Managed Server won't talk to NodeManager-- Security issue... Certificate Chain incomplete
Hey All,
I am trying to set up a Managed Server and have it talk to the NodeManager running
(Weblogic 8.1 SP2) on the same machine. I can't, however, seem to get a good
SSL handshake between the two. I get the following error:
####<Mar 11, 2004 9:55:56 AM EST> <Warning> <Security> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <BEA-090508>
<Certificate chain received from hostname - ipaddress was incomplete.>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Validation
error = 4>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Certificate
chain is incomplete>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <SSLTrustValidator
returns: 4>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Trust
status (4): CERT_CHAIN_INCOMPLETE>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <NEW
ALERT: com.certicom.tls.record.alert.Alert@1642565 Severity: 2 Type: 42
java.lang.Throwable: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown
Source)
at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at sun.nio.cs.StreamEncoder$CharsetSE.writeBytes(StreamEncoder.java:336)
at sun.nio.cs.StreamEncoder$CharsetSE.implFlushBuffer(StreamEncoder.java:404)
at sun.nio.cs.StreamEncoder$CharsetSE.implFlush(StreamEncoder.java:408)
at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152)
at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213)
at java.io.BufferedWriter.flush(BufferedWriter.java:230)
at weblogic.nodemanager.client.CommandInvoker.execute(CommandInvoker.java:113)
at weblogic.nodemanager.client.CommandInvoker.invoke(CommandInvoker.java:91)
at weblogic.nodemanager.client.NodeManagerClient.executeCommand(NodeManagerClient.java:161)
at weblogic.nodemanager.client.NodeManagerRuntime.executeNMCommand(NodeManagerRuntime.java:1058)
at weblogic.nodemanager.client.NodeManagerRuntime.ping(NodeManagerRuntime.java:688)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl.java:711)
at weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:690)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.private_invoke(RemoteMBeanServerImpl.java:947)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:908)
at weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:946)
at weblogic.management.internal.MBeanProxy.invokeForCachingStub(MBeanProxy.java:481)
at weblogic.management.runtime.NodeManagerRuntimeMBean_Stub.ping(NodeManagerRuntimeMBean_Stub.java:543)
at weblogic.management.console.webapp._domain.__machine._jspService(__machine.java:669)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:301)
at weblogic.servlet.jsp.PageContextImpl.forward(PageContextImpl.java:150)
at weblogic.management.console.actions.ForwardAction.perform(ForwardAction.java:35)
at weblogic.management.console.actions.internal.ActionServlet.doAction(ActionServlet.java:173)
at weblogic.management.console.actions.internal.ActionServlet.doGet(ActionServlet.java:91)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <write
ALERT offset = 0 length = 2>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <close():
28959207>
Here is what I have done:
1) I created a managed server using admin console
2) I created both an Identity and Trust keystore (jks type file) with the server's
private key (Identity) and the root trusted certificate authority (Trust).
3) I configured my managed server to use the two keystores
4) I edited the NodeManager.properties file to use the same keystores.
5) I started the NodeManager on the machine and I used the following command line
options by editing the %WL_HOME%\server\bin\startNodeManager.cmd file:
-Dweblogic.nodemanager.debugLevel=90
-Dssl.debug=true
-Djava.protocol.handler.pkgs=weblogic.net
6) I also added the following commands to my startWebLogic.cmd file:
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dssl.debug=true
-Djava.protocol.handler.pkgs=weblogic.net
7) I started my admin server and created a Machine that included the managed server.
8) I configured the NodeManager properties for the Machine I created to point
to the NodeManager already running on that physical box.
9) I clicked on the tab to "Monitor" the NodeManager/Machine and it died giving
the above exception.
I would have no idea why the Certificate chain would be "incomplete". The Issuer
and Subject DNs match up fine:
PRIVATE KEY BEING LOADED BY SSL MANAGER:
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[0]
= [
Version: V3
Subject: CN=host dns name, OU=USN, OU=PKI, OU=DoD, O=U.S. Government, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@1a0
Validity: [From: Fri Mar 05 08:59:26 EST 2004,
To: Mon Mar 06 08:59:26 EST 2006]
Issuer: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
ROOT CERTIFICATE AUTHORITY BEING LOADED:
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[1]
= [
Version: V3
Subject: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffa28
Validity: [From: Wed Jul 05 09:00:29 EDT 2000,
To: Tue Jul 04 09:00:29 EDT 2006]
Issuer: CN=DoD CLASS 3 Root CA, OU=PKI, OU=DoD, O=U.S. Government, C=US
Anyway, if anyone could provide me with some insight as to why I might be receiving
this error I would be sincerely indebted to you. I can't seem to find any other
people with the same problem in the Support archives. Thanks for all of the help!
Regards,
Cabell Fisher
Hi,
Can you please help me;
I have a similar problem on WL7 SP4 ( UNIX )
I have made a site that check https site.
When I try to read the page of the site, I've got Certificate chain is incomplete message.
On WL8 version ( WINDOWS ), I have no problem to retrieve certificate and then access to the site.
I have read that this error occure when Root CA Self signed certificat is not include in the keystore.
I'm using CACERTS keystore.
Can you tell me the process to generate the CA Root certificate and then import in the CACERTS.
Thanks a lot for your help.
Sincerely
Stephane
Similar Messages
-
After Setting Up SSO Managed Server Won't Start
I am using the Oracle supplied white paper to set up SSO using Active Directory. Following those instructions everything was working and testing correctly until I added the NegotiateIdentityAsserter provider to the list of WLS providers. Now the managed server won't start. The admin server starts without any errors and goes to the RUNNING state. But the Start BI Services command window gets to the wls.alive: prompt and hangs. And hangs. Eventually the window goes away and it may throw an error but I've never seen it. You can login to the WLS console and EM without a problem. Remove the new provider and everything comes up normally. I have looked at the krb5.ini and krb5login.conf files and even rewritten them from scratch without any change in behavior.
While looking for answers I ran into the SPNEGOCheck webapp that Oracle makes available to diagnose problems. It says everything is OK until it parses the krb5login.conf and then complains that the Username associated with SPN in AD is blank and so doesn't match the SPN specified in the krblogin config. But I can't see anything wrong in the files themselves.
from the log:
In section 'libdefaults'
LSA: Found Ticket
LSA: Made NewWeakGlobalRef
LSA: Found PrincipalName
LSA: Made NewWeakGlobalRef
LSA: Found DerValue
LSA: Made NewWeakGlobalRef
LSA: Found EncryptionKey
LSA: Made NewWeakGlobalRef
LSA: Found TicketFlags
LSA: Made NewWeakGlobalRef
LSA: Found KerberosTime
LSA: Made NewWeakGlobalRef
LSA: Found String
LSA: Made NewWeakGlobalRef
LSA: Found DerValue constructor
LSA: Found Ticket constructor
LSA: Found PrincipalName constructor
LSA: Found EncryptionKey constructor
LSA: Found TicketFlags constructor
LSA: Found KerberosTime constructor
LSA: Finished OnLoad processing
Config name: C:\Windows\krb5.ini
KdcAccessibility: reset
KdcAccessibility: reset
Reachable? true
Connection seems to have succeeded.
