Weblogic 10.3.6 SSL configuration with Crt files

I have 3 files;
AddTrustExternalCARoot.crt
TrustedSecureCertificateAuthority_3.crt
www_abcd_com.crt
Weblogic asks me Custom Identity Keystore and Custom Trust Keystore jks files. How can i configure a weblogic 10.3.6 server instance with this keys?

Similar Messages

WebLogic 9.2 - Replacing apache_xbean.jar with the file xmlbeans-2.4.0.jar

Hello All,
I am a newbie in the forum.
I have been using WebLogic9.2 for a while, but in my new company there was a unique request to replace the following files in WebLogic 9.2 installation.
The development team wants to replace the:
Original Jar: bea\weblogic92\common\lib\apache_xbean.jar [This file comes along with the WebLogic 9.2 installation]
with this file.
Replaced Jar: bea\weblogic92\common\lib\xmlbeans-2.4.0.jar [This file has to be downloaded from apache.org website]
The reason the developers want these file to be replaced is they are trying to generate xlsx reports from database and the new file works ok for them after replacing it with the old file.
CAN WE REPLACE THE ORIGINAL FILE WITH THE NEW ONE.
I am not sure of the consequences this would have on WebLogic performance and security.
Can some one throw light on this.
Regards,
Kumar

Hello Jaysen,
As per your suggestions, I asked the developers to try the procedure....
THEY SENT ME THIS HUGE ERROR LOG....DONT KNOW IF THIS IS ANY OF YOUR PAIN TO UNDERSTAND...CAN YOU HELP!
==================================================
The following is the error trace:
ERROR ContextLoader - Context initialization failed
java.lang.LinkageError: Class org/xml/sax/InputSource violates loader constraints
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:620)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)
at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericClassLoader.java:338)
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:291)
at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:259)
at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:54)
at weblogic.utils.classloaders.ChangeAwareClassLoader.loadClass(ChangeAwareClassLoader.java:40)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:338)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:310)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:143)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:178)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:149)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:92)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:123)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:423)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:353)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:375)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:83)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1591)
at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:2734)
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:892)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:336)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:117)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:26)
at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:641)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:229)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:80)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:565)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:136)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:104)
at weblogic.deploy.internal.targetserver.operations.StartOperation.doCommit(StartOperation.java:128)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:320)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:815)
at weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1222)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:433)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:161)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:181)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:12)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:67)
at weblogic.work.ServerWorkManagerImpl$WorkAdapterImpl.run(ServerWorkManagerImpl.java:518)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
[Loaded weblogic.logging.ThrowableInfo from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
<Aug 4, 2010 10:51:46 AM GMT+05:30> <Warning> <HTTP> <BEA-101162> <User defined listener org.springframework.web.context.ContextLoaderListener failed: java.lang.LinkageError: Class org/xml/sax/InputSource violates loader constraints.
java.lang.LinkageError: Class org/xml/sax/InputSource violates loader constraints
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:620)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)
at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericClassLoader.java:338)
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:291)
Truncated. see log file for complete stacktrace
>
[Loaded javax.management.RuntimeErrorException from C:\bea\JDK150~1\jre\lib\rt.jar]
[Loaded javax.management.RuntimeMBeanException from C:\bea\JDK150~1\jre\lib\rt.jar]
[Loaded java.lang.reflect.InvocationTargetException from C:\bea\JDK150~1\jre\lib\rt.jar]
[Loaded java.lang.reflect.UndeclaredThrowableException from C:\bea\JDK150~1\jre\lib\rt.jar]
[Loaded weblogic.application.ModuleException from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.application.utils.StateChangeException from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.utils.NestedThrowable$Util from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.application.utils.ExceptionUtils from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.servlet.internal.session.MemorySessionContext$SessionCleanupAction from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor136 from __JVM_DefineClass__]
[Loaded javax.naming.ContextNotEmptyException from C:\bea\JDK150~1\jre\lib\rt.jar]
[Loaded weblogic.application.internal.flow.ModuleStateDriver$DestroyStateChange from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
<Aug 4, 2010 10:51:46 AM GMT+05:30> <Error> <Deployer> <BEA-149265> <Failure occured in the execution of deployment request with ID '1280899305658' for task '1'. Error is: 'weblogic.application.ModuleException: '
weblogic.application.ModuleException:
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:894)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:336)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
Truncated. see log file for complete stacktrace
java.lang.LinkageError: Class org/xml/sax/InputSource violates loader constraints
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:620)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)
at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericClassLoader.java:338)
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:291)
Truncated. see log file for complete stacktrace
>
[Loaded weblogic.deploy.container.NonFatalDeploymentException from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
<Aug 4, 2010 10:51:46 AM GMT+05:30> <Error> <Deployer> <BEA-149202> <Encountered an exception while attempting to commit the 7 task for the application '_auto_generated_ear_'.>
[Loaded weblogic.deploy.service.internal.DeploymentService$6 from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.deploy.service.internal.DeploymentServiceLogger from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.deploy.service.RequiresRestartFailureDescription from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.management.ApplicationException from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
<Aug 4, 2010 10:51:46 AM GMT+05:30> <Warning> <Deployer> <BEA-149004> <Failures were detected while initiating start task for application '_auto_generated_ear_'.>
<Aug 4, 2010 10:51:46 AM GMT+05:30> <Warning> <Deployer> <BEA-149078> <Stack trace for message 149004
weblogic.application.ModuleException:
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:894)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:336)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
Truncated. see log file for complete stacktrace
java.lang.LinkageError: Class org/xml/sax/InputSource violates loader constraints
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:620)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)
at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericClassLoader.java:338)
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:291)
Truncated. see log file for complete stacktrace
>
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor137 from __JVM_DefineClass__]
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor138 from __JVM_DefineClass__]
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor139 from __JVM_DefineClass__]
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor140 from __JVM_DefineClass__]
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor141 from __JVM_DefineClass__]
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor142 from __JVM_DefineClass__]
[Loaded javax.management.openmbean.CompositeDataSupport from C:\bea\JDK150~1\jre\lib\rt.jar]
[Loaded sun.reflect.GeneratedSerializationConstructorAccessor143 from __JVM_DefineClass__]
[Loaded weblogic.store.internal.UpdateRequest from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.transaction.internal.ServerTransactionManagerImpl$MigratedTLog from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
[Loaded weblogic.health.HealthLogger from file:/C:/bea/weblogic92/server/lib/weblogic.jar]
===============================
Thanks for your time in advance!
Kumar

