    Any pointers will be appreciated.

    This might be because Verisign has included anadditional intermediate certificate in its chain
    You can find it here
    https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657&actp=search&viewlocale=en_US
    Contact Verisign Support, u can chat with them even...
    Let me know if you have any doubt.
    Cheers!
    Faisal
    http://www.weblogic-wonders.com

  • Configuring ssl giving  CipherException

    after getting certificate from verisign i opened myserver and
    on SSL tab gave the 1)Server Key File Name 2)Server Certificate File Name and
    rest all with their default value.
    but when i am restarting the weblogic it gives the following exception.
    is it compulsory to specify
    3) Server Certificate Chain File Name:....?
    exception :---------
    weblogic.security.CipherException: Incorrect encrypted block
    at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:216)
    at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
    at weblogic.security.X509.verifySignature(X509.java:243)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:443)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)
    <Dec 23, 2001 4:34:47 PM GST> <Alert> <WebLogicServer> <Inconsistent security
    co
    nfiguration, weblogic.security.AuthenticationException: Incorrect encrypted bloc
    k possibly incorrect SSLServerCertificateChainFileName set for this server certi
    ficate>
    weblogic.security.AuthenticationException: Incorrect encrypted block possibly
    in
    correct SSLServerCertificateChainFileName set for this server certificate
    at weblogic.security.X509.verifySignature(X509.java:251)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:443)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)

    Nivas,
    ServerCeritificateChain file that is in place appears to be the wrong one.
    That is CA's root certificate, which you can download from CA site (e.g.,
    verisign)
    "nivas" <[email protected]> wrote in message
    news:3c25d005$[email protected]..
    >
    after getting certificate from verisign i opened myserver and
    on SSL tab gave the 1)Server Key File Name 2)Server Certificate File Nameand
    rest all with their default value.
    but when i am restarting the weblogic it gives the following exception.
    is it compulsory to specify
    3) Server Certificate Chain File Name:....?
    exception :---------
    weblogic.security.CipherException: Incorrect encrypted block
    at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:216)
    at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
    at weblogic.security.X509.verifySignature(X509.java:243)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:443)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)
    <Dec 23, 2001 4:34:47 PM GST> <Alert> <WebLogicServer> <Inconsistentsecurity
    co
    nfiguration, weblogic.security.AuthenticationException: Incorrectencrypted bloc
    k possibly incorrect SSLServerCertificateChainFileName set for this servercerti
    ficate>
    weblogic.security.AuthenticationException: Incorrect encrypted blockpossibly
    in
    correct SSLServerCertificateChainFileName set for this server certificate
    at weblogic.security.X509.verifySignature(X509.java:251)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:443)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
    atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
    at weblogic.Server.main(Server.java:35)

  • CipherException: Invalid padding length

    Hello there,
    I'm having problem to get our certifikates to work properly. I've been searching
    BEA's newsgroups and found some things we've tried without any succes.
    We have two certificates for our domain because we are using an load balancer(Local
    Directory)infront of our two webservers. Our webservers have version 6.1 of WLS
    and are managed from an ServerManager(also WLS 6.1).
    We us the same ./config/mydomain directory on the ServerManager for both of our
    webserver. The filenames for each server in ./config/mydomain are different ex:
    my_domain_server1-key.der and my_domain_server2-key.der. We have also checked
    that they are correct defind for both servers under each server SSL tag.
    We have an newly fetched a CA-cert from Thawte and recived our certificates for
    this domain during this week.
    Could there be any problem with that we using the
    same ./config/mydomain directory on the ServerManager for both of our webserver?
    Or does anybody have any other suggestion of what more to check before we fetches
    new certificates?
    Regards
    Lennart

    If you are using password encryption, then please make sure KeyEncrypted field is
    enabled and please make sure the password which you set for:
    -Dweblogic.management.pkpassword is the same as value of the Private Key Password field
    of the Certificate Request Generator servlet (please go through the documentation:
    http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1053930
    for details).
    Please inform whether the problem has been resolved with the above suggestions. Thank
    you.
    Lennart wrote:
    Hello there,
    I'm having problem to get our certifikates to work properly. I've been searching
    BEA's newsgroups and found some things we've tried without any succes.
    We have two certificates for our domain because we are using an load balancer(Local
    Directory)infront of our two webservers. Our webservers have version 6.1 of WLS
    and are managed from an ServerManager(also WLS 6.1).
    We us the same ./config/mydomain directory on the ServerManager for both of our
    webserver. The filenames for each server in ./config/mydomain are different ex:
    my_domain_server1-key.der and my_domain_server2-key.der. We have also checked
    that they are correct defind for both servers under each server SSL tag.
    We have an newly fetched a CA-cert from Thawte and recived our certificates for
    this domain during this week.
    Could there be any problem with that we using the
    same ./config/mydomain directory on the ServerManager for both of our webserver?
    Or does anybody have any other suggestion of what more to check before we fetches
    new certificates?
    Regards
    Lennart--
    Developer Relations Engineer
    BEA Support

  • SSL Configuration on 4.5.1 not working with 6.0SP1

    In WL 4.5.1, this was all that was needed to enable SSL
    weblogic.security.key.server=wcid-srp-mvc.der
    weblogic.security.key.certificate=certificate.pem
    In 6.0 SP1, I used this
    <SSL Enabled="true" ListenPort="443" Name="SrpTest"
    ServerCertificateChainFileName=""
    ServerCertificateFileName="certificate.pem"
    ServerKeyFileName="wcid-srp-mvc.der" TrustedCAFileName=""/>
    and I get this error
    <Jul 30, 2001 8:18:45 AM EDT> <Info> <WebLogicServer> <License allows
    low streng
    th (export) SSL.>
    <Jul 30, 2001 8:18:45 AM EDT> <Alert> <WebLogicServer> <Security
    configuration p
    roblem with certificate file wcid-srp-mvc.der, java.lang.Exception:
    Required fil
    e wcid-srp-mvc.der which is specified by ServerKeyFileName, was not
    found>
    java.lang.Exception: Required file wcid-srp-mvc.der which is specified
    by Server
    KeyFileName, was not found
    at
    weblogic.t3.srvr.SSLListenThread.resolvePropertyFromLocalFile(SSLList
    enThread.java:152)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:382)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <Jul 30, 2001 8:18:45 AM EDT> <Info> <Security> <Not listening for SSL,
    java.io.
    IOException: Security configuration problem with wcid-srp-mvc.der,
    java.lang.Exc
    eption: Required file wcid-srp-mvc.der which is specified by
    ServerKeyFileName,
    was not found.>
    Any clues to how to get this up and running would be much appreciated. I
    am in a major time crunch here.
    Is the fix different when I am using DST instead of Verisign? I need to
    get both the DST and Verisign issued certificates configures.
    Thanks a bunch
    Madhu

