Configure SSL Throughout Portal in 10.1.2.0.2

My installation is going to contain both the Infrastructure (IM, SSO) as well as the Middle-tier (Portal) and I want to later configure SSL. Oracle says in the documentation that the servername must be different for each home. I'm thinking that I will use the hosts file to alias the IP address but I'm not sure if the installer looks at the file or somewhere in the system to get the machine name. I don't want to change the machine name after the infrastructure installation has completed but I can change the hosts file and the order of the alias names. Has anyone successfully done this before that can point me in the right direction?
Thanks,
Denise

I've looked at the tool but my concern is having the infrastructure & midtier on the same box. I want to make sure that the initial installation is correct since each installation requires a different server name for ssl to work.
Has anyone done this and gotten it to work? Suggestions, or things to look out for?
Thanks,
Denise

Similar Messages

  • Need info to configure SSL for Portal Server in EP6SP2

    Hello,
    We need to configure SSL for Portal Server. We are using J2EE 6.20 Patch 25 and EP6SP2P4. The ITS is already using https and it creats lots of Session issues since Portal is not in https.
    Is there any OSS Note or How to guide to configure Portal to use SSL.
    Thanks.
    - PK

    Hi Marcel,
    Thanx for your Post, I have a Question, we will use CISCO for load balancing and SSL termination but I have a big issue, the URL in the portal applciation is always the same ant the URL in the borwser, I guess al the other URL´s are in the Frames, how will we configure the SSL termination for the login page in example if the URL in the Browser appears always the same?
    Thanx in Advanced!!!

  • ASA 9.1 + ACS 5.4 SSL Web Portal Bookmarks according to AD Group.

    Hello.
    Have some issues, with ssl vpn on ASA 5515-X.
    I have ASA (9.1) connected to the  ACS (5.4) and configured anyconnect mobile client and clientless ssl web portal. ACS also have connection to Active Directory.
    So it's configured that AD users from group, for example, VPN_clients could connect via anyconnect client or without client via SSL web page. And it's working fine.
    My goal is that to make different SSL portal bookmarks (in terms of ASA different Group Polices) according to AD user group.
    For example: I have 3 groups in AD: VPN_admin, VPN_Finance, VPN_Logistic. I want that users from these group after authentication at SSL web portal would see only their own bookmarks available only for their group.
    As i inderstand after authentication process ACS must answer to ASA which AD groups the user consist of and ASA must choose the right group policy for the user, but i have no experience how to make this?

    Hello Ivan,
    You are right, ACS can let the ASA know which group-policy should assign based on the RADIUS attribute 25.
    Steps on ACS:
    1- Defined AD groups:
    2- Define the authorization profile under the Policy Elements tab:
    3- Create the Authorization policy and access criteria:
    Then, on the ASA:
    1- Create a group-policy and name it it.
    2- Through the ASDM, create and assign the bookmarks to this group-policy.
    3- Once a user authenticates, the ACS sends the attribute 25, which contains the string "ou=it".
    4- The ASA looks for the group-policy it and assigns it to the user's session.
    Let me know if you have any questions.
    HTH.
    Please rate any helpful posts.

  • Configuring SSL for Real-Time Collaboration

    Hi,
    We installed OCS10gR1 because we want to use Real-Time collaboration for delivering support. At this moment we are trying to configure SSL. We already worked through the following guides :
    - Real-time collaboration admin guide
    - OCS admin guide
    - OCS Security guide
    - OPMN admin guide
    but it's still very fuzzy. It's hard to get a clear overview about the steps to follow to get SSL working for RTC. Is there some kind of "cookbook" or simple guide which describes all the steps in a clear way.
    Thank you