Parsing section contents 'com.sun.security.jgss.krb5.accept { com.sun.security.auth.module.Krb5LoginModule required principal="[email protected]" keyTab=biwhse1a.keytab useKeyTab=true storeKey=true debug=true;};'
Section name: 'com.sun.security.jgss.krb5.accept'
Getting next NV pair beginning at 'principal="[email protected]" keyTab=biwhse1a.keytab useKeyTab=true storeKey=true debug=true'
NVPair name: 'principal' value: '[email protected]'
NVPair name: 'keyTab' value: 'biwhse1a.keytab'
NVPair name: 'useKeyTab' value: 'true'
NVPair name: 'storeKey' value: 'true'
Got back 4 name/value pairs.
section com.sun.security.jgss.krb5.accept should probably contain a setting for debug=true
Section com.sun.security.jgss.krb5.accept seems OK
The krb5.ini file:
[libdefaults]
default_realm = SRS1.COM
default_tkt_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc
ticket_lifetime = 600
[realms]
SRS1.COM = {
kdc = 129.58.120.200
admin_server = adc01.srs1.com
default_domain = SRS1.COM
[domain_realm]
.srs1.com = SRS1.COM
[appdefaults]
autologin = true
forward = true
forwardable = true
encrypt = true
The krb5login.conf file:
com.sun.security.jgss.krb5.accept {
com.sun.security.auth.module.Krb5LoginModule required
principal="[email protected]"
keyTab=biwhse1a.keytab
useKeyTab=true
storeKey=true
debug=true;
[D:\] setspn -L bi_kerb_prin
Registered ServicePrincipalNames for CN=bi_kerb_prin,OU=Non-Person Users,OU=WRC Users,DC=srs1,DC=com:
HTTP/biwhse1a.srs1.com
HTTP/biwhse1a
[D:\]
OBIEE 11.1.1.6.2 BP2
Windows Server 2008 SP1Did you try -Djava.security.krb5.conf=<path>/krb5.conf before the %EXTRA_JAVA_PROPERTIES%. in your C:\OBI\user_projects\domains\bifoundation_domain\bin\setDomainEnv.cmd .?
Also change your JAAS config file and try with
com.sun.security.jgss.krb5.initiate {
com.sun.security.auth.module.Krb5LoginModule required
principal="HTTP/[email protected]"
keyTab=biwhse1a.keytab
useKeyTab=true
storeKey=true
debug=true;
com.sun.security.jgss.krb5.accept {
com.sun.security.auth.module.Krb5LoginModule required
principal="HTTP/[email protected]"
keyTab=biwhse1a.keytab
useKeyTab=true
storeKey=true
debug=true;
Now restart and see.
Hope this helps. Pls mark if it does.
Thanks,
SVS
Edited by: SSVS on Mar 17, 2013 11:47 PM -
Unable to start Managed server from admin console using nodemanager
I changed the ip address and hostname of the server on which Weblogic Server 10.3.5 is running. After that I am unable to start the managed servers using Admin console. Is there any changes in the nodemanager configuration files which need to be done to start the managed servers from admin console.
Hi there,
Can you check the following configuration in Weblogic admin console ?
1- Check which listen address mentioned under the Machine configuration ( Environment > Machines > select appropriate nodemanager machine >Configuration > Node Manager ). If it is pointing to old host name, change it to new one.
2- Once you done with Step 1. Check whether the machine is reachable or not. ( Machine > [Your Machine] > Monitoring > status.
3- If still isuse persists.. Check the managed server startup log files ( for eg:- managedserver1.out under the path $DOMAIN_HOME\Servers\managedserver1\logs directory.
Thanks
Lakshman -
[Security:090508]Certificate chain received from 'hostname' was incomplete
Hey All,
I am trying to set up a Managed Server and have it talk to the NodeManager running
(Weblogic 8.1 SP2) on the same machine. I can't, however, seem to get a good
SSL handshake between the two. I get the following error:
####<Mar 11, 2004 9:55:56 AM EST> <Warning> <Security> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <BEA-090508>
<Certificate chain received from hostname - ipaddress was incomplete.>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Validation
error = 4>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Certificate
chain is incomplete>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <SSLTrustValidator
returns: 4>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <Trust
status (4): CERT_CHAIN_INCOMPLETE>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <NEW
ALERT: com.certicom.tls.record.alert.Alert@1642565 Severity: 2 Type: 42
java.lang.Throwable: Stack trace
at weblogic.security.utils.SSLSetup.debug(SSLSetup.java:265)
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown
Source)
at com.certicom.tls.record.ReadHandler.interpretContent(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at sun.nio.cs.StreamEncoder$CharsetSE.writeBytes(StreamEncoder.java:336)
at sun.nio.cs.StreamEncoder$CharsetSE.implFlushBuffer(StreamEncoder.java:404)
at sun.nio.cs.StreamEncoder$CharsetSE.implFlush(StreamEncoder.java:408)
at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152)
at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213)
at java.io.BufferedWriter.flush(BufferedWriter.java:230)
at weblogic.nodemanager.client.CommandInvoker.execute(CommandInvoker.java:113)
at weblogic.nodemanager.client.CommandInvoker.invoke(CommandInvoker.java:91)
at weblogic.nodemanager.client.NodeManagerClient.executeCommand(NodeManagerClient.java:161)
at weblogic.nodemanager.client.NodeManagerRuntime.executeNMCommand(NodeManagerRuntime.java:1058)
at weblogic.nodemanager.client.NodeManagerRuntime.ping(NodeManagerRuntime.java:688)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl.java:711)
at weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:690)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.private_invoke(RemoteMBeanServerImpl.java:947)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:908)
at weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:946)
at weblogic.management.internal.MBeanProxy.invokeForCachingStub(MBeanProxy.java:481)
at weblogic.management.runtime.NodeManagerRuntimeMBean_Stub.ping(NodeManagerRuntimeMBean_Stub.java:543)
at weblogic.management.console.webapp._domain.__machine._jspService(__machine.java:669)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:301)
at weblogic.servlet.jsp.PageContextImpl.forward(PageContextImpl.java:150)
at weblogic.management.console.actions.ForwardAction.perform(ForwardAction.java:35)
at weblogic.management.console.actions.internal.ActionServlet.doAction(ActionServlet.java:173)
at weblogic.management.console.actions.internal.ActionServlet.doGet(ActionServlet.java:91)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <write
ALERT offset = 0 length = 2>
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> <close():
28959207>
Here is what I have done:
1) I created a managed server using admin console
2) I created both an Identity and Trust keystore (jks type file) with the server's
private key (Identity) and the root trusted certificate authority (Trust).