Issues in ssl configuration with apache server (using reverse proxy)

Hi,
I am able to use apache server as a reverse proxy to connect to Portal. When I enter the web server url as https://mywebserver.com, I am able to connect to the http url of the Portal. But the moment I try to connect to the https url of Portal with this https url, I am not able to connect to the Portal. Thus I am not able to use apache as a proxy server for https connections it makes. What must I do. I read that mod_proxy_connect needs to be used, but how do I use this?
The second problem is that I need to use more than one kind of mapping.
For example I must be redirected to the Portal even if I use http://webserver.com , or even if I use https://webserver.com or even if I use http://webserver.com/irj or https://webserver.com/irj or http://ipaddress-websserver/irj etc

I have SSLCertificateFile and
and SSLCertificateKeyFile .
My problem is with regard to ssl/CertificateChainFile?
what is this? Also how do I upload my J2EE Certificate into apache.
The problem is with Apache handshake is not happening.
I am forwarding the entire log during . I have put what I consider important in bold.Please have a look.
<b>----
</b>
Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1769): OpenSSL: Handshake: start
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: before/connect initialization
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv2/v3 write client hello A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 7/7 bytes from BIO#629160 [mem: 47855a8] (BIO dump follows)
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 16 03 01 04 1a 02                                ......           |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1488): | 0007 - <SPACES/NULS>
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 1048/1048 bytes from BIO#629160 [mem: 47855af] (BIO dump follows)
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 00 36 03 01 44 74 67 cb-38 b5 8e 42 3b 59 c3 6c .6..Dtg.8..B;Y.l |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0010: 23 5c 07 d0 8b 24 89 89-11 2e 0d 80 ed 1a 06 ea #
...$.......... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0020: 1d 10 b0 59 10 28 7c b4-02 cb d6 08 a8 e4 ea 5a ...Y.(|........Z |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0030: e5 88 5c 5d 90 00 39 00-0b 00 01 cc 00 01 c9 00 ..
]..9......... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0040: 01 c6 30 82 01 c2 30 82-01 2b a0 03 02 01 02 02 ..0...0..+...... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0050: 04 36 0b 23 72 30 0d 06-09 2a 86 48 86 f7 0d 01 .6.#r0...*.H.... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0060: 01 04 05 00 30 14 31 12-30 10 06 03 55 04 03 13 ....0.1.0...U... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0070: 09 6c 6f 63 61 6c 68 6f-73 74 30 1e 17 0d 30 33 .localhost0...03 |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0080: 31 30 30 32 30 37 32 35-30 30 5a 17 0d 30 35 31 1002072500Z..051 |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0090: 30 30 32 30 37 32 35 30-30 5a 30 14 31 12 30 10 002072500Z0.1.0. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00a0: 06 03 55 04 03 13 09 6c-6f 63 61 6c 68 6f 73 74 ..U....localhost |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00b0: 30 81 9f 30 0d 06 09 2a-86 48 86 f7 0d 01 01 01 0..0...*.H...... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00c0: 05 00 03 81 8d 00 30 81-89 02 81 81 00 ef d6 ff ......0......... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00d0: a6 39 e1 64 a5 d3 fb 16-de 4e ee 1d 81 84 31 bc .9.d.....N....1. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00e0: e6 b7 96 07 3e 81 b9 94-d1 c1 e0 f9 00 3a 84 e8 ....>........:.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00f0: 7a 30 11 cd 41 26 d6 6c-95 90 93 95 17 e0 1a b7 z0..A&.l........ |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0100: 00 0f 59 33 7d 1d f3 a0-83 17 c5 f3 7e b3 ad ed ..Y3}.......~... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0110: c9 60 ac af 9e 31 d2 ec-42 71 f9 c3 98 2e 93 f9 .`...1..Bq...... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0120: 9d c3 c4 3d b3 7d 9b 97-83 1c 6b bd c0 75 cc 96 ...=.}....k..u.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0130: dc b9 a0 1b 00 79 85 e4-19 1f 61 42 54 db 91 94 .....y....aBT... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0140: d8 1d 72 13 08 36 22 49-3b fb 05 dc 33 02 03 01 ..r..6"I;...3... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0150: 00 01 a3 21 30 1f 30 1d-06 03 55 1d 0e 04 16 04 ...!0.0...U..... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0160: 14 ed ed 02 af 94 13 59-1c 42 e6 69 40 e5 80 dd .......Y.B.i@... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0170: a4 e9 33 91 02 30 0d 06-09 2a 86 48 86 f7 0d 01 ..3..0...*.H.... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0180: 01 04 05 00 03 81 81 00-2c 22 08 bd 71 b6 80 43 ........,"..q..C |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0190: 5a 2a 8b e8 62 34 b4 b4-84 8a 47 4b 97 5e bf dd Z*..b4....GK.^.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01a0: 17 4c 0a 1c b7 0e cd c5-d1 cc d8 77 cd 38 10 ef .L.........w.8.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01b0: 22 02 f0 02 7f a2 39 2b-53 eb 31 b6 18 49 37 a0 ".....9+S.1..I7. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01c0: 50 47 f2 34 ab 33 eb 5f-ec 5a f9 f7 53 5f 27 eb PG.4.3._.Z..S_'. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01d0: 02 7f b4 28 3e e8 b1 c7-59 df 2c 93 25 c5 34 14 ...(>...Y.,.%.4. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01e0: 7a 34 7c 45 b4 eb 6b 34-93 26 98 51 37 d3 e6 b0 z4|E..k4.&.Q7... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01f0: 7f 83 e3 a9 04 d3 47 b3-3d de 43 57 27 45 82 c0 ......G.=.CW'E.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0200: 4d 48 bf c0 a7 2f 66 0c-0c 00 02 08 00 80 af 76 MH.../f........v |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0210: 1f f5 f6 48 a0 01 0f ed-55 4c 53 9a 7c 07 7a ba ...H....ULS.|.z. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0220: c7 9d 77 e8 8b c7 66 8f-80 03 18 c5 1f 4f 2a a0 ..w...f......O*. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0230: 08 6f 9f e3 13 94 30 56-e7 2f 96 7c 26 97 ba 12 .o....0V./.|&... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0240: aa fd 3e 43 e1 46 c2 d1-32 94 56 45 52 c0 24 6f ..>C.F..2.VER.$o |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0250: 38 e0 93 0f 3a f8 0a 7c-41 0e 4c 54 4f 5a 7e d4 8...:..|A.LTOZ~. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0260: 62 e6 71 cd a0 dc 1e 9b-17 e5 10 71 3c 9d c6 39 b.q........q<..9 |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0270: 05 50 b6 15 37 0b 68 4f-24 50 74 47 13 1c 74 d8 .P..7.hO$PtG..t. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0280: 81 27 81 71 3a 4a c5 26-7d b8 e6 21 b3 d9 00 80 .'.q:J.&}..!.... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0290: 4f 6f 5d e6 2d dc 77 46-e6 77 b1 94 3d 65 5b b0 Oo].-.wF.w..=e[. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02a0: 3d 39 7a 6c a2 c7 0b e3-27 08 fa 48 8d 75 1a fe =9zl....'..H.u.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02b0: 32 e6 13 d1 31 65 7d d5-11 34 21 78 38 d1 11 fb 2...1e}..4!x8... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02c0: ea 59 8e 24 79 5a 4b c2-f7 98 22 51 9f a7 4d 2b .Y.$yZK..."Q..M+ |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02d0: 15 98 fe d4 43 4b 34 25-b3 9b b3 ae 57 d1 ea 69 ....CK4%....W..i |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02e0: 6e 02 7e 61 d7 80 b6 73-6a 3e ac eb 69 38 67 8f n.~a...sj>..i8g. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02f0: a9 2a dc 93 3d 22 f3 6e-6a 5d 51 1f b1 b1 10 5e .*..=".nj]Q....^ |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0300: 82 28 48 0d 5a 78 f8 17-61 e0 c5 43 61 7a 42 6a .(H.Zx..a..CazBj |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0310: 00 80 42 fa 7e 11 b2 77-3a 8c de f1 52 5a e1 18 ..B.~..w:...RZ.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0320: d4 e7 8f ee 2c e0 06 ef-d5 37 87 62 07 14 d1 5a ....,....7.b...Z |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0330: ca 30 be fd dd 76 47 8f-ed f4 5f f3 64 6c 32 a9 .0...vG..._.dl2. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0340: d5 07 e2 9b f1 29 a3 bf-33 4a ed 72 6b 2e c3 0f .....)..3J.rk... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0350: 30 bd 13 a1 42 d8 f7 1d-58 8a 1c 53 d6 c3 c8 6e 0...B...X..S...n |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0360: 0e 51 e3 f5 a0 37 68 0d-04 c6 0e c4 4d cc ed 7c .Q...7h.....M..| |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0370: ef 8f 81 b3 52 34 0c 60-eb f8 01 19 cc 95 31 55 ....R4.`......1U |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0380: 7d 16 bf 0c df b8 e0 3d-8f 7c 7a 4a 64 98 93 59 }......=.|zJd..Y |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0390: eb ae 00 80 ef cb bc 38-ab 16 0e a2 b2 2d fa 0f .......8.....-.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03a0: da 55 2d 67 a8 b8 34 1b-bf 39 d9 d6 da 65 f2 8f .U-g..4..9...e.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03b0: 6f a2 b1 1d db bb d5 dd-ab cf 9e 63 00 e4 57 a5 o..........c..W. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03c0: 18 4a dc 60 b0 97 5d 67-34 96 bf a2 43 2b 7d 70 .J.`..]g4...C+}p |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03d0: d6 99 d2 31 d2 11 f4 f2-19 b8 0c 41 7d bf b1 7c ...1.......A}..| |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03e0: fb 31 cb 3e c2 0a e2 26-1a 7e 63 50 9b 62 c3 82 .1.>...&.~cP.b.. |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03f0: ca cd 36 82 0c 56 5f 26-f6 cc c6 6f 03 92 cc f5 ..6..V_&...o.... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0400: 6b 55 1a d6 92 f9 5b 59-18 c2 62 21 eb d8 a4 ea kU....[Y..b!.... |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0410: fd b6 3e f7 0e                                   ..>..            |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1488): | 1048 - <SPACES/NULS>
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server hello A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server certificate A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server key exchange A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server done A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write client key exchange A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write change cipher spec A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write finished A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 flush data
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 5/5 bytes from BIO#629160 [mem: 47855a8] (BIO dump follows)
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 15 03 01 00 02                                   .....            |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 2/2 bytes from BIO#629160 [mem: 47855ad] (BIO dump follows)
Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 02 28                                            .(               |
[Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1782): OpenSSL: Read: SSLv3 read finished A
[Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1801): OpenSSL: Exit: failed in SSLv3 read finished A
[Wed May 24 07:03:54 2006] [info] SSL Proxy connect failed
[Wed May 24 07:03:54 2006] [info] SSL Library Error: 336151568 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
[Wed May 24 07:03:54 2006] [info] Connection to child 249 closed with abortive shutdown(server apacheserver:443, client j2eeserver)
[Wed May 24 07:03:54 2006] [error] (20014)Error string not specified yet: proxy: pass request body failed to j2eeserver:50001 (j2eeserver)
[<b>Wed May 24 07:03:54 2006] [error] (20014)Error string not specified yet: proxy: pass request body failed to j2eeserver:50001 (j2eeserve) from apacheserver ()
[Wed May 24 07:04:10 2006] [debug] ssl_engine_io.c(1523): OpenSSL: I/O error, 5 bytes expected to read on BIO#612610 [mem: 62ac80]
[Wed May 24 07:04:10 2006] [info] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. : SSL input filter read failed.
[Wed May 24 07:04:10 2006] [debug] ssl_engine_kernel.c(1787): OpenSSL: Write: SSL negotiation finished successfully
[Wed May 24 07:04:10 2006] [info] Connection to child 249 closed with standard shutdown(server apacheserver:443, client apacheserver)
</b>