    Hi,
    I ran the SSLconfigTool.sh script on the Infrastructure with success but the midtierSSLConfigTool.sh script didn't come to an end. Probably, I ran the script with the wrong options. I used the following options :
    <oid hostname> gary.woerden.centric (hostname on which ocs resides)
    <oid port> 389 (default)
    <oid admin dn> I filled in orcladmin, but maybe dn=woerden,dn=centric would be better ???
    <http server SSL port> 8250 (from portlist.ini)
    <https> internet_appserver_registry (I really didn't know what value this must be)
    <hostname of the computer> gary.woerden.centric
    <True | False> False
    The output of the script midtierSSLConfigTool.sh with the options mentioned above:
    Modifying Collaboration Suite service registry
    Exception in thread "main" javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
    at oracle.ldap.util.jndi.ConnectionUtil.returnInitialLdapContext(ConnectionUtil.java:492)
    at oracle.ldap.util.jndi.ConnectionUtil.getDefaultDirCtx(ConnectionUtil.java:135)
    at oracle.ldap.util.jndi.ConnectionUtil.getDefaultDirCtx(ConnectionUtil.java:157)
    at URLUpdate.main(URLUpdate.java:32)
    Done. Please go to /opt/oracle/product/10.1.1/ocs/apps/imeeting/logs/rtcctl directory to check the log file.
    Starting the SSL Configuration Tool...
    Log file recording the current execution is '/home/oracle/SSLConfigTool_20051104_091126.log'.
    Below is the command line you have entered:
    SSLConfigTool -config_w_default -opwd ******** -ptl_dad portal -ptl_inv_pwd ********
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/bin/ldapbind -h gary.woerden.centric -p 636 -U 1
    Querying password for Portal from OID.
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/bin/ldapsearch -h gary.woerden.centric -p 636 -D cn=orcladmin -w ******** -U 1 -b "OrclResourceName=Portal,orclReferenceName=ocs.woerden.centric,cn=IAS Infrastructure Databases,cn=IAS,cn=Products,cn=OracleContext" -s sub "objectclass=*" orclpasswordattribute
    Exit code: 0
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/dcm/bin/dcmctl updateConfig
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/opmn/bin/opmnctl stopproc ias-component=dcm-daemon
    Configuring HTTPS for your ORACLE_HOME at:
    /opt/oracle/product/10.1.1/ocs/apps
    Backing up file '/opt/oracle/product/10.1.1/ocs/apps/opmn/conf/opmn.xml' to file '/opt/oracle/product/10.1.1/ocs/apps/opmn/conf/opmn.xml.orig_SSLConfigTool'.
    Backing up file '/opt/oracle/product/10.1.1/ocs/apps/Apache/Apache/conf/ssl.conf' to file '/opt/oracle/product/10.1.1/ocs/apps/Apache/Apache/conf/ssl.conf.orig_SSLConfigTool'.
    Backing up file '/opt/oracle/product/10.1.1/ocs/apps/webcache/webcache.xml' to file '/opt/oracle/product/10.1.1/ocs/apps/webcache/webcache.xml.orig_SSLConfigTool'.
    Backing up file '/opt/oracle/product/10.1.1/ocs/apps/webcache/webcache.xml' to file '/opt/oracle/product/10.1.1/ocs/apps/webcache/webcache.xml.tmp'.
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/sso/bin/ssoreg.sh -oracle_home_path /opt/oracle/product/10.1.1/ocs/apps -site_name SSLConfigTool_ssl_ocsapps.gary.woerden.centric -config_mod_osso TRUE -mod_osso_url https://gary.woerden.centric:8250 -u root
    Backing up file '/opt/oracle/product/10.1.1/ocs/apps/j2ee/OC4J_Portal/applications/portal/portal/WEB-INF/web.xml' to file '/opt/oracle/product/10.1.1/ocs/apps/j2ee/OC4J_Portal/applications/portal/portal/WEB-INF/web.xml.orig_SSLConfigTool'.
    Backing up file '/opt/oracle/product/10.1.1/ocs/apps/portal/conf/iasconfig.xml' to file '/opt/oracle/product/10.1.1/ocs/apps/portal/conf/iasconfig.xml.orig_SSLConfigTool'.
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/portal/conf/ptlconfig -encrypt
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/portal/conf/ptlconfig -dad portal -pw ********
    Backing up file '/opt/oracle/product/10.1.1/ocs/apps/sysman/emd/targets.xml' to file '/opt/oracle/product/10.1.1/ocs/apps/sysman/emd/targets.xml.orig_SSLConfigTool'.
    Executing command:
    /opt/oracle/product/10.1.1/ocs/apps/dcm/bin/dcmctl updateConfig
    This last command didn't come to an end.
    Can you tell me what options are wrong and can I run the script again or should I first backup the backupped files ?
    Thanx in advance!