3) I configured my managed server to use the two keystores
4) I edited the NodeManager.properties file to use the same keystores.
5) I started the NodeManager on the machine and I used the following command line
options by editing the %WL_HOME%\server\bin\startNodeManager.cmd file:
-Dweblogic.nodemanager.debugLevel=90
-Dssl.debug=true
-Djava.protocol.handler.pkgs=weblogic.net
6) I also added the following commands to my startWebLogic.cmd file:
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dssl.debug=true
-Djava.protocol.handler.pkgs=weblogic.net
7) I started my admin server and created a Machine that included the managed server.
8) I configured the NodeManager properties for the Machine I created to point
to the NodeManager already running on that physical box.
9) I clicked on the tab to "Monitor" the NodeManager/Machine and it died giving
the above exception.
I would have no idea why the Certificate chain would be "incomplete". The Issuer
and Subject DNs match up fine:
PRIVATE KEY BEING LOADED BY SSL MANAGER:
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[0]
= [
Version: V3
Subject: CN=host dns name, OU=USN, OU=PKI, OU=DoD, O=U.S. Government, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@1a0
Validity: [From: Fri Mar 05 08:59:26 EST 2004,
To: Mon Mar 06 08:59:26 EST 2006]
Issuer: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
ROOT CERTIFICATE AUTHORITY BEING LOADED:
####<Mar 11, 2004 9:55:56 AM EST> <Debug> <TLS> <GENESIS2> <GENESIS2_Admin_Server>
<ExecuteThread: '1' for queue: 'weblogic.admin.HTTP'> <admin> <> <000000> < cert[1]
= [
Version: V3
Subject: CN=DOD CLASS 3 CA-3, OU=PKI, OU=DoD, O=U.S. Government, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffa28
Validity: [From: Wed Jul 05 09:00:29 EDT 2000,
To: Tue Jul 04 09:00:29 EDT 2006]
Issuer: CN=DoD CLASS 3 Root CA, OU=PKI, OU=DoD, O=U.S. Government, C=US
Anyway, if anyone could provide me with some insight as to why I might be receiving
this error I would be sincerely indebted to you. I can't seem to find any other
people with the same problem in the Support archives. Thanks for all of the help!
Regards,
Cabell FisherHi,
Can you please help me;
I have a similar problem on WL7 SP4 ( UNIX )
I have made a site that check https site.
When I try to read the page of the site, I've got Certificate chain is incomplete message.
On WL8 version ( WINDOWS ), I have no problem to retrieve certificate and then access to the site.
I have read that this error occure when Root CA Self signed certificat is not include in the keystore.
I'm using CACERTS keystore.
Can you tell me the process to generate the CA Root certificate and then import in the CACERTS.
Thanks a lot for your help.
Sincerely
Stephane -
Running OSX 10.6.8, and I received a Software Update notification this morning stating that Java has a security update available. So, being the dilligent updater that I am, I updated to Java SE 6 1.6.0_33. Now Final Cut Server will not launch, stating "Unsigned application requesting unrestricted access to system"
Is there an exception list somewhere for the Java client to which I can add FCS? (Sorry, I'm not very familiar with Java)
Here is the launch file and exception info:
<?xml version="1.0" encoding="utf-8"?>
<jnlp
spec="1.0+"
codebase="http://192.168.1.103" href="/FinalCutServer/FinalCutServer_mac.jnlp">
<information>
<icon kind="default" href="~fcsvr/webstart/FinalCutServer.icns"/>
<icon kind="shortcut" href="~fcsvr/webstart/FinalCutServer.icns"/>
<icon kind="splash" href="~fcsvr/webstart/FinalCutServer.png"/>
<title>Final Cut Server</title>
<vendor>Apple Inc.</vendor>
<homepage href="/FinalCutServer"/>
<description>Final Cut Server</description>
<description kind="short">Final Cut Server</description>
<shortcut online="true">
<desktop/>
<menu submenu="Apple"/>
</shortcut>
</information>
<security>
<all-permissions/>
</security>
<resources>
<jar href="/~fcsvr/webstart/FinalCutServer.jar"/>
<j2se version="1.5*" initial-heap-size="64m" max-heap-size="300m" java-vm-args="-Dapple.awt.graphics.UseQuartz=false"/>
<j2se version="1.6*" initial-heap-size="64m" max-heap-size="300m" java-vm-args="-Dapple.awt.graphics.UseQuartz=false -d32"/>
<property name="apple.awt.graphics.UseQuartz" value="false"/>
<property name="file.encoding" value="UTF-8"/>
</resources>
<resources os="Mac OS X" arch="i386">
<nativelib href="/~fcsvr/webstart/FinalCutServer_MacOSX.jar"/>
</resources>
<resources os="Mac OS X" arch="ppc">
<nativelib href="/~fcsvr/webstart/FinalCutServer_MacOSX.jar"/>
</resources>
<application-desc main-class="com.apple.FinalCutServer.javaui.FinalCutServer">
</application-desc>
</jnlp>
JNLPException[category: Security Error : Exception: null : LaunchDesc:
<jnlp spec="1.0+" codebase="http://192.168.1.103/" href="http://192.168.1.103/FinalCutServer/FinalCutServer_mac.jnlp">
<information>
<title>Final Cut Server</title>
<vendor>Apple Inc.</vendor>
<homepage href="http://192.168.1.103/FinalCutServer"/>
<description>Final Cut Server</description>
<description kind="short">Final Cut Server</description>
<icon href="http://192.168.1.103/~fcsvr/webstart/FinalCutServer.icns" kind="default"/>
<icon href="http://192.168.1.103/~fcsvr/webstart/FinalCutServer.icns" kind="shortcut"/>
<icon href="http://192.168.1.103/~fcsvr/webstart/FinalCutServer.png" kind="splash"/>
<shortcut online="true">
<desktop/>
<menu submenu="Apple"/>
</shortcut>
</information>
<security>
<all-permissions/>
</security>
<update check="timeout" policy="always"/>
<resources>
<jar href="http://192.168.1.103/~fcsvr/webstart/FinalCutServer.jar" download="eager" main="false"/>
<java initial-heap-size="67108864" max-heap-size="314572800" java-vm-args="-Dapple.awt.graphics.UseQuartz=false" version="1.5*"/>
<java initial-heap-size="67108864" max-heap-size="314572800" java-vm-args="-Dapple.awt.graphics.UseQuartz=false -d32" version="1.6*"/>
<property name="apple.awt.graphics.UseQuartz" value="false"/>
<property name="file.encoding" value="UTF-8"/>
<nativelib href="http://192.168.1.103/~fcsvr/webstart/FinalCutServer_MacOSX.jar" download="eager" main="false"/>
</resources>
<application-desc main-class="com.apple.FinalCutServer.javaui.FinalCutServer"/>
</jnlp> ]
at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(LaunchDownload.java:16 91)
at com.sun.javaws.LaunchDownload.checkSignedResources(LaunchDownload.java:1507)
at com.sun.javaws.Launcher.prepareResources(Launcher.java:1281)
at com.sun.javaws.Launcher.prepareAllResources(Launcher.java:634)
at com.sun.javaws.Launcher.prepareToLaunch(Launcher.java:336)
at com.sun.javaws.Launcher.prepareToLaunch(Launcher.java:208)
at com.sun.javaws.Launcher.launch(Launcher.java:125)
at com.sun.javaws.Main.launchApp(Main.java:451)
at com.sun.javaws.Main.continueInSecureThread(Main.java:283)
at com.sun.javaws.Main$1.run(Main.java:116)
at java.lang.Thread.run(Thread.java:680)Aha! I was able to solve the problem thanks to the help of another editor.