Kernel SSL configuration with java web server 6.1

Hello
I am trying to configure the kssl using ksslcfg on solaris 10 using the command :
# ksslcfg create -f pkcs11 -T "cid" -C "cid:Server-Cert" -p /opt/SUNWwbsvr/https-unfire02.miel.mot.com/config/password.conf -x 8080 443
but i get the error "no certs" for cid:Server-Cert.
Can anyone specify what can be the reason for the same.
Regards
Manik Gupta.

For these Solaris questions I recommend asking in one of the Solaris forums (click on 'Developer Forums' at the top and pick Solaris tab).

Weblogic 12.1.1 SSL error --No identity key/certificate entry was found under alias server_name in keystore path\ name .jks on server AdminServer

Hi guys,
I installed webloigic 12.1.1 on windows 2003(32-bit);
I was requested add SSL Configuration to console;
I'm using keytool; It is not first time I setup SSL on weblogic console, only version is different;
before I did susssessfully on weblogic 11g(10.3.2-10.3.5) using the same scenario;
My steps:
1.generate key;
keytool -keyalg RSA -genkey -v -alias <server_name> -keysize 2048 -storepass <pwd> -validity 762 -keystore <name>.jks
2. create cert
keytool -certreq -alias <server_name> -file file_name.csr -keystore <name>.jks
after send and return certificate 3 layers;
imported back;
--root--
keytool -importcert -v -noprompt -alias rootca.kbr.com -file root0.cer -keystore <name>.jks -trustcacerts
Enter keystore password:
Certificate was added to keystore
[Storing <name>.jks]
keytool -importcert -v -noprompt -alias rootca1.kbr.com -file root1.cer -keystore <name>.jks -trustcacerts
Enter keystore password:
Certificate was added to keystore
[Storing <name>.jks]
keytool -importcert -v -noprompt -alias <server_name> -file root2.cer -keystore <name>.jks -trustcacerts
Enter keystore password:
Certificate reply was installed in keystore
[Storing <name>.jks]
confufigured weblogic using conosole;
it looks like this in config.xml file
<ssl>
      <enabled>true</enabled>
      <listen-port>7002</listen-port>
      <server-private-key-alias><server_name></server-private-key-alias>
      <server-private-key-pass-phrase-encrypted>{AES}TIRM5RT26K8IZDevCNMexlWp3BuhZaFpi8HEgPaOCrU=</server-private-key-pass-phrase-encrypted>
    </ssl>
    <listen-address>34.64.3.9</listen-address>
    <key-stores>CustomIdentityAndCustomTrust</key-stores>
    <custom-identity-key-store-file-name>path<name>.jks</custom-identity-key-store-file-name>
    <custom-identity-key-store-type>JKS</custom-identity-key-store-type>
    <custom-identity-key-store-pass-phrase-encrypted>{AES}hiemEGOTrjIRvEOnn0+ODuNpWehBbrgb8fydImfyXV4=</custom-identity-key-store-pass-phrase-encrypted>
    <custom-trust-key-store-file-name>path<name>.jks</custom-trust-key-store-file-name>
    <custom-trust-key-store-type>JKS</custom-trust-key-store-type>
    <custom-trust-key-store-pass-phrase-encrypted>{AES}xzP2kU98nkVMNLdzMv7VRoRjoBQUTu5jjtlMLm87PHc=</custom-trust-key-store-pass-phrase-encrypted>
</server>
When I restart SSL , I see error in log file
Er<AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1381506732875>
<BEA-000297> <Inconsistent security configuration, weblogic.management.configuration.ConfigurationException: No identity key/certificate entry was found under alias <SERVER_NAME> in keystore path<name>.jks on server AdminServer>
Please help
I thought before if import certification get status Certificate reply was installed in keystore
it shouldn't be problem for weblogic use thsi certificate;