  • Want to delete all the mails in the mail box configured for BPM Portal

    Hi All,
    Do you have idea to perform this activity.
    I want to delete all the mails in the Dev mail box configured for BPM Portal.
    Server and mailbox details as given below :
    Mail a/c = Y00123
    Mail server = sap.mail.com
    Thanks, Sanjay

    http://java.sun.com/developer/onlineTraining/JavaMail/contents.html
    http://www.jguru.com/faq/view.jsp?EID=17035
    if you know the password of the account, i think you can also access the mail using mail client, like you use outlook to deal with your company mail daily.

  • Can CSD be configured on a portal by portal basis?

    I have the need to use CSD on one SSL-VPN portal, but not another. It apprears to me that CSD is a global setting for the appliance. Am I missing something or is this a feature available in more recent code.
    Currently we are running:
    ASA 8.0(3)
    ASDM 6.1.1
    CSD 3.2.1.118
    Any assistance would be greatly appreciated.

    Derek,
    See the below url for more information:-
    http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_example09186a008072aa6c.shtml
    HTH>

  • Configuring SSL to make a HTTPS web Service call from XI

    Hi All,
    We are making a <b>https web service call</b> using soap adapter from XI. Looking at the various posts and SAP help links, we are configuring SSL for the same.
    The procedure given in SAP help has been followed to configure SSL but with no luck. If someone had done this could you please give a <b>step by step procedure</b> to configure SSL, we might have missed out on something.
    Also are there are <b>any other settings apart from SSL</b> to be done to make a  https web service call using soap adapter from XI.
    Cheers,
    Chandra

    user13046122 wrote:
    I have an old pl/sql "helper" package, originally written to make SOAP Web Service calls from the database - it uses UTL_HTTP to invoke the target services.
    I now need to make SOAP Web Service calls - from an 8.1.7.4 database
    But the version of UTL_HTTP inside 8.1.7.4 does not contain the functions needed in the helper package
    Can anybody suggest a means of making SOAP Web Service calls from an 8.1.7.4 database ?I think you'll be very lucky to find anyone here who still has access to a version of Oracle that is that old.... I mean... that's like what? 15 years old at least? I'm surprised you've still got hardware that can run that.
    It would probably help if you could post what code you've got and explain which function(s) it's complaining about, as I doubt people will want to guess.

  • Configure SSL in J2SE Plain adapter

    I tryed to configure SSL in J2SE Plain adapter. (7.0)
    I've generated a certificate file "certif_file.cer" and
    while I put in GUIBrowserEngine Property File the following
    line:
    HTTP.SSLcertificate=F:\tech_adapter_70\certif_file.cer
    I've got the following error message:
    16:19:10 : Error(s) in GUIBrowserEngine configuration
    parameters found:
    ERROR: Certificate file 'F: ech_adapter_70certif_file.cer' not
    found, must quit!
    It seems that something wrong with my definition of full path
    to this file. But I do not find from SAP Library any solution
    about this problem.
    Could you help me?

    Hi Boris,
    Please try to give the full path using backslash '/' :
    e.g.  F:/tech_adapter_70/certif_file.cer
    I hope it will work.
              The J2SE Adapter Engine uses SSL only for communication line encryption, not for client and server authentications. Since this is a drawback with respect to security, you should use the J2EE Adapter Engine in insecure environments.
                             All configuration data for the Plain J2SE Adapter Engine is maintained in flat property files.The file for the engine administration data itself is located in the following directory:
    <installation directory>/tech_adapter/BaseConfiguration
    The file for the adapter configuration data is located in the following directory:
    <installation directory>/tech_adapter/Configuration
                       The adapters of the Plain J2SE Adapter Engine are configured locally and not in the Integration  Directory. Exchanged messages are also stored directly in the file system.
    Therefore, ensure that only the operating system user, who has started and therefore owns the adapter engine process, can read the property files and has access to the directories used for message exchange.
    *Pls: Reward points if helpful*
    Regards,
    Jyoti
    Edited by: Jyoti Acharya on Dec 19, 2007 5:05 PM