    Earlier, it was a problem with the directory settings in the SSL properties.
    Once I got that straightened, I get this error now.
    <Jul 30, 2001 9:55:45 AM EDT> <Info> <WebLogicServer> <License allows low
    streng
    th (export) SSL.>
    weblogic.security.CipherException: Incorrect block length 125 (modulus
    length 12
    8)
    at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:167)
    at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
    at weblogic.security.X509.verifySignature(X509.java:243)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <Jul 30, 2001 9:55:45 AM EDT> <Alert> <WebLogicServer> <Inconsistent
    security co
    nfiguration, weblogic.security.AuthenticationException: Incorrect block
    length 1
    25 (modulus length 128) possibly incorrect SSLServerCertificateChainFileName
    set
    for this server certificate>
    weblogic.security.AuthenticationException: Incorrect block length 125
    (modulus l
    ength 128) possibly incorrect SSLServerCertificateChainFileName set for this
    ser
    ver certificate
    at weblogic.security.X509.verifySignature(X509.java:251)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <Jul 30, 2001 9:55:45 AM EDT> <Info> <Security> <Not listening for SSL,
    java.io.
    IOException: Inconsistent security configuration,
    weblogic.security.Authenticati
    onException: Incorrect block length 125 (modulus length 128) possibly
    incorrect
    SSLServerCertificateChainFileName set for this server certificate.>

  • Integration of BI Publisher with presentation services

    Hello,
    I have installed and configured OBI Answers and Publisher in a Linux infrastructure and configured thro' Websphere/IHS. Answers/Dashboards is working fine. I am trying to integrate BI publisher with OBI answers/dashboards. This is working fine through OC4J but when I try to integrate through Websphere, I get a crypto error.
    I have to deployed a plug-in in web server and tried to integrate BI publisher with presentation services through "cryptotools" and configuring it through instance config. When I hit http://myserver:port/xmlpserver I get "Error 500: com.phaos.crypto.CipherException ". Similarly when I select more products/BI Publisher through OBI Dashboards/Answers, I get the following
    Reporting Login: java.lang.NoClassDefFoundError: com.phaos.crypto.CipherException; nested exception is: java.lang.NoClassDefFoundError: com.phaos.crypto.CipherException
    I feel this is a common issue across both the end points. Has anyone come across this type of issue or similar issue ?
    Help is greatly appreciated.
    thx
    Dinesh

    I'm installing 10.1.3.4 and YES, i have installed BIP war in Websphere.
    I think I may have resolved my original problem but faced with a different one now. I am able to logon to BI publisher standalone and integrated with OBI Answers (thro websphere). But when i click the dashboards link from BI Publisher, its going to the default OC4J installation and not my websphere. The similar re-direction works fine from OBI - Publisher but not from Publisher - OBI.
    I need to find out, how its finding the server name and port to redirect from BIP -> OBI. Can you guys help please ?
    thx
    dinesh Veera

  • HTTPS 2-way authentication doesn't work.

    I succeeded in setting up my server (WL 6.1) to use SSL and enforce client
    authentication.
    I created a client certificate with OpenSSL, and imported it into my
    browser.
    When I request the page https://localhost:7002/
    I get following message in the log:
    CertificateVerify.md5 error____________________________
    our computed md5 is
    0: 6bd8 4b9a 1bb2 7b46 f815 2bdd a8cf de65 k.K...{F..+....e
    the actual is
    0: 3fcd 6673 4d46 4d45 654c 6bc5 9f01 a2d6 ?.fsMFMEeLk.....
    When I turn on -Dssl.debug, then I get a stack trace:
    CertificateVerify.md5 error____________________________
    our computed md5 is
    0: 6bd8 4b9a 1bb2 7b46 f815 2bdd a8cf de65 k.K...{F..+....e
    the actual is
    0: 3fcd 6673 4d46 4d45 654c 6bc5 9f01 a2d6 ?.fsMFMEeLk.....
    weblogic.security.CipherException: Invalid signature
    at
    weblogic.security.SSL.CertificateVerify.input(CertificateVerify.java:
    127)
    at weblogic.security.SSL.Handshake.input(Handshake.java:115)
    at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1043)
    at weblogic.security.SSL.SSLSocket.serverInit2(SSLSocket.java:778)
    at weblogic.security.SSL.SSLSocket.serverInit(SSLSocket.java:622)
    at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:267)
    at
    weblogic.security.SSL.SSLSocket.performAcceptHandshake(SSLSocket.java
    :238)
    at
    weblogic.security.SSL.SSLSocket.getInputStream(SSLSocket.java:1116)
    at weblogic.socket.ResettableSocket.<init>(ResettableSocket.java:30)
    at weblogic.socket.JVMSocketManager.accept(JVMSocketManager.java:90)
    at
    weblogic.t3.srvr.ListenThread$RJVMListenRequest.execute(ListenThread.
    java:563)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    Any ideas?
    Thanks,
    Lsui