Open Java Preferences (Applications > Utilities)
Click the check box on the first page to allow web applets
Under the security tab, there will be an existing Security Certificate (signed by Apple Inc.) that is likely for FCSvr. Delete the certificate.
Open FCSvr again, and Java will prompt you as to allow it or not. Click Allow and tell it to remember for future use.
Badabing, badaboom! FCSvr is back up and running!
(Note this is for client-side only) -
Mac mini server won't reboot after Installing security update 2010-003
This has already been posted and remaines "unanswered".
After updating to Snow Leopard Server 10.6.3 and attempting to reboot, the mac mini (HDMI) hangs on the gray apple logo with progress spinning. It takes me several times to force the mac mini to power down and try again, before it finally loads the login screen.
any suggestions?Odd.
So it's hanging while starting services, it looks like, the firewall in particular, have you tried a safe boot?
If not, hold down the shift key right after you hear the power-on chime, keep holding it till you see a spinning gear.
This boots up without extra kernel extensions and fonts, clears font caches, and runs a disk verify and a repair if needed. If you still can't boot reliably in safe mode, you may need to run an archive/install. -
Can't start vanilla 8.1.4 platform managed server via NodeManager
I cannot get a managed server to start via the NodeManager if I create a WL Platform domain. I CAN get it to work just fine if I create a regular WLS domain. I was wondering if anyone else has seen this behavior.
Steps to Reproduce
===================
1) Use the configuration wizard to create a WebLogic Platform domain. Name the domain "Test". Use all defaults.
2) Once the domain is created, go into the domain directory and run the create_db.cmd script to build out the necessary tables to support the platform domain
3) Start the node manager. On my machine I use the following command:
C:\bea\weblogic81\server\bin\startnodemanager 127.0.0.1 5555
4) Start the admin server via the startWebLogic.cmd file
5) Open the console for the admin server. Create a Machine "MyMachine" (name is really unimportant). Use the default NodeManager port of 5555
6) Create a managed server. Call it "test1". Set the port to 8000 and be sure to assign it to the machine you just created.
7)Set the remote start properties. On my machine I just set the classpath to "c:\bea\weblogic81\server\lib\weblogic.jar;C:\bea\weblogic81\workshop\lib\wsrp-common.jar;C:\bea\weblogic81\server\lib\xbean.jar" and I also set the Java Home to point to the default JRocket JVM that ships with 8.1.4
8) Be sure to save your changes by hitting the "Apply" button. Then using the "Control" tab for the "test1" managed server, click the "Start this Server" link.
9) Wait about 30 - 40 seconds, then click on the server log for that server. On my machine I get the following exception in the log:
<Mar 22, 2005 6:04:46 PM PST> <Info> <[email protected]:5555> <Starting Server test::test1 ...>
<Mar 22, 2005 6:04:47 PM PST> <Info> <[email protected]:5555> <Server test::test1 started, process id = 5,504>
<Mar 22, 2005 6:04:48 PM PST> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with BEA WebLogic JRockit(TM) 1.4.2_05 JVM R24.4.0-1 Version ari-38120-20041118-1131-win-ia32 from BEA Systems, Inc.>
<Mar 22, 2005 6:04:49 PM PST> <Info> <Management> <BEA-141140> <The managed server is going to contact the admin server at http://169.254.40.11:7001 to check if there exists a running admin server at this URL.>
<Mar 22, 2005 6:04:49 PM PST> <Info> <Configuration Management> <BEA-150017> <This server is being started as a dependent managed server.>
<Mar 22, 2005 6:04:49 PM PST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 8.1 SP4 Mon Nov 29 16:21:29 PST 2004 471647
WebLogic XMLX Module 8.1 SP4 Mon Nov 29 16:21:29 PST 2004 471647 >
<Mar 22, 2005 6:04:49 PM PST> <Info> <Configuration Management> <BEA-150015> <Connecting to the administration server http://169.254.40.11:7001 to retrieve the initial configuration.>
<Mar 22, 2005 6:04:50 PM PST> <Notice> <Log Management> <BEA-170019> <The server log file C:\bea\weblogic81\common\nodemanager\test1\test1.log is opened. All server side log events will be written to this file.>
The WebLogic Server did not start up properly.
weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider java.lang.IllegalStateException: This query is too complex to be processed.
at weblogic.security.service.PrincipalAuthenticator.initialize(Ljava.lang.String;[Lweblogic.management.security.ProviderMBean;)V(PrincipalAuthenticator.java:205)
at weblogic.security.service.PrincipalAuthenticator.<init>(Ljava.lang.String;[Lweblogic.management.security.ProviderMBean;)V(PrincipalAuthenticator.java:262)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(Ljava.lang.String;Lweblogic.management.security.RealmMBean;)Lweblogic.security.service.PrincipalAuthenticator;(SecurityServiceManagerDelegateImpl.java:581)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(Lweblogic.management.security.RealmMBean;Ljava.util.HashMap;)V(SecurityServiceManagerDelegateImpl.java:420)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(Ljava.lang.String;)V(SecurityServiceManagerDelegateImpl.java:700)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms()V(SecurityServiceManagerDelegateImpl.java:733)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(Lweblogic.security.acl.internal.AuthenticatedSubject;)V(SecurityServiceManagerDelegateImpl.java:876)
at weblogic.security.service.SecurityServiceManager.initialize(Lweblogic.security.acl.internal.AuthenticatedSubject;)V(SecurityServiceManager.java:734)
at weblogic.t3.srvr.T3Srvr.initializeHere()V(T3Srvr.java:822)
at weblogic.t3.srvr.T3Srvr.initialize()V(T3Srvr.java:670)
at weblogic.t3.srvr.T3Srvr.run([Ljava.lang.String;)I(T3Srvr.java:344)
at weblogic.Server.main([Ljava.lang.String;)V(Server.java:32)
Reason: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider java.lang.IllegalStateException: This query is too complex to be processed.