  • LDAP user groups not visible for configuring a Group Portal

    Hi,
    We have created a Custom Security Realm(myRealm) on WebLogic 7.0 SP2 in which
    I've added the Novell LDAP Authentication provider as the authentication provider
    and then set "myRealm" as the default realm for the domain. I am able to start
    the WLS server instance and login to portalAppTools with the "administrator" account.
    We would like to configure a Group Portal. In Portal Administration interfaces,
    when I click on Group Administartion, I am unable to see any of my external LDAP
    groups. I know that we cannot create/delete users or groups in the external LDAP
    repository thru the Admin UI but the documentation says that I should be able
    to view the users/groups in the Admin UI. Authentication against the external
    LDAP repository works fine. Can anybody suggest the reason why we are unable to
    view any of the Users or Groups in our external LDAP repository thru the User
    Administration interfactes.
    Appreciate any feedback.
    Thanks
    Vikram

    Hi Jim,
    I've configured a default LDAP V2 Compatibility Realm by modifying the Config.xml
    file. I was able to restart Weblogic and see the LDAP Groups and Users thru the
    WLS console. In our project we've a unique requirement wherein all Application
    Groups and User Accounts would be stored in an LDAP repository and all BEA SERVICE
    level accounts and groups are stored in a Database (groups like AdminEligible,
    Administrators etc.). We need to be able to look at the groups in both the Database
    and LDAP repositories in order to administer and configure a Group Portal. On
    the outset it looks like we will not be able to do what we want to with the current
    portal framework. Please suggest if there are any alternatives in order to implement
    this solution. I am sure there are lot of other Clients who cannot create groups
    like Administrators, AdminEligible etc in their LDAP repositories and will be
    forced to think of alternatives.
    I would appreciate if you can reply back at your earliest convenience.
    Thanks
    Vikram
    Jim Litton <replyto@newsgroup> wrote:
    The Weblogic 7.0 Authentication Providers (new JAAS Framework) is not
    supported with Portal 7.0. You will need to configure the Compatibility
    Security CustomRealm for Novell to try to get Portal working.
    see defaultLDAPRealmForNovellDirectoryServices at
    http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1083149
    In addition, remember to test functionality through the Weblogic
    Console. If you can see groups and users there okay it is very likely
    that Portal will operate.
    -- Jim
    Vikram wrote:
    Hi,
    We have created a Custom Security Realm(myRealm) on WebLogic 7.0 SP2in which
    I've added the Novell LDAP Authentication provider as the authenticationprovider
    and then set "myRealm" as the default realm for the domain. I am ableto start
    the WLS server instance and login to portalAppTools with the "administrator"account.
    We would like to configure a Group Portal. In Portal Administrationinterfaces,
    when I click on Group Administartion, I am unable to see any of myexternal LDAP
    groups. I know that we cannot create/delete users or groups in theexternal LDAP
    repository thru the Admin UI but the documentation says that I shouldbe able
    to view the users/groups in the Admin UI. Authentication against theexternal
    LDAP repository works fine. Can anybody suggest the reason why we areunable to
    view any of the Users or Groups in our external LDAP repository thruthe User
    Administration interfactes.
    Appreciate any feedback.
    Thanks
    Vikram

  • How to configure mail using portal collaboration

    hi Guys..,
    pls tel me
    how to configure mail using portal collaboration and its uses..
    thanks
    regards
    kamal

    Hi,
    Two Configure Email, first
    You have to create a System for Groupware through System Administration ->System Configuration -> system LandScape
    Then create a Groupwaretransport
    implement SSO between your Mail server and your EP...
    and finally
    Create a Mail service...
    More Info is available at below link..
    http://help.sap.com/saphelp_nw04/helpdata/en/7c/6a469702474146a8ef2f97fe880b2f/frameset.htm
    and have a look at the thread raised by be on Calender Configuration...
    Collaboration calendar : No transport has been configured for the calendar
    Regards,
    Srinivas

  • Error while configuring SSL in OID 11g - LDAP 50 Insufficient Access rights

    HI,
    I am trying to configure SSL in OID 11g.As per the doc http://download.oracle.com/docs/cd/E12839_01/oid.1111/e10029/ssl.htm#CBHGBGAF ,i tried creating a Self-Signed Wallte using Fusion Middleware control,But i am getting an error LDAP 50: Insufficient access rights".I logged into Fusion Middle Ware control as Weblogic user.Is anybody faced this issue?.Thanks in advance.