    I seem to be having similar problems, was there a solution found for this?
    To set up the debug information do I need to add anything more
    than -Dssl.debug (i.e. does it take an "=true" or something like that)?
    Thanks,
    Geoff.
    "Luis Muniz" <[email protected]> wrote in message
    news:[email protected]...
    I succeeded in setting up my server (WL 6.1) to use SSL and enforce client
    authentication.
    I created a client certificate with OpenSSL, and imported it into my
    browser.
    When I request the page https://localhost:7002/
    I get following message in the log:
    CertificateVerify.md5 error____________________________
    our computed md5 is
    0: 6bd8 4b9a 1bb2 7b46 f815 2bdd a8cf de65 k.K...{F..+....e
    the actual is
    0: 3fcd 6673 4d46 4d45 654c 6bc5 9f01 a2d6 ?.fsMFMEeLk.....
    When I turn on -Dssl.debug, then I get a stack trace:
    CertificateVerify.md5 error____________________________
    our computed md5 is
    0: 6bd8 4b9a 1bb2 7b46 f815 2bdd a8cf de65 k.K...{F..+....e
    the actual is
    0: 3fcd 6673 4d46 4d45 654c 6bc5 9f01 a2d6 ?.fsMFMEeLk.....
    weblogic.security.CipherException: Invalid signature
    at
    weblogic.security.SSL.CertificateVerify.input(CertificateVerify.java:
    127)
    at weblogic.security.SSL.Handshake.input(Handshake.java:115)
    atweblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1043)
    at weblogic.security.SSL.SSLSocket.serverInit2(SSLSocket.java:778)
    at weblogic.security.SSL.SSLSocket.serverInit(SSLSocket.java:622)
    at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:267)
    at
    weblogic.security.SSL.SSLSocket.performAcceptHandshake(SSLSocket.java
    :238)
    at
    weblogic.security.SSL.SSLSocket.getInputStream(SSLSocket.java:1116)
    atweblogic.socket.ResettableSocket.<init>(ResettableSocket.java:30)
    atweblogic.socket.JVMSocketManager.accept(JVMSocketManager.java:90)
    at
    weblogic.t3.srvr.ListenThread$RJVMListenRequest.execute(ListenThread.
    java:563)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    Any ideas?
    Thanks,
    Lsui

  • SSL Certificate Install Problem

    To all Sun App Server Gurus,
    I face a major challenge trying to install an SSL certificate on our Application Server.
    The Manage Database was successful.
    I filled out the certificate request form in the Security > Certificate Management > Request section and forwared the information / CSR to the CA.
    The certificate is issued and validated by our CA.
    I follow the steps according the documentation to import the certificate.
    I specify the following to import the certificate
    1) Certificate for : o This Server
    2) Cryptographic Module: internal
    3) Key Pair File Password: **************
    4) Message Text (with headers):
    -----BEGIN CERTIFICATE-----
    U0UgT05MWSAtIE5PIFdBUlJBTlRZIEFUVEFDSE.....
    -----END CERTIFICATE-----
    5) Click OK
    The next screen shows the certificate information which are correct as well.
    After pressing "Add Server Certificate" it take about 20 seconds until I receive a pop error message. It says: "Incorrect Useage: No Private Key. The server could not find the private key associated with this certificate."
    After I click OK the Admin GUI displays the following error in the browser: "Not Found
    The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it. "
    Security > General
    Log Level: finest
    Audit Logging Enabled: unchecked
    Default Realm: file
    Anonymous Roule: ANYONE
    In the admin server log I get the following entry:
    WARNING ( 1182): for host x.x.x.x trying to GET /instance-server1/admin/bin/(null), cgi_start_exec reports: HTTP4049: cannot find CGI program /opt/SUNWappserver7/lib/admincgi/(null) (File not found)
    I checked the directories and they all exist and the admincgi even has files included. I don't know which one should be missing.
    I also reinstalled the App Server twice so far and used the default options.
    If anyone could please help me with this that would be extremly helpful.
    Thank you.
    Regards,
    Martin

    try converting your key from der2pem using
    java utils.der2pem {keyfile  in der} {keyfile out in pem}
    thanks
    kiran
    "eraldo" <[email protected]> wrote in message
    news:[email protected]..
    hi,
    I tried to install SSL certicate on a Weblogic 6.1 SP3 (running on a
    Solaris 8). Following the post 5457 (found in your newsgroup) I made
    this steps:
    - I generated CSR using web application /certificate
    - I sent CSR to Entrust.com obtaining a certicate and a chain
    certificate
    - I configured the server under "Configuration - SSL" with following
    parameters:
    - Enabled = true
    - Listen port = 8002
    - Server Key File Name = <path to private key ".der" file>
    - Server Certificate File Name = <path to Entrust CRT ".pem" file>
    - Server Certificate Chain File Name = <path to Entrust CA ".pem"
    file>
    - Key Encrypted = true
    - I changed startWebLogic.sh:
    - added "-Dweblogic.management.pkpassword=<my_pwd>" to JAVA command
    line
    Launchin' the script I got the following exception:
    <Nov 22, 2002 2:34:44 PM GMT-01:00> <Alert> <WebLogicServer> <Security
    configuration problem with ce
    rtificate file config/sdfdomain/H3MIS097_H3G_IT-key.der,
    java.io.IOException: weblogic.security.Ciph
    erException: Invalid padding length 48>
    java.io.IOException: weblogic.security.CipherException: Invalid
    padding length 48
    atweblogic.security.RSAPrivateKeyPKCS8.input(RSAPrivateKeyPKCS8.java:157)
    atweblogic.security.RSAPrivateKeyPKCS8.<init>(RSAPrivateKeyPKCS8.java:125)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:391)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
    atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1097)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:490)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:206)
    at weblogic.Server.main(Server.java:35)
    Any idea?
    Thanks in advance,
    Eraldo