<Mar 22, 2005 6:04:53 PM PST> <Critical> <WebLogicServer> <BEA-000364> <Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider java.lang.IllegalStateException: This query is too complex to be processed.
weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider java.lang.IllegalStateException: This query is too complex to be processed.
at weblogic.security.service.PrincipalAuthenticator.initialize(Ljava.lang.String;[Lweblogic.management.security.ProviderMBean;)V(PrincipalAuthenticator.java:205)
at weblogic.security.service.PrincipalAuthenticator.<init>(Ljava.lang.String;[Lweblogic.management.security.ProviderMBean;)V(PrincipalAuthenticator.java:262)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(Ljava.lang.String;Lweblogic.management.security.RealmMBean;)Lweblogic.security.service.PrincipalAuthenticator;(SecurityServiceManagerDelegateImpl.java:581)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(Lweblogic.management.security.RealmMBean;Ljava.util.HashMap;)V(SecurityServiceManagerDelegateImpl.java:420)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(Ljava.lang.String;)V(SecurityServiceManagerDelegateImpl.java:700)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms()V(SecurityServiceManagerDelegateImpl.java:733)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(Lweblogic.security.acl.internal.AuthenticatedSubject;)V(SecurityServiceManagerDelegateImpl.java:876)
at weblogic.security.service.SecurityServiceManager.initialize(Lweblogic.security.acl.internal.AuthenticatedSubject;)V(SecurityServiceManager.java:734)
at weblogic.t3.srvr.T3Srvr.initializeHere()V(T3Srvr.java:822)
at weblogic.t3.srvr.T3Srvr.initialize()V(T3Srvr.java:670)
at weblogic.t3.srvr.T3Srvr.run([Ljava.lang.String;)I(T3Srvr.java:344)
at weblogic.Server.main([Ljava.lang.String;)V(Server.java:32)
>
<Mar 22, 2005 6:04:53 PM PST> <Emergency> <WebLogicServer> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider java.lang.IllegalStateException: This query is too complex to be processed.>
I am baffled by this error. Can anyone help shed some light on this issue? I'm sure there is some bit I left un-flipped somewhere, but I don't know where to look. Many thanks in advance!
- JeffPlease help me over this error: (Weblogic clustered setup, two managed servers and one admin server, siteminder security providers configured)
bash-2.05$ ./startManagedWebLogic.sh managedServer5 http://sunert1.ad.infosys.com:7007
./startManagedWebLogic.sh: -Dsmasa.home=/export/home/ngtyasqa/bea/asa: not found
CLASSPATH=/export/home/ngtyasqa/bea/asa/conf:/export/home/ngtyasqa/bea/asa/lib/smjavaagentapi.jar:/e
xport/home/ngtyasqa/bea/asa/lib/log4j.jar:/export/home/ngtyasqa/bea/asa/lib/sm_jsafe.jar:/export/hom
e/ngtyasqa/bea/asa/lib/smclientclasses.jar:/export/home/ngtyasqa/bea/asa/lib/smjavasdk2.jar:/export/
home/ngtyasqa/bea/asa/lib/imsapi.jar/export/home/ngtyasqa/bea_kunal/jdk142_04/lib/tools.jar:/export/
home/ngtyasqa/bea/weblogic81/server/lib/weblogic_sp.jar:/export/home/ngtyasqa/bea/weblogic81/server/
lib/weblogic.jar::/export/home/ngtyasqa/bea/weblogic81/common/eval/pointbase/lib/pbserver44.jar:/exp
ort/home/ngtyasqa/bea/weblogic81/common/eval/pointbase/lib/pbclient44.jar:/export/home/ngtyasqa/bea_
kunal/jdk142_04/jre/lib/rt.jar:/export/home/ngtyasqa/bea/weblogic81/server/lib/webservices.jar:
PATH=/export/home/ngtyasqa/bea/weblogic81/server/bin:/export/home/ngtyasqa/bea_kunal/jdk142_04/jre/b
in:/export/home/ngtyasqa/bea_kunal/jdk142_04/bin:/export/home/ngtyasqa/bea_kunal/jdk142_04/bin:/usr/
bin
* To start WebLogic Server, use a username and *
* password assigned to an admin-level user. For *
* server administration, use the WebLogic Server *
* console at http://<hostname>:<port>/console *
<Mar 21, 2006 5:25:48 PM GMT+05:30> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server w
ith Java HotSpot(TM) Client VM Version 1.4.2_04-b05 from Sun Microsystems Inc.>
<Mar 21, 2006 5:25:49 PM GMT+05:30> <Info> <Management> <BEA-141140> <The managed server is going to
contact the admin server at http://sunert1.ad.infosys.com:7007 to check if there exists a running a
dmin server at this URL.>
<Mar 21, 2006 5:25:49 PM GMT+05:30> <Info> <Configuration Management> <BEA-150017> <This server is b
eing started as a dependent managed server.>
<Mar 21, 2006 5:25:49 PM GMT+05:30> <Info> <Management> <BEA-141107> <Version: WebLogic Server 8.1 S
P5 Mon Sep 19 23:06:54 PDT 2005 641358
WebLogic XMLX Module 8.1 SP5 Mon Sep 19 23:06:54 PDT 2005 641358 >
<Mar 21, 2006 5:25:50 PM GMT+05:30> <Info> <Configuration Management> <BEA-150015> <Connecting to th
e administration server http://sunert1.ad.infosys.com:7007 to retrieve the initial configuration.>
<Mar 21, 2006 5:25:54 PM GMT+05:30> <Notice> <Log Management> <BEA-170019> <The server log file /exp
ort/home/ngtyasqa/bea/user_projects/domains/mydomain/managedServer5/managedServer5.log is opened. Al
l server side log events will be written to this file.>
<Mar 21, 2006 5:26:03 PM GMT+05:30> <Critical> <WebLogicServer> <BEA-000364> <Server failed during i
nitialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: [Security:090371
]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexp
ected Exception - with nested exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;
[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Au
thentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with ne
sted exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;
[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:2
25)
at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:283)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManager
DelegateImpl.java:581)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServ
iceManagerDelegateImpl.java:420)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceMan
agerDelegateImpl.java:700)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecuritySer
viceManagerDelegateImpl.java:733)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceMa
nagerDelegateImpl.java:876)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:7
34)
at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
at weblogic.Server.main(Server.java:32)
>
<Mar 21, 2006 5:26:03 PM GMT+05:30> <Emergency> <WebLogicServer> <BEA-000342> <Unable to initialize
the server: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem inst
antiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Excepti
on - with nested exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;
[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]>
The WebLogic Server did not start up properly.
weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Au
thentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with ne
sted exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;
[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:2
25)
at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:283)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManager
DelegateImpl.java:581)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServ
iceManagerDelegateImpl.java:420)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceMan
agerDelegateImpl.java:700)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecuritySer
viceManagerDelegateImpl.java:733)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceMa
nagerDelegateImpl.java:876)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:7
34)
at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
at weblogic.Server.main(Server.java:32)
Reason: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instanti
ating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception -
with nested exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;
[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
Thanks and Regards,
Shefali -
Problems starting managed server via nodemanager
Hello,
I have a WebLogic 6.1 SP2 installation on two Solaris 8 maschines.
One hosts the admin server and the seconds hosts a managed server.
I installed the nodemanager on both maschines. They seems to run
normally.
I configured the "Remot Start" for the managed server as mentioned in
the manual. I didn't specified any values in that panel because the
nodemanager uses the same environment as the WLS so these values should
fit the managed WLS too.
But as I try to start the managed server I got the following error
message:
Starting WebLogic Server ....
Child exited
The WebLogic Server did not start up properly.
Exception raised:
java.lang.NoClassDefFoundError: java/lang/reflect/InvocationHandler
at weblogic.management.Admin.initialize(Admin.java:279)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:362)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
So I specified some basic values on the "Remote Start" panel:
BEA_HOME: /www/apps/bea/
ROOT_DIR: /www/apps/bea/wlserver6.1
CLASSPATH:
/www/apps/bea/wlserver6.1/lib/weblogic_sp.jar:/www/apps/bea/wlserver6.1/lib/weblogic.jar
No I got this message:
Starting WebLogic Server ....
The WebLogic Server did not start up properly.
Exception raised:
java.lang.NoClassDefFoundError: java/lang/reflect/InvocationHandler
at weblogic.management.Admin.initialize(Admin.java:279)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:362)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
Child exited
What did I wrong?
Has anybody experiences on this problem?
Thanks !
Falko Zurell - Webmaster
Pixelpark AG
Germanynodemanager must be using the old jvm (1.2.2 or whatever comes by
default with 2.8). set up the environment or modify
startNodeManager.sh so that it uses java 1.3.1 that ships with WLS6.1
o.
Falko Zurell <[email protected]> wrote in message news:<[email protected]>...
Hello,
I have a WebLogic 6.1 SP2 installation on two Solaris 8 maschines.
One hosts the admin server and the seconds hosts a managed server.
I installed the nodemanager on both maschines. They seems to run
normally.
I configured the "Remot Start" for the managed server as mentioned in
the manual. I didn't specified any values in that panel because the
nodemanager uses the same environment as the WLS so these values should
fit the managed WLS too.
But as I try to start the managed server I got the following error
message:
Starting WebLogic Server ....
Child exited
The WebLogic Server did not start up properly.
Exception raised:
java.lang.NoClassDefFoundError: java/lang/reflect/InvocationHandler
at weblogic.management.Admin.initialize(Admin.java:279)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:362)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
So I specified some basic values on the "Remote Start" panel:
BEA_HOME: /www/apps/bea/
ROOT_DIR: /www/apps/bea/wlserver6.1
CLASSPATH:
/www/apps/bea/wlserver6.1/lib/weblogic_sp.jar:/www/apps/bea/wlserver6.1/lib/weblogic.jar
No I got this message:
Starting WebLogic Server ....
The WebLogic Server did not start up properly.
Exception raised:
java.lang.NoClassDefFoundError: java/lang/reflect/InvocationHandler
at weblogic.management.Admin.initialize(Admin.java:279)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:362)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
Child exited
What did I wrong?
Has anybody experiences on this problem?
Thanks ! -
Forwarding to the security news group...
-------- Original Message --------
Subject: Starting Managed server problem ......
Date: 1 Jun 2004 23:02:53 -0700
From: Sameer <barsatkiraat2001>
Newsgroups: weblogic.developer.interest.management
Hi All,
I need you guy's help in this regard, that I am using solaris 8 and
installed Weblogic8.1 Server.
My Scenario is;
Have configured Admin Server and Managed server with nodemanager on one
unix machine.
So, what am facing the problem;
I am not able to get run Managed server after starting the nodemanager
and admin server, getting the error in nodemanager logs that is :
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <Security> <BEA-090482>
<BAD_CERTIFICATE alert was received from PortalQA - 10.12.10.94. Check
the peer to determine why it rejected the certificate chain (trusted CA
configuration, hostname verification). SSL debug tracing may be required
to determine the exact reason the certificate was rejected.>
And in Admin Server logs it's saying;
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <Security> <BEA-090504>
<Certificate chain received from PortalQA - 10.12.10.94 failed hostname
verification check. Certificate contained AdminQA but check expected
PortalQA>
The WebLogic Server did not start up properly.
Exception raised:
'weblogic.management.configuration.ConfigurationException: Due to faulty
SSL configuration, this server is unable to establish a connection to
the node manager.'
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <NodeManager> <BEA-300038>
<The node manager is unable to monitor this server. Could not create an
SSL connection to the node manager. Reason :
[Security:090504]Certificate chain received from PortalQA - 10.12.10.94
failed hostname verification check. Certificate contained AdminQA but
check expected PortalQA>
Reason: weblogic.management.configuration.ConfigurationException: Due to
faulty SSL configuration, this server is unable to establish a
connection to the node manager.
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Emergency> <WebLogicServer>
<BEA-000342> <Unable to initialize the server:
weblogic.management.configuration.ConfigurationException: Due to faulty
SSL configuration, this server is unable to establish a connection to
the node manager.>
If some one can help me, I do appreciate in all due respect.
Sameer.Hello Satya/All,
I'm also experiencing the exact problem you are facing. It would be great if
somebody could help in this regard at the earliest.
Thanks, senthil
Satya Ghattu <[email protected]> wrote:
Forwarding to the security news group...
-------- Original Message --------
Subject: Starting Managed server problem ......
Date: 1 Jun 2004 23:02:53 -0700
From: Sameer <barsatkiraat2001>
Newsgroups: weblogic.developer.interest.management
Hi All,
I need you guy's help in this regard, that I am using solaris 8 and
installed Weblogic8.1 Server.
My Scenario is;
Have configured Admin Server and Managed server with nodemanager on one
unix machine.