Compare your steps with the following
http://weblogic-wonders.com/weblogic/2011/05/25/ssl-configuration-for-weblogic-server/

SSL Configuration on 4.5.1 not working with 6.0SP1

In WL 4.5.1, this was all that was needed to enable SSL
weblogic.security.key.server=wcid-srp-mvc.der
weblogic.security.key.certificate=certificate.pem
In 6.0 SP1, I used this
<SSL Enabled="true" ListenPort="443" Name="SrpTest"
ServerCertificateChainFileName=""
ServerCertificateFileName="certificate.pem"
ServerKeyFileName="wcid-srp-mvc.der" TrustedCAFileName=""/>
and I get this error
<Jul 30, 2001 8:18:45 AM EDT> <Info> <WebLogicServer> <License allows
low streng
th (export) SSL.>
<Jul 30, 2001 8:18:45 AM EDT> <Alert> <WebLogicServer> <Security
configuration p
roblem with certificate file wcid-srp-mvc.der, java.lang.Exception:
Required fil
e wcid-srp-mvc.der which is specified by ServerKeyFileName, was not
found>
java.lang.Exception: Required file wcid-srp-mvc.der which is specified
by Server
KeyFileName, was not found
at
weblogic.t3.srvr.SSLListenThread.resolvePropertyFromLocalFile(SSLList
enThread.java:152)
at
weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:382)
at
weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at
weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<Jul 30, 2001 8:18:45 AM EDT> <Info> <Security> <Not listening for SSL,
java.io.
IOException: Security configuration problem with wcid-srp-mvc.der,
java.lang.Exc
eption: Required file wcid-srp-mvc.der which is specified by
ServerKeyFileName,
was not found.>
Any clues to how to get this up and running would be much appreciated. I
am in a major time crunch here.
Is the fix different when I am using DST instead of Verisign? I need to
get both the DST and Verisign issued certificates configures.
Thanks a bunch
Madhu

Earlier, it was a problem with the directory settings in the SSL properties.
Once I got that straightened, I get this error now.
<Jul 30, 2001 9:55:45 AM EDT> <Info> <WebLogicServer> <License allows low
streng
th (export) SSL.>
weblogic.security.CipherException: Incorrect block length 125 (modulus
length 12
8)
at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:167)
at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
at weblogic.security.X509.verifySignature(X509.java:243)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<Jul 30, 2001 9:55:45 AM EDT> <Alert> <WebLogicServer> <Inconsistent
security co
nfiguration, weblogic.security.AuthenticationException: Incorrect block
length 1
25 (modulus length 128) possibly incorrect SSLServerCertificateChainFileName
set
for this server certificate>
weblogic.security.AuthenticationException: Incorrect block length 125
(modulus l
ength 128) possibly incorrect SSLServerCertificateChainFileName set for this
ser
ver certificate
at weblogic.security.X509.verifySignature(X509.java:251)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<Jul 30, 2001 9:55:45 AM EDT> <Info> <Security> <Not listening for SSL,
java.io.
IOException: Inconsistent security configuration,
weblogic.security.Authenticati
onException: Incorrect block length 125 (modulus length 128) possibly
incorrect
SSLServerCertificateChainFileName set for this server certificate.>

Problems using 4096 bit SSL certificate with WebLogic Apache 2.2 plug-in

Hi,
'm using WebLogic 9.2 MP3 and Apache HTTP Server (version 2.2) Plug-In. For security reasons, I have SSL installed on both Apache and WebLogic. So Apache must communicate with WebLogic via https.
I get the following error when attempting to access WebLogic via Apache:
Internet Explorer cannot display the webpage
These are the last lines in wlproxy log:
Fri Feb 26 14:08:59 2010 <71212672221392> INFO: SSL is configured
Fri Feb 26 14:08:59 2010 <71212672221392> SSL Main Context not set. Calling InitSSL
Fri Feb 26 14:08:59 2010 <71212672221331> INFO: Initializing SSL library
I've found that the problem is caused by using a 4096 bit intermediate cert. When I include this 4096 bit cert in the file referenced by plugin parameter "TrustedCAFile", it is unable to load it. I've tested 4096 bit certs from a few different certificate authorities, and consistently see this problem, so I know the problem is not related to the specific certificate. If I use a 2048 bit intermediate certificate, everything works perfectly fine.
Do you know if there are limitations to the certificate length that the plug-in can use?