  • Error adding other root certs to Weblogic

    I am using the trial 30-day version. I wonder whether it has any restrictions which
    prevent from adding new root certificates to the ca.pem file. If this is not the
    case, I will expose my problem.
    I have added a new self-signed root certificate after the one that was contained
    in the ca.pem, so there are now two root certificates:
    ********************** begin of the ca.pem file
    -----BEGIN CERTIFICATE-----
    MIICQzCCAe2gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBqTELMAkGA1UEBhMCVVMx
    EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xFTAT
    BgNVBAoTDEJFQSBXZWJMb2dpYzERMA8GA1UECxMIU2VjdXJpdHkxIzAhBgNVBAMT
    GkRlbW8gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9zdXBw
    b3J0QGJlYS5jb20wHhcNMDAwNTMwMjEzNzQ0WhcNMDQwNTE0MjEzNzQ0WjCBqTEL
    MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
    cmFuY2lzY28xFTATBgNVBAoTDEJFQSBXZWJMb2dpYzERMA8GA1UECxMIU2VjdXJp
    dHkxIzAhBgNVBAMTGkRlbW8gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR4wHAYJKoZI
    hvcNAQkBFg9zdXBwb3J0QGJlYS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
    3VEoD2Q2ln4PyilUNUyPa9yQxS6YqJk7xwWlAHZ5AAhq7dkosZDCNZYYYTZihpOx
    GcgLwqY6gYZCN7pwlk+h/QIDAQABMA0GCSqGSIb3DQEBBAUAA0EAAFsKZZ9dc1na
    5lHpO8EL85EPDPRyCJ9lTRw3bPMEqItyBuEAXh8woRgGN5j9KinDoWsmFCBO5MFy
    qN5p4APL4w==
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    MIIB6zCCAZWgAwIBAgIBATANBgkqhkiG9w0BAQQFADB+MQswCQYDVQQGEwJlczES
    MBAGA1UEBxMJQmFyY2Vsb25hMRIwEAYDVQQKEwlTYWZlbGF5ZXIxEjAQBgNVBAsT
    CURldmVsb3BlcjENMAsGA1UEAxMEcm9vdDEkMCIGCSqGSIb3DQEJARYVc3VwcG9y
    dEBzYWZlbGF5ZXIuY29tMB4XDTk5MTIzMTIzMDAwMFoXDTE5MTIzMTIzMDAwMFow
    fjELMAkGA1UEBhMCZXMxEjAQBgNVBAcTCUJhcmNlbG9uYTESMBAGA1UEChMJU2Fm
    ZWxheWVyMRIwEAYDVQQLEwlEZXZlbG9wZXIxDTALBgNVBAMTBHJvb3QxJDAiBgkq
    hkiG9w0BCQEWFXN1cHBvcnRAc2FmZWxheWVyLmNvbTBcMA0GCSqGSIb3DQEBAQUA
    A0sAMEgCQQCg+E0qVGLgZWSjcae1FHMap/8SBlbhQc3GbaL3NxbBDZGeaKZqzlTv
    ZhGeWf3zEB17tbHE18hAxro6TA2i8MhVAgMBAAEwDQYJKoZIhvcNAQEEBQADQQAS
    E2U64E9eu0dgJYktTK37YcTpyspwSabyeaziAktu99cCOQbCTYXGojouRekbkKAv
    u8J28DSM62Me7W5zsPV2
    -----END CERTIFICATE-----
    ********************** end of the ca.pem file
    I did not modify the democert.pem or the demokey.pem files, as I want my weblogic
    server to continue using the same SSLserver certificate than it was using before.
    Then when I try to start the Weblogic server, I got the following error on the
    console:
    Starting WebLogic Server ....
    <24-abr-01 16:21:33 CEST> <Notice> <Management> <Loading configuration file .\co
    nfig\examples\config.xml ...>
    log file: C:\bea\wlserver6.0sp1\.\config\examples\logs\weblogic.log
    <24-abr-01 16:21:37 CEST> <Info> <Logging> <Only log messages of severity "Error
    " or worse will be displayed in this window. This can be changed at Admin Consol
    e> examples> Servers> examplesServer> Logging> General> Stdout severity threshol
    d>
    weblogic.security.CipherException: Incorrect encrypted block
    at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:208)
    at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
    at weblogic.security.X509.verifySignature(X509.java:243)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <24-abr-01 16:21:41 CEST> <Alert> <WebLogicServer> <Inconsistent security config
    uration, weblogic.security.AuthenticationException: Incorrect encrypted block
    po
    ssibly incorrect SSLServerCertificateChainFileName set for this server certifica
    te>
    weblogic.security.AuthenticationException: Incorrect encrypted block possibly
    in
    correct SSLServerCertificateChainFileName set for this server certificate
    at weblogic.security.X509.verifySignature(X509.java:251)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <24-abr-01 16:21:59 CEST> <Notice> <WebLogicServer> <WebLogic Server started>
    <24-abr-01 16:21:59 CEST> <Notice> <WebLogicServer> <ListenThread listening on
    p
    ort 7001>
    I would appreciate any help on this issue. I want to add the new root certificate
    because I own a SSLclient certificate in my browser which I want the Weblogic
    server to authenticate.
    Thank you very much, David.