    I am not sure how you tried, but I would recommend to do the following...
    1. Add the 'user1' to "OU=Franchisees,ou=People,dc=company,dc=com"
    2. Delete the 'user1' from 'OU=Internal,ou=People,dc=company,dc=com'

  • Do i have to configure ssl on cisco unified provisioning manager for it to work. I am running BE6000 9.X

    Do i have to configure ssl on cisco unified provisioning manager for it to work

    Here is the code
    #include <userint.h>
    #include "iface.h"
    #define DAQmxErrChk(functionCall) if( DAQmxFailed(error=(functionCall)) ) goto Error; else    
    int write_onoff(uInt8 HL, const char linename[])
      int         error=0;              // error code (initialized to zero i.e. no error)
      TaskHandle  taskHandle=0;            // task ID for DAQmx
      char        errBuff[2048]={'\0'}; // error message
      // DAQmx Configure Code
      SetWaitCursor(1);
      DAQmxErrChk(DAQmxCreateTask("", &taskHandle));
      DAQmxErrChk(DAQmxCreateDOChan(taskHandle, linename, "", DAQmx_Val_ChanPerLine ));
      // DAQmx Start Code
      DAQmxErrChk(DAQmxStartTask(taskHandle));
      // DAQmx Write Code
      DAQmxErrChk(DAQmxWriteDigitalU8(taskHandle, 1, 1, 10.0, DAQmx_Val_GroupByChannel, &HL, NULL, NULL));
      Error:
        SetWaitCursor(0);
        if (DAQmxFailed(error)) DAQmxGetExtendedErrorInfo(errBuff, 2048);
        if (taskHandle!=0)
          // DAQmx Stop Code
          DAQmxStopTask(taskHandle);
          DAQmxClearTask(taskHandle);
        if (DAQmxFailed(error)) MessagePopup("DAQmx Error", errBuff);  
      return error;  
    } // end write_digital_line
    int CVICALLBACK test (int panel, int control, int event, void *callbackData, int eventData1, int eventData2)
      uInt8 onoff=0;
      if (event==EVENT_COMMIT)
        GetCtrlVal(panel, control, &onoff);
        write_onoff(onoff, "Dev1/port0/line0");
      return 0;  // return 0 to tell the system the message has been handled    

  • Configuring SSL in Oracle Apps 11.5.10.2

    Hi,
    I am in the process of configuring SSL in oracle apps 11.5.10.2.
    I am a bit confused with the Note ID: 123718.1. Could you please clarify me on the below things?
    1. SSL can be implemented at three levels,
    (a) Oracle Web/Apache Server Level
    (b) Oracle Form Server Level
    (c) Oracle Database Level
    Can Implement SSL on any one or any two component levels? As per Note:123718.1, we MUST configure SSL for both the Oracle HTTP Server and Oracle Forms Level and these cannot be configured independently.
    2. As per the Note ID: 123718.1, Option 2.1. Certificate Provisioning for Oracle HTTP Server
    Point b in point 2 says to execute "$OPENSSL_TOP/bin/openssl sha1 or* > $HOME/.rnd"
    But which will be the OPENSSL_TOP?
    Please advise on these above two queries.
    Thanks in advance
    Regards,
    Sravan