Yes 4096 bit Certificates are not supported by the plugin.
You can use up to 2048 bit.
There is a Bug which clearly mentions it.
I dont remember the Bug Number, but an Oracle Support person will be able to tell you.
Hope this helps.
Faisal Khan
Edited by: Faisal Khan on Feb 27, 2010 2:08 PM

Essbase configuration with weblogic application sever..

Hi dear all....
I have to install Essbase server and EAS on one server ..and configure with application server weblogic9.2 which is installed on another server..
How can i deploy EAS to application server (weblogic) which is on another server...

FIrst of all u should have firewall open then
if SSL is installed and should be configured while configuring
give the port number while config
i think these will help u

How to configure Oracle 10g Advanced Security to use SSL concurrently with

How to configure Oracle 10g Advanced Security to use SSL concurrently with database User names and passwords
In Oracle Advanced Security Documentation it is mentioned that i can use SSL concurrently with DB user names and passwords. But when i configure the client certificate on the client my DB connection is getting authenticated using the certificate, which out passing user id or password.
We want to connect to Oracle DB over SSL channel so that the data packets are not in clear text. Also we want the user to make a connection using user id and password.
Basically we want SSL with out authentication.
Need your expert advice

Read the documentation (I have given following links assuming you are running a 32 bit architecture)
Server installations:
http://www.oracle.com/pls/db102/to_toc?pathname=install.102%2Fb14316%2Ftoc.htm&remark=portal+%28Books%29
Client installations:
http://www.oracle.com/pls/db102/to_toc?pathname=install.102%2Fb14312%2Ftoc.htm&remark=portal+%28Books%29
You can find the required books (if not using 32 bit architecture) from
http://www.oracle.com/pls/db102/portal.portal_db?selected=3

JMS Foregin server configuration with two Weblogic 8.1 AS

Hi,
I have two Weblogic8.1 AS. Box 1 is configured with JMS connection factory and Topic. MDB is deployed on Box 2, which is configured to listen to Box1 JMS Topic. I am running session bean which is publishing JMS message to the Topic on Box1. Also, I have configured JMS foreign Server on Box2 pointing to Box1 connection factory and Topic.
MDB throws error "Destination not found", while deploying. I read somewhere in the net, that We need Weblogic with Clustering licence for configuring Foreign JMS Server.
Pls. help me.
Regards
Anand Bobade

hi... can you please send me the java code for messaging part ...... i want to know how you are sending
message from server and it is listened at different server?
I am also in same condition....I have configured JMS foreign server on box 1 .....on box2 my MDB is listening....
My problem is how do i send a message to a foreign queue which is inside JMS Foreign Server..... I am not able to give any JNDI name to this server... so please send me the code from which you are sending the Message.
Thanks in advance

How coherence 3.5 can be configured with weblogic

Hi Guys,
Can anyone help me, how to setup the coherence and configure with the weblogic server.
Thank you.

Basic setup is very simple. Include coherence.jar(coherence/lib/ ) in WebLogic system class path in startup script.
You can also refer here.
http://coherence.oracle.com/display/COH35UG/Installing+Oracle+Coherence
jayesh@yagna

After new weblogic domain configuration with oim 11g, not able to login

After new weblogic domain configuration with oim 11g, not able to login for the frist time as xelsysadm.
it says invalid sign in. and in logs it says password is invalid.
Please help me in asap...