    OK, I finally was able to understand what the error was. The new root certificate
    cannot be added to the ca.pem file. You'd better create a new file called ca2.pem
    with the new root certificate. Then you have go to SSL configuration section and
    edit the 'Trusted CAFile Name' field to point to the ca2.pem file.
    Easy but I had trouble to understand it from the documentation.
    "David Ruana" <[email protected]> wrote:
    >
    I am using the trial 30-day version. I wonder whether it has any restrictions
    which
    prevent from adding new root certificates to the ca.pem file. If this
    is not the
    case, I will expose my problem.
    I have added a new self-signed root certificate after the one that was
    contained
    in the ca.pem, so there are now two root certificates:
    ********************** begin of the ca.pem file
    -----BEGIN CERTIFICATE-----
    MIICQzCCAe2gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBqTELMAkGA1UEBhMCVVMx
    EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xFTAT
    BgNVBAoTDEJFQSBXZWJMb2dpYzERMA8GA1UECxMIU2VjdXJpdHkxIzAhBgNVBAMT
    GkRlbW8gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9zdXBw
    b3J0QGJlYS5jb20wHhcNMDAwNTMwMjEzNzQ0WhcNMDQwNTE0MjEzNzQ0WjCBqTEL
    MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
    cmFuY2lzY28xFTATBgNVBAoTDEJFQSBXZWJMb2dpYzERMA8GA1UECxMIU2VjdXJp
    dHkxIzAhBgNVBAMTGkRlbW8gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR4wHAYJKoZI
    hvcNAQkBFg9zdXBwb3J0QGJlYS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
    3VEoD2Q2ln4PyilUNUyPa9yQxS6YqJk7xwWlAHZ5AAhq7dkosZDCNZYYYTZihpOx
    GcgLwqY6gYZCN7pwlk+h/QIDAQABMA0GCSqGSIb3DQEBBAUAA0EAAFsKZZ9dc1na
    5lHpO8EL85EPDPRyCJ9lTRw3bPMEqItyBuEAXh8woRgGN5j9KinDoWsmFCBO5MFy
    qN5p4APL4w==
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    MIIB6zCCAZWgAwIBAgIBATANBgkqhkiG9w0BAQQFADB+MQswCQYDVQQGEwJlczES
    MBAGA1UEBxMJQmFyY2Vsb25hMRIwEAYDVQQKEwlTYWZlbGF5ZXIxEjAQBgNVBAsT
    CURldmVsb3BlcjENMAsGA1UEAxMEcm9vdDEkMCIGCSqGSIb3DQEJARYVc3VwcG9y
    dEBzYWZlbGF5ZXIuY29tMB4XDTk5MTIzMTIzMDAwMFoXDTE5MTIzMTIzMDAwMFow
    fjELMAkGA1UEBhMCZXMxEjAQBgNVBAcTCUJhcmNlbG9uYTESMBAGA1UEChMJU2Fm
    ZWxheWVyMRIwEAYDVQQLEwlEZXZlbG9wZXIxDTALBgNVBAMTBHJvb3QxJDAiBgkq
    hkiG9w0BCQEWFXN1cHBvcnRAc2FmZWxheWVyLmNvbTBcMA0GCSqGSIb3DQEBAQUA
    A0sAMEgCQQCg+E0qVGLgZWSjcae1FHMap/8SBlbhQc3GbaL3NxbBDZGeaKZqzlTv
    ZhGeWf3zEB17tbHE18hAxro6TA2i8MhVAgMBAAEwDQYJKoZIhvcNAQEEBQADQQAS
    E2U64E9eu0dgJYktTK37YcTpyspwSabyeaziAktu99cCOQbCTYXGojouRekbkKAv
    u8J28DSM62Me7W5zsPV2
    -----END CERTIFICATE-----
    ********************** end of the ca.pem file
    I did not modify the democert.pem or the demokey.pem files, as I want
    my weblogic
    server to continue using the same SSLserver certificate than it was using
    before.
    Then when I try to start the Weblogic server, I got the following error
    on the
    console:
    Starting WebLogic Server ....
    <24-abr-01 16:21:33 CEST> <Notice> <Management> <Loading configuration
    file .\co
    nfig\examples\config.xml ...>
    log file: C:\bea\wlserver6.0sp1\.\config\examples\logs\weblogic.log
    <24-abr-01 16:21:37 CEST> <Info> <Logging> <Only log messages of severity
    "Error
    " or worse will be displayed in this window. This can be changed at Admin
    Consol
    e> examples> Servers> examplesServer> Logging> General> Stdout severity
    threshol
    d>
    weblogic.security.CipherException: Incorrect encrypted block
    at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:208)
    at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
    at weblogic.security.X509.verifySignature(X509.java:243)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <24-abr-01 16:21:41 CEST> <Alert> <WebLogicServer> <Inconsistent security
    config
    uration, weblogic.security.AuthenticationException: Incorrect encrypted
    block
    po
    ssibly incorrect SSLServerCertificateChainFileName set for this server
    certifica
    te>
    weblogic.security.AuthenticationException: Incorrect encrypted block
    possibly
    in
    correct SSLServerCertificateChainFileName set for this server certificate
    at weblogic.security.X509.verifySignature(X509.java:251)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <24-abr-01 16:21:59 CEST> <Notice> <WebLogicServer> <WebLogic Server
    started>
    <24-abr-01 16:21:59 CEST> <Notice> <WebLogicServer> <ListenThread listening
    on
    p
    ort 7001>
    I would appreciate any help on this issue. I want to add the new root
    certificate
    because I own a SSLclient certificate in my browser which I want the
    Weblogic
    server to authenticate.
    Thank you very much, David.

  • "xdo" failed to preload on startup in Web application: "xmlpserver".

    I have been able to deploy OBIEE onto Weblogic 10.3 however no success in BI publisher 10.1.3.4.0. I'm using JDK 6.14, not JRockIt.
    I have tried expanding the xmplserver.ear -> xmlpserver.war -> expanded files
    i have used the following link to deploy
    http://bipconsulting.blogspot.com/2009/04/installation-for-oracle-weblogic-server.html
    the error i get is
    [HTTP:101216]Servlet: "xdo" failed to preload on startup in Web application: "xmlpserver.war".
    java.lang.NoClassDefFoundError: com/phaos/crypto/CipherException at
    oracle.apps.xdo.servlet.security.SecurityHandler.getHandler(SecurityHandler.java:78) at
    oracle.apps.xdo.servlet.GlobalContext.initSecurity(GlobalContext.java:129) at
    oracle.apps.xdo.servlet.GlobalContext.init(GlobalContext.java:97) at
    oracle.apps.xdo.servlet.XDOServlet.init(XDOServlet.java:67) at
    weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283) at
    weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at
    weblogic.security.service.SecurityManager.runAs(Unknown Source) at
    weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecurityHelper.java:64) at
    weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubLifecycleHelper.java:58) at
    weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHelper.java:48) at
    weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:521) at
    weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:1893) at
    weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(WebAppServletContext.java:1870) at
    weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1790) at
    weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3000) at
    weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1371) at
    weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:471) at
    weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:205) at
    weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37) at
    weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60) at
    weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:201) at
    weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:118) at
    weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:205) at
    weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37) at
    weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60) at
    weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:28) at
    weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:636) at
    weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37) at
    weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212) at
    weblogic.application.internal.SingleModuleDeployment.activate(SingleModuleDeployment.java:16) at
    weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:162) at
    weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79) at
    weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:569) at
    weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:140) at
    weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:106) at
    weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:323) at
    weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:820) at
    weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1227) at
    weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:436) at
    weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:164) at
    weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:181) at
    weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:12) at
    weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:68) at
    weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516) at
    weblogic.work.ExecuteThread.execute(ExecuteThread.java:201) at
    weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Any hints?
    Thanks

    The stack trace indicates - some libraries can't be found:
    java.lang.NoClassDefFoundError: com/phaos/crypto/CipherExceptionThe missing above library comes from ojpse.jar ( which is located by default installation in $OracleBI_home/oc4j_bi/jlib/ojpse.jar ) - that let me suggest, you took your xmlpserver.war from oc4j distribution. So, in that case, a workaround could be to include this jar into classpath before starting WebLogic server. The proper solution ( i think ) - you should deploy a standalone version of xmlpserver ( if you download bi publisher and unzip this archive from http://www.oracle.com/technology/software/products/publishing/index.html - you will find in the folder Oracle_Business_Intelligence_Publisher_Standalone/manual/generic a little differently packaged xmlpserver.war - which does include the mentioned library - under WEB-INF/lib, among some other additional libraries ). If i remember correctly, i've read it somewhere in documentation as well - about deployment bi publisher under 3rd party application server - the fully packaged version ( also not from the oc4j deployment) should be used.
    Best regards
    Maxim