    Thanks Hussien,
    I have completed SSL configuration at all level including database. Forms are not getting launched. I am getting below error in the Java Console.
    Java Plug-in 1.6.0_23
    Using JRE version 1.6.0_23-b05 Java HotSpot(TM) Client VM
    User home directory = C:\Documents and Settings\sdalav
    c: clear console window
    f: finalize objects on finalization queue
    g: garbage collect
    h: display this help message
    l: dump classloader list
    m: print memory usage
    o: trigger logging
    q: hide console
    r: reload policy configuration
    s: dump system and deployment properties
    t: dump thread list
    v: dump thread stack
    x: clear classloader cache
    0-5: set trace level to <n>
    proxyHost=null
    proxyPort=0
    connectMode=HTTPS
    Exception in thread "thread applet-oracle.forms.engine.Main-2" java.lang.NoClassDefFoundError: oracle/security/ssl/OracleSSLSocketFactory
         at oracle.forms.net.HTTPSStream.<init>(Unknown Source)
         at oracle.forms.net.HTTPConnection.connect(Unknown Source)
         at oracle.forms.engine.Runform.initConnection(Unknown Source)
         at oracle.forms.engine.Runform.startRunform(Unknown Source)
         at oracle.forms.engine.Main.createRunform(Unknown Source)
         at oracle.forms.engine.Main.start(Unknown Source)
         at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
         at java.lang.Thread.run(Unknown Source)
    Caused by: java.lang.ClassNotFoundException: oracle.security.ssl.OracleSSLSocketFactory
         at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
         at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
         at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
         at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
         at java.lang.ClassLoader.loadClass(Unknown Source)
         ... 8 more
    Caused by: java.io.IOException: open HTTP connection failed:https://sandispa.bp.com:8443/OA_JAVA/oracle/security/ssl/OracleSSLSocketFactory.class
         at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
         at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
         at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
         at java.security.AccessController.doPrivileged(Native Method)
         ... 13 more
    Thanks,
    Sravan

  • SSO Configuration in the Portal - Configtool screen greyed out

    Hi,
    I am trying to setup SSO to our AD server in our portal system.
    However, when I go into the config tool to change the settings in the UME LDAP Tab - the screen is greyed out and I cannot change anything.
    Anyone know how I can modify this screen?
    Dave

    Hi ,
    You can opt for SAML.
    Configuration from BASIS & Portal Side.
    [Setup SAML 1.1-based Web SSO from NetWeaver CE to non-SAP systems ]
    Configuration from Share Point side.
            [http://technet.microsoft.com/en-us/library/ff607753.aspx]
    Also you can check out the third party tool  u201C btexx MOSS Integratoru201D . 
    [http://www.btexx.com/products/btexx-collaborationmanager/MOSS-WSS]
    [http://www.btexx.com/products/btexx-collaborationmanager/video]
    Regards
    Sahil Kohli

  • NPE when configuring SSL in 9.2

    Hi all,
    I'm trying to configure SSL on WLS 9.2 mp4 but am getting a NullPointerException with no additional helpful information.
    I'm using "Custom Identity and Java Standard Trust." I think the location, type, and password of my identity keystore are correct.
    This is the output I'm getting:
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecuritySSL> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <SSLContextManager: initializing SSL context for channel DefaultSecure>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecuritySSL> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <SSLContextManager: loading server SSL identity>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecurityEncryptionService> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <1307462525894 : [ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)' : starting decrypt operation>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecurityEncryptionService> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <1307462525894 : [ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)' : done with decrypt operation>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Notice> <Security> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1307462525894> <BEA-090171> <Loading the identity certificate and private key stored under the alias weblogicssl from the JKS keystore file c:\projects\ssl\keystore.>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Error> <WebLogicServer> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1307462525894> <BEA-000297> <Inconsistent security configuration, java.lang.NullPointerException>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Error> <Server> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1307462525894> <BEA-002618> <An invalid attempt was made to configure a channel for unconfigured protocol "null".>
    I've turned on all the debug output I can find.
    I also wrote a little java program that reads the keystore and prints out its contents. Nothing looks wrong to me. I also tried using a known-good keystore from one of our other servers, both in my test app and in WL. Test app shows the same output for both stores with the exception of the things I expect to be different, like DN. WL also fails with the same error.
    Any idea what the problem is or how to debug this further?
    thanks

    Thanks for the response.
    That is the correct name. I should probably change it to keystore.jks but I was following the example of the common trust store named cacerts.
    SSL is enabled with port 7002.
    JVM versions are the same.
    Keytool works fine with it. It shows 1 cert, which is what I expect. The alias is correct. I know the keystore password but I don't know the private key password. I might try generating a new pw and make sure to set and remember a pw on the key itself.
    thanks

Maybe you are looking for