So, what am facing the problem;
I am not able to get run Managed server after starting the nodemanager
and admin server, getting the error in nodemanager logs that is :
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <Security> <BEA-090482>
<BAD_CERTIFICATE alert was received from PortalQA - 10.12.10.94. Check
the peer to determine why it rejected the certificate chain (trusted
CA
configuration, hostname verification). SSL debug tracing may be required
to determine the exact reason the certificate was rejected.>
And in Admin Server logs it's saying;
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <Security> <BEA-090504>
<Certificate chain received from PortalQA - 10.12.10.94 failed hostname
verification check. Certificate contained AdminQA but check expected
PortalQA>
The WebLogic Server did not start up properly.
Exception raised:
'weblogic.management.configuration.ConfigurationException: Due to faulty
SSL configuration, this server is unable to establish a connection to
the node manager.'
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <NodeManager> <BEA-300038>
<The node manager is unable to monitor this server. Could not create
an
SSL connection to the node manager. Reason :
[Security:090504]Certificate chain received from PortalQA - 10.12.10.94
failed hostname verification check. Certificate contained AdminQA but
check expected PortalQA>
Reason: weblogic.management.configuration.ConfigurationException: Due
to
faulty SSL configuration, this server is unable to establish a
connection to the node manager.
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Emergency> <WebLogicServer>
<BEA-000342> <Unable to initialize the server:
weblogic.management.configuration.ConfigurationException: Due to faulty
SSL configuration, this server is unable to establish a connection to
the node manager.>
If some one can help me, I do appreciate in all due respect.
Sameer. -
Starting Managed server problem ......
Hi All,
I need you guy's help in this regard, that I am using solaris 8 and installed Weblogic8.1 Server.
My Scenario is;
Have configured Admin Server and Managed server with nodemanager on one unix machine.
So, what am facing the problem;
I am not able to get run Managed server after starting the nodemanager and admin server, getting the error in nodemanager logs that is :
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <Security> <BEA-090482> <BAD_CERTIFICATE alert was received from PortalQA - 10.12.10.94. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.>
And in Admin Server logs it's saying;
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <Security> <BEA-090504> <Certificate chain received from PortalQA - 10.12.10.94 failed hostname verification check. Certificate contained AdminQA but check expected PortalQA>
The WebLogic Server did not start up properly.
Exception raised: 'weblogic.management.configuration.ConfigurationException: Due to faulty SSL configuration, this server is unable to establish a connection to the node manager.'
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Warning> <NodeManager> <BEA-300038> <The node manager is unable to monitor this server. Could not create an SSL connection to the node manager. Reason : [Security:090504]Certificate chain received from PortalQA - 10.12.10.94 failed hostname verification check. Certificate contained AdminQA but check expected PortalQA>
Reason: weblogic.management.configuration.ConfigurationException: Due to faulty SSL configuration, this server is unable to establish a connection to the node manager.
<Jun 2, 2004 9:44:26 AM GMT 04:00> <Emergency> <WebLogicServer> <BEA-000342> <Unable to initialize the server: weblogic.management.configuration.ConfigurationException: Due to faulty SSL configuration, this server is unable to establish a connection to the node manager.>
If some one can help me, I do appreciate in all due respect.
Sameer.Hello,
NodeManager requires proper SSL configuration. Are you sure you are using the right certificates?
Try running AS with following option
-Dweblogic.security.SSL.ignoreHostnameVerification=true
Ali -
WC_Spaces Managed server not showing up in AdminServer
I am trying to install the webCenter spaces managed server. I installed the schema to database and extended my existing domain with the spaces product and I have all the products that you have to install with it, but when I start the admin server the spaces managed server is not showing up. I created a new domain and put space on that one and when i start the new domains admin server is see the WC_Spaces managed server. Why is it not showing up on my existing domain?
Hi,
By default any managed server will not be up we need to start them by help of Nodemanager or by standalone using script called startManagedWebLogic.sh or cmd file.
when you try to start Managed server from Admin Console then try to enable to Machine for the Managed server where Machine will configure Nodemanager details. Start Nodemanager then in Monitoring of Nodemanager under Machine will show Reachable.
Then we are able to start Managed server through Admin Console.
If you dont want to start through Nodemanager then use following command.
Under Domain_Home / bin / folder
you will find startManagedWebLogic.sh file in Unix and .cmd file in Windows.
Now you following command ./startManagedWebLogic.sh t3://<AdminServer URL >:<Admin Port>
This will help to start Managed server.
Note: Make sure that you have security folder under managed server and provide boot.properties with username and password so that it can encrypted once it get started or else every time we need to provide username and password at startup.
Regards,
Kal -
Start Managed Server from Admine clonsole FAILED_NOT_RESTARTABLE
when trying to start the managed server Managed-Server-01 from the WLS Admin Console the managed server status becomes <FAILED_NOT_RESTARTABLE> and not coming up:
Managed servers logs:
/usr/local/bea/user_projects/domains/eShop/servers/Managed-Server-01/logs:
3/data/nodemanager/boot.properties -Dweblogic.nodemanager.ServiceEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=false -Dweblogic.ReverseDNSAllowed=false>
<Sep 13, 2011 6:15:46 PM> <Debug> <NodeManager> <Environment: SERVER_NAME=Managed-Server-03>
<Sep 13, 2011 6:15:46 PM> <Info> <NodeManager> <Working directory is "/usr/local/bea/user_projects/domains/eShop">
<Sep 13, 2011 6:15:46 PM> <Info> <NodeManager> <Server output log file is "/usr/local/bea/user_projects/domains/eShop/servers/Managed-Server-03/logs/Managed-Server-03.out">
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: uname: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: grep: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: uname: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: grep: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: uname: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: grep: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: grep: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: uname: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: expr: not found
/usr/local/bea/user_projects/domains/eShop/bin/startWebLogic.sh: test: argument expected
<Sep 13, 2011 6:15:47 PM> <Debug> <NodeManager> <Waiting for the process to die: 1226>
<Sep 13, 2011 6:15:47 PM> <Info> <NodeManager> <Server failed during startup so will not be restarted>
<Sep 13, 2011 6:15:47 PM> <Debug> <NodeManager> <runMonitor returned, setting finished=true and notifying waiters>
--=--
Node Manager log during Managed-Server-01 start from WLS Admin Console shows:
15:46 PM> <Info> <eShop> <Managed-Server-03> <Working directory is "/usr/local/bea/user_projects/domains/eShop">
<Sep 13, 2011 6:15:46 PM> <Info> <eShop> <Managed-Server-03> <Server output log file is "/usr/local/bea/user_projects/domains/eShop/servers/Managed-Server-03/logs/Managed-Server
-03.out">
<Sep 13, 2011 6:15:47 PM> <Info> <eShop> <Managed-Server-03> <Server failed during startup so will not be restarted>
<Sep 13, 2011 6:15:47 PM> <Warning> <Exception while starting server 'Managed-Server-03': java.io.IOException: Server failed to start up. See server output log for more details.