  • Tomcat ERROR when installing BIPublisher

    Hi,
    During installation and trying to login to the "Oracle BI Publisher Enterprise", i tried to log in using the user/password: admin/admin but it shows this error:
    description The server encountered an internal error () that prevented it from fulfilling this request.
    exception
    org.apache.jasper.JasperException: com/phaos/crypto/CipherException
         org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:476)
         org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:371)
         org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
         org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
         oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:100)
    root cause
    javax.servlet.ServletException: com/phaos/crypto/CipherException
         org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:846)
         org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:779)
         org.apache.jsp.login_jsp._jspService(login_jsp.java:499)
         org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
         org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:328)
         org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
         org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
         oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:100)
    root cause
    java.lang.NoClassDefFoundError: com/phaos/crypto/CipherException
         oracle.apps.xdo.servlet.security.SecurityHandler.getHandler(SecurityHandler.java:66)
         org.apache.jsp.login_jsp._jspService(login_jsp.java:190)
         org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
         org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:328)
         org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
         org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
         oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:100)
    note The full stack trace of the root cause is available in the Apache Tomcat/5.5.23 logs.
    Why can't i log in?

    OP doesn't have to do anything other than follow the instructions in the installation guide.
    Ensure Tomact is correctly installed - you see that on the welcome page (and have an appropriate version of Java)
    Add in the manager/admin password/role as needed
    Deploy the XMLPwhatever WAR file, either with Tomcat running or not, works either way
    Copy the font files, also specified in the installation guide
    Etc.
    It works just like it says, no need to move other jar files around or go find missing jar files. If you have do that, you messed up the installation in one place/step or another. Start over.

  • ESP - problem with security

    Hi,
    I have installed ESP 5.1 v4 and I am getting following errror after kicking off script:
    cd /opt/sybase/ESP-5_1/cluster/nodes/node1
    $ESP_HOME/bin/esp_server --cluster-node node1.xml
    (Location of log: /opt/sybase/ESP-5.1/cluster/nodes/node1/clusted.log:)
    Jun 11 2014 16:52:09.416 INFO - SAP Sybase Event Stream Processor Cluster Node 5.1.04.00/20131113.1/SP04 PL00/linux/x86_64/64-bit/OPT/Wed Nov 13 08:29:30 PST 2013
    Jun 11 2014 16:52:10.130 FATAL - CODE_700219 | Exception decrypting Security/Password
    com.sybase.esp.cluster.impl.CipherService$CipherServiceException: Caught exception decrypting text
            at com.sybase.esp.cluster.impl.CipherService.decrypt(Unknown Source)
            at com.sybase.esp.cluster.impl.CipherService.decryptToString(Unknown Source)
            at com.sybase.esp.cluster.impl.SecurityConfig.configure(Unknown Source)
            at com.sybase.esp.cluster.impl.NodeConfig.configure(Unknown Source)
            at com.sybase.esp.cluster.impl.Node.initialize(Unknown Source)
            at com.sybase.esp.cluster.impl.Node.initialize(Unknown Source)
            at com.sybase.esp.cluster.FactoryNode.factory(Unknown Source)
            at com.sybase.esp.cluster.FactoryNode.main(Unknown Source)
    Caused by: com.sybase.esp.system.crypto.CipherException: caught exception decrypting data
            at com.sybase.esp.system.crypto.Cipher.decrypt(Unknown Source)
            ... 8 more
    Caused by: javax.crypto.BadPaddingException: Given final block not properly padded
            at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
            at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
            at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
            at javax.crypto.Cipher.doFinal(Cipher.java:2087)
            ... 9 more
    Jun 11 2014 16:52:10.144 FATAL - CODE_700032 | Security configuration failed
    Jun 11 2014 16:52:10.144 FATAL - CODE_700012 | Factory of new node with config file [node1.xml] failed
    I have changed ESP to use preconfigured username/password (in csi_local.xml) with no luck.
    Any suggestions?

    I tryied this as well (I have PDF documentation with those steps).
    I haven;t changed encrypted password used to access the keystore, neither cluster's encrypted password.
    This is what I did:
    1. Kick off installation: ./setup.bin
    So I have it installed on the /opt/sybase
    2.
    Modify node1.xml file:
    /opt/sybase/ESP-5_1/cluster/nodes/node1/node1.xml
    changes:
    - It was "true" before
            <Port ssl="false">19011</Port>
            <AdminPort ssl="false">0</AdminPort>
    - Comment out:
    <!--<File>${ESP_SHARED}/security/csi_native_unix.xml</File>-->
    - Add line:
    <File>${ESP_SHARED}/security/csi_local.xml</File>
    3. sybase-csi file (as per page 52 from
    http://infocenter.sybase.com/help/topic/com.sybase.infocenter.dc01611.0510/doc/
    pdf/admin_guide.pdf)
    4. Follow instructions from link provided by you: http://infocenter.sybase.com/help/topic/com.sybase.infocenter.dc01611.0514/doc/html/tbi1353498879466.html
    My node1.csi file looks like following:
    <Node xmlns:xi="http://www.w3.org/2001/XInclude">
        <!-- The Node Name must be unique throughtout the Cluster. -->
        <Name>node1</Name>
        <!-- The Macros node is optional. -->
        <!-- Values of the form ${macro_name} in nodes identified below will expand to the maco value. -->
        <!-- Macros are loaded before all other config -->
        <Macros>
            <!-- The Macro node has an optional 'type' attribute. -->
            <!-- Allowed 'type' values are "value", "envar", "sysproperty" and "prompt". -->
            <!-- If type is value, the literal value specified (subject to expansion) will be used. -->
            <!-- If type is envar, value for Macro will be pulled from environment valiable defined by Macro value. -->
            <!-- If type is sysproperty, value for Macro will be pulled from Java system property defined by Macro value. -->
            <!-- If type is prompt, the value will be prompted for at startup. Hide and verify options are supported. -->
            <Macro name="ESP_HOME" type="envar">ESP_HOME</Macro>
            <Macro name="ESP_HOSTNAME">esplni01.zit.commerzbank.com</Macro>
            <Macro name="ESP_SHARED">${ESP_HOME}</Macro>
            <Macro name="ESP_STORAGE">${ESP_SHARED}/storage</Macro>
        </Macros>
        <!-- The SystemProperties node is optional. -->
        <SystemProperties>
            <!-- If a Property is defined, that Java system property will be set to the value specified. -->
            <!-- A Property is macro expanded by default. -->
            <!-- To disable expansion, set attribute expand="false". -->
            <!-- prompt="true" will cause the value to be prompted for at startup. Hide and verify options are supported. -->
            <!--
            <Property name="some.system.property.to.set">some value</Property>
            <Property name="some.other.system.property.to.set">some other value</Property>
            -->
            <Property name="esp.home">${ESP_HOME}</Property>
            <Property name="esp.shared">${ESP_SHARED}</Property>
            <!-- If using Kerberos authentication, the following properties-->
            <!--  should be set to their appropriate values. -->
            <Property name="java.security.krb5.realm">REALM_PLACEHOLDER</Property>
            <Property name="java.security.krb5.kdc">KDC_PLACEHOLDER</Property>
        </SystemProperties>
        <!-- A Cluster Node can be a Controller and/or a Manager. It must be at least one. -->
        <!-- In this instance, the Node is both. -->
        <Controller enabled="true">
            <!-- The ApplicationTypes define all application types this Controller Node will be able to launch. -->
            <ApplicationTypes>
                <ApplicationType name="project" enabled="true">
                    <Class>com.sybase.esp.cluster.plugins.apptypes.Project</Class>
                    <StandardStreamLog enabled="true" />
                    <Properties>
                        <Property name="esp-home">${ESP_HOME}</Property>
                        <Property name="hostname">${ESP_HOSTNAME}</Property>
                        <Property name="ld-preload">${ESP_HOME}/lib/jre/lib/amd64/server/libjsig.so</Property>
                        <Property name="services-file">${ESP_HOME}/bin/service.xml</Property>
                        <Property name="base-directory">${ESP_SHARED}/cluster/projects/test-name-1</Property>
                        <Property name="ssl-key-file">${ESP_HOME}/cluster/keys/test-name-1</Property>
                        <Property name="ssl-key-file-encrypted">true</Property>
                    </Properties>
                </ApplicationType>
                <ApplicationType name="ha_project" enabled="true">
                    <Class>com.sybase.esp.cluster.plugins.apptypes.HaProject</Class>
                    <StandardStreamLog enabled="true" />
                    <Properties>
                        <Property name="esp-home">${ESP_HOME}</Property>
                        <Property name="hostname">${ESP_HOSTNAME}</Property>
                        <Property name="ld-preload">${ESP_HOME}/lib/jre/lib/amd64/server/libjsig.so</Property>
                        <Property name="services-file">${ESP_HOME}/bin/service.xml</Property>
                        <Property name="base-directory">${ESP_SHARED}/cluster/projects/test-name-1</Property>
                        <Property name="ssl-key-file">${ESP_HOME}/cluster/keys/test-name-1</Property>
                        <Property name="ssl-key-file-encrypted">true</Property>
                    </Properties>
                </ApplicationType>
            </ApplicationTypes>
        </Controller>
        <Manager enabled="true">
            <!-- The ApplicationHeartbeatTimeout node is optional -->
            <!-- The first Manager in the Cluster will determine the value Cluster wide -->
            <!-- The value is in milliseconds -->
            <!--
            <ApplicationHeartbeatTimeout>30000</ApplicationHeartbeatTimeout>
            -->
        </Manager>
        <Rpc>
            <!-- The Host node is optional -->
            <!--
            <Host>${ESP_HOSTNAME}</Host>
            -->
            <Port ssl="false">19011</Port>
            <AdminPort ssl="false">0</AdminPort>
        </Rpc>
        <Cache>
            <!-- The Host node is optional.  Only used if Manager node above is enabled. -->
            <!--
            <Host>${ESP_HOSTNAME}</Host>
            -->
            <!-- The Port node is only used if Manager node above is enabled. -->
            <Port>19001</Port>
            <!-- The Name defines the Cluster name.-->
            <!-- All Nodes in a Cluster must have the same Name/Password defined.-->
            <Name>test-name-1</Name>
            <Password encrypted="true" prompt="false" hide="true" verify="true" query="Please enter cluster password">
    LH0Jev3YIlMRRXTwfzbqVST1hEMdNAf4YHjphVfTCq/SzNny
    </Password>
            <!-- If Multicast is not enabled, the Managers node below must be enabled.-->
            <Multicast enabled="false">
                <Group>224.2.2.7</Group>
                <Port>54323</Port>
            </Multicast>
            <!-- If Multicast is not enabled or the Manager node above is not enabled, -->
            <!-- the Managers node below must be enabled. -->
            <!-- The Managers node specifies all Manager enabled nodes in the Cluster -->
            <Managers enabled="true">
                <Manager>localhost:19001</Manager>
            </Managers>
            <Persistence enabled="false">
                <Directory>${ESP_STORAGE}</Directory>
            </Persistence>
        </Cache>
        <Security>
            <Csi>
                <!-- The File node is macro expanded by default. -->
                <!-- To disable expansion, set attribute expand="false". -->
                <!-- This node specifies the CSI configuration file to use. -->
                <!-- There are currently 6 distributed CSI config examples. -->
                <!-- csi_native_nt.xml uses a CSI supplied LoginModule that provides native OS authentication on Windows. -->
                <!-- csi_native_unix.xml uses a CSI supplied LoginModule that provides native OS authentication on Unix. -->
                <!-- csi_ldap.xml uses a CSI supplied LoginModule that provides LDAP authentication. -->
                <!-- csi_kerberos.xml uses an ESP supplied LoginModule that provides Kerberos authentication. -->
                <!-- csi_rsa.xml uses an ESP supplied LoginModule that provides RSA authentication. -->
                <!-- csi_boe.xml uses an ESP supplied LoginModule that provides SAP BI authentication. -->
                <!--<File>${ESP_SHARED}/security/csi_native_unix.xml</File>-->
                <File>${ESP_SHARED}/security/csi_local.xml</File>
                <!--Policy>${ESP_SHARED}/security/policy.xml</Policy-->
            </Csi>
            <Keystore>
                <Type>JKS</Type>
                <File>/opt/sybase/ESP-5_1/security/keystore_rsa.jks</File>
                <Password encrypted="true" prompt="false" hide="true" verify="true" query="Please enter keystore password">
    ywMJ0f2DIvsRlHRsfwfqSySKhGodhQctYHTpUFeuCtDS/tpj
    </Password>
                <Algorithm>RSA</Algorithm>
            </Keystore>
            <Cipher>
                <File>${ESP_HOME}/cluster/keys/test-name-1/cluster.key</File>
            </Cipher>
        </Security>
    </Node>
    Thanks,
    Jack