>
java.io.IOException: Server failed to start up. See server output log for more details.
at weblogic.nodemanager.server.ServerManager.start(ServerManager.java:303)
at weblogic.nodemanager.server.Handler.handleStart(Handler.java:542)
at weblogic.nodemanager.server.Handler.handleCommand(Handler.java:119)
at weblogic.nodemanager.server.Handler.run(Handler.java:66)
at java.lang.Thread.run(Thread.java:6
Note:
The installation of WLS done using Root.
We can start/stop MS using conventional ways.
Cheers,although i am not an expert,
but i am very confident that any WLS you install,
it can be configured like i tried it,
First Environment-----Machine
Add a machine by giving a name
Second Environment------Server
Add a server giving a sever name
Third Environment----machine
Add the server to the machine from the tab server
Fourth Environment-------server
Add A a SSL Port to the Sever and save
Click Start Server and every thing goes well
Thanks
Edited by: kashif, pakistan on Sep 14, 2011 4:09 AM -
Managed Server FAILED_NOT_RESTARTABLE
Hi,
My security providers is in the following order -
1. NegotiateIdentityAsserter - Control Flag - Sufficient
2. ActiveDirectoryAuthenticator - Control Flag - Sufficient
3. ReadOnlySqlAuthenticator - Control Flag - Sufficient
4. DefaultAutehticator Control Flag - Optional
5. DefaultIdentityAsserter
Whenever i change the control flag of my ReadOnlySqlAuthenticator from Sufficient to Required, and then restart the managed server i get the FAILED_NOT_RESTARTABLE in admin console.
How can i change the control flag to required for ReadOnlySqlAuthenticator?
below is the log file. i use 11g release 2
####<Oct 1, 2013 2:25:29 PM IST> <Critical> <WebLogicServer> <ROME> <ADFServer> <Main Thread> <<WLS Kernel>> <> <> <1380617729307> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:960)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied
at weblogic.security.providers.authentication.shared.DBMSAtnLoginModuleImpl.login(DBMSAtnLoginModuleImpl.java:284)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:684)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy39.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy57.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:338)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:930)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:879)
at weblogic.security.SecurityService.start(SecurityService.java:142)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>
####<Oct 1, 2013 2:25:29 PM IST> <Notice> <WebLogicServer> <ROME> <ADFServer> <Main Thread> <<WLS Kernel>> <> <> <1380617729478> <BEA-000365> <Server state changed to FAILED>
####<Oct 1, 2013 2:25:29 PM IST> <Error> <WebLogicServer> <ROME> <ADFServer> <Main Thread> <<WLS Kernel>> <> <> <1380617729478> <BEA-000383> <A critical service failed. The server will shut itself down>
####<Oct 1, 2013 2:25:29 PM IST> <Notice> <WebLogicServer> <ROME> <ADFServer> <Main Thread> <<WLS Kernel>> <> <> <1380617729494> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>1. Used -Xrs in "server start" at console for managed server.
2. weblogic_home\common\nodemanager\nodemanager.properties
Made changes in following parameter:
CrashRecoveryEnabled=true
StartScriptEnabled=true
3. Rename the weblogic_home\user_projects\domains\base_domain\servers\ManagedServer_1\data\nodemanager directory.
4. start Managed server from console.
5. Reboot Machine without shutting down the weblogic services
Regards.
Lam... -
Managed Server will not start with 2-way SSL enabled
When attempting to start a managed server, using the nodemanager (all of the servers have two-way ssl configured...using the same keystores) the start-up fails, giving the following error:
<Warning> <Security> <BEA-090497> <HANDSHAKE_FAILURE alert received from hostname - ip address. Check both sides of the SSL configuration for mismatches in supported ciphers, supported protocol versions, trusted CAs, and hostname verification settings.>
Hostname verification is off for all of the servers and the trust store should trust the certificate in the identity store.
Is this an issue with the managed server not being able to pass the identity certificate during the handshake?
Thanks in advance for any help!hi
the following link may hekpful to you
http://webservices.bea.com:8080/Clarify/getCaseDetails.do?caseID=537204
open a support case with bea
Regards
Prasanna Yalam -
Error in starting the Managed Server.
Hi,
Weblogic Version : 10.3.6.
I got the below error while i tried to start my Managed server.
I followed the link Starting/Stoping Weblogic Managed Server - weblogicexpert to start my managed server.
I have provided my AdminServer user name and password.Am trying to start my Managed Server MS1.
Error LOG:
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy16.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy34.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:338)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:930)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Regards,
Prasad K T,As Shadab said there is no boot.properties file created in Managed Server MS1.
I manually created boot.properties with the below text.
# Generated by Configuration Wizard on Thu Mar 05 18:08:49 IST 2015
username=weblogic
password=weblogic1
Now i received the error log as
####<Mar 5, 2015 8:05:59 PM IST> <Critical> <Security> <PRASAD-VAIO> <MS1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1425566159374> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
####<Mar 5, 2015 8:05:59 PM IST> <Critical> <WebLogicServer> <PRASAD-VAIO> <MS1> <main> <<WLS Kernel>> <> <> <1425566159376> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:960)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy16.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy34.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:338)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:930)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>
Maybe you are looking for
-
Can I use home sharing for AppleTV with Time Capsule and have my iMac powered off?
I wish to be able to use AppleTV without having my iMac powered on. Is there a way to have my iTunes library on my Time Capsule so I can use AppleTV directly from it?
-
[SOLVED] xserver 1.5 and KDE 4 keymaps - strange behavior
I apologize if this has already been addressed, but I have read every thread about this I can find, and the wiki page, and I can't find a solution. I use a standard US keyboard (it's a laptop), but with the Dvorak keymap. Most things work fine, exce
-
Hi I am going to upgrade my original hard drive in my Mac Book Pro, with a Western Digital Scorpio Black 7200 rpm, and have a question. Which is the best way to do this? Is it best to clone the old drive onto the new one or best to format the new dri
-
hello ! i'm shamain silva,now i live in sri lanka.while im in dubai,i bought a iphone,when im on my bussiness work someone stole my mobile,so icomplained it to srilankan policewith the IMEI NO and all other my details,under referance no of C.I.B 4 12
-
Cannot crop a photo...
I tried cropping some photos(edit>crop) but then my iPad restarts by itself. I do it over and over but the same thing happens. Do you think it's because I have too many photos?(I have 882 photos) Or is it because I'm cropping a screen shot photo. HEL