  • SSL and WLS 6.0

    Greetings,
    I generated a cert request from WLS 6.0 and submitted to VeriSign for a test
    cert. When I tried to configure WLS to use the new cert I got the
    following:
    <Feb 15, 2001 4:06:17 PM GMT-05:00> <Alert> <WebLogicServer> <Security
    configuration problem with certificate file config/mydomain/cxreq1-key.der,
    java.io.IOException: weblogic.security.CipherException: Invalid padding
    length 161>
    java.io.IOException: weblogic.security.CipherException: Invalid padding
    length 161
    at
    weblogic.security.RSAPrivateKeyPKCS8.input(RSAPrivateKeyPKCS8.java:157)
    at
    weblogic.security.RSAPrivateKeyPKCS8.<init>(RSAPrivateKeyPKCS8.java:125)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:386)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:939)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    And of course SSL was not enabled. Can anyone please point me towards a
    solution?
    Thanks
    Todd

    "Peter B" <@> wrote in message news:[email protected]..
    >
    "Rob Jago" <[email protected]> wrote in message
    news:3bddf8a1$[email protected]..
    Hello
    I am having problems communicating to a WLS6.0 sp2 server from a java
    application using JSSE and SSL. It appears a bulk of the problem lies
    in
    the SSL handshaking.
    It usually fails on the Change Cipher Spec call.
    Which SSL implementation are you using ?Hi Peter. thanks for the reply
    currently using JSSE 1.0.2 with JDK 1.3.1_01.
    I have done some more coding / testing and encountered some interesting /
    crazy things
    with SSL _ tracing on , I get the connection reset by peer
    with SSL tracing off, I get the connection closed.
    Rob

  • Verisign certificate & Chain File Name

    Perhaps a newbie question, but here goes:
    I am having trouble installing a Verisign certificate on my Weblogic 6.0
    server. I have my private key and certificate file installed properly I
    believe, but am unsure what to put in the Certificate Chain File entry
    in the console. I only have 1 certificate for this server. I have tried
    to
    a) leave it empty - in which case it uses a default file name which does
    not exist
    b) use the certificate I got from Verisign
    c) export a class 3 certificate from my browser and use that file
    In all the cases that I give it an existing file name, I get the
    following stack trace:
    weblogic.security.CipherException: Incorrect encrypted block
    at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:208)
    at
    weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
    at weblogic.security.X509.verifySignature(X509.java:243)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <Sep 5, 2001 8:18:55 AM PDT> <Alert> <WebLogicServer> <Inconsistent
    security configuration, weblogic.security.AuthenticationException:
    Incorrect encrypted block possibly incorrect
    SSLServerCertificateChainFileName set for this server certificate>
    weblogic.security.AuthenticationException: Incorrect encrypted block
    possibly incorrect SSLServerCertificateChainFileName set for this server
    certificate
    at weblogic.security.X509.verifySignature(X509.java:251)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)

    OK. Found out what it was.
    The Server Certificate Chain File name is what Verisign calls the
    Intermediate Certificate. So what you need to do is grab that cert off the
    Verisign site, paste it into a new file on your server and put that file
    name in as the path to the Chain File name.
    New question: Why the 2 names for the same thing ? The documentation could
    be a bit clearer here, as it's a very simple process that seems more
    complicated than it needs to be (IMHO).
    Brian Hall wrote:
    Perhaps a newbie question, but here goes:
    I am having trouble installing a Verisign certificate on my Weblogic 6.0
    server. I have my private key and certificate file installed properly I
    believe, but am unsure what to put in the Certificate Chain File entry
    in the console. I only have 1 certificate for this server. I have tried
    to
    a) leave it empty - in which case it uses a default file name which does
    not exist
    b) use the certificate I got from Verisign
    c) export a class 3 certificate from my browser and use that file
    In all the cases that I give it an existing file name, I get the
    following stack trace:
    weblogic.security.CipherException: Incorrect encrypted block
    at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:208)
    at
    weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
    at weblogic.security.X509.verifySignature(X509.java:243)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    <Sep 5, 2001 8:18:55 AM PDT> <Alert> <WebLogicServer> <Inconsistent
    security configuration, weblogic.security.AuthenticationException:
    Incorrect encrypted block possibly incorrect
    SSLServerCertificateChainFileName set for this server certificate>
    weblogic.security.AuthenticationException: Incorrect encrypted block
    possibly incorrect SSLServerCertificateChainFileName set for this server
    certificate
    at weblogic.security.X509.verifySignature(X509.java:251)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
    at
    weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
    at
    weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)

Maybe you are looking for

  • Error message when logging into financial reporting studio 11.1.1.3

    I receive the following error message when I attempt to login in to financial reporting studio 11.1.1.3: "You are not authorized to use this functionality. Please contact your administrator." I'm attempting to login with the default "admin" user that

  • Report Builder - Add report Processing time

    Hi, I was wondering if there was any way to add a value field to a report, with the time it took for the report to Process. It would probably be a text field with an Expression, but don't know how that would go. I know that in Expression there is a v

  • Parallel query clarification

    Hi, I am working on Oracle 10.2.0.4 2 node RAC database(Solaris 10, SPARC). I have a table containing around 10 million rows occupying 10G storage. To test the benefits of partitioning I created a partitioned table and then tried inserting all the re

  • SAP HR Benefits

    Hi all , I need the documents on SAP HR-Benefits. Regards santosh .

  • Modifying default permissions? (Answered)

    A little while back, I discovered a way for the system to automatically make the permissions of files I create 0640. I've changed my mind about that now (since a permissions problem gave me hell with sqlite all day), and I've forgotten what I can do