Thanks Pallavi for the effort. I tried commenting out, its still the same. It do not throw exception this time. However, It tells me that the recon event is completed and linked to user. When I go to user's profile, I dont see the resource provisioned.
Also,
The Account ID in recon manager of Web Console and the Account ID that is stored in the tables, doesn't match.
I wrote a custom code to fetch account and user details and here is the output,
User Key : 13 -- has Login Id : USER_CS
Account with account key : 49 is with user key : [USER_CS]
Getting Account Data......
{UD_TEST_1P_EMPLOYEENUMBER=1567, UD_TEST_1P_NAME=Kim1}
However the Account Id in recon manager is : 91
This seems fine.
Doesn't this mean, the account is reconciled successfully?
The problem is that, I am not able to see this resource in User's resource profile.
Edited by: Shashi kiran on Apr 18, 2013 3:56 PM

Changing SSL configuration on MedRec

Hi,
We are developing a custom Auditing Provider for WLS. Our provider needs to communicate via https to a remote system, and thus we need to configure SSL in order to use the correct client certificate and trust the remote server's.
We are using the sample MedRec application bundled with WLS for testing purposes, but no matter what, we do not seem to be able to change the SSL configuration. We went to Home -> Servers -> MedRecServer(Admin) -> Configuration in the console, and then
* Keystores
* Custom Identity and Custom Trust + configure all the keystores pointing to our jks files
* SSL: point to our alias
But, when restarting the server, we see the following:
<Mar 6, 2007 11:45:21 AM CET> <Notice> <Security> <BEA-090169> <Loading trusted
certificates from the jks keystore file C:\dev\bea\WEBLOG~1\server\lib\DemoTrust
.jks.>Which seems to indicate that somehow MedRecServer is not acknowledging our configuration changes.
Our WL_HOME\samples\domains\medrec\config\config.xml looks like this:
<?xml version='1.0' encoding='UTF-8'?>
<domain xmlns="http://www.bea.com/ns/weblogic/920/domain" xmlns:sec="http://www.bea.com/ns/weblogic/90/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90/security/wls" xsi:schemaLocation="http://www.bea.com/ns/weblogic/90/security/extension http://www.bea.com/ns/weblogic/90/security.xsd http://www.bea.com/ns/weblogic/90/security/xacml http://www.bea.com/ns/weblogic/90/security/xacml.xsd http://www.bea.com/ns/weblogic/90/security http://www.bea.com/ns/weblogic/90/security.xsd http://www.bea.com/ns/weblogic/920/domain http://www.bea.com/ns/weblogic/920/domain.xsd http://www.bea.com/ns/weblogic/90/security/wls http://www.bea.com/ns/weblogic/90/security/wls.xsd">
<name>medrec</name>
<domain-version>9.2.0.0</domain-version>
<security-configuration>
    <name>medrec</name>
    <realm>
      <sec:auditor xmlns:ext="http://www.bea.com/ns/weblogic/90/security/extension" xsi:type="ext:secure-auditorType">
        <sec:name>Foo</sec:name>
        <ext:identifier>Test</ext:identifier>
        <ext:bea-audit-log-service-uri>hessian:https://it-sdm-nb:8443/ksuite/remoting/BEAAuditLogService-hessian</ext:bea-audit-log-service-uri>
      </sec:auditor>
      <sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
      <sec:authentication-provider xsi:type="wls:default-identity-asserterType">
        <sec:active-type>AuthenticatedUser</sec:active-type>
      </sec:authentication-provider>
      <sec:role-mapper xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
      <sec:authorizer xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
      <sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
      <sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
      <sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
      <sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
      <sec:name>myrealm</sec:name>
    </realm>
    <default-realm>myrealm</default-realm>
    <credential-encrypted>{3DES}I/3L8IhJVe+jq1vzXAXHODsFazm8NGROsfPVAaunGasgxJ6u41gpHbMAqA4pZSr2u1CWgoxiHR6z895y9Or+CDwkCmqAxJBq</credential-encrypted>
    <node-manager-username>weblogic</node-manager-username>
    <node-manager-password-encrypted>{3DES}HMxdWFl3juTr6BufJFg6WQ==</node-manager-password-encrypted>
</security-configuration>
<server>
    <name>MedRecServer</name>
    <ssl>
      <name>MedRecServer</name>
      <enabled>true</enabled>
      <listen-port>7012</listen-port>
      <server-private-key-alias>auditor</server-private-key-alias>
      <server-private-key-pass-phrase-encrypted>{3DES}tPlZGhoSkfnu0h93w1MeKw==</server-private-key-pass-phrase-encrypted>
    </ssl>
    <listen-port>7011</listen-port>
    <listen-address></listen-address>
    <key-stores>CustomIdentityAndCustomTrust</key-stores>
    <custom-identity-key-store-file-name>C:\dev\bea\weblogic92\server\lib\tomcat.keystore</custom-identity-key-store-file-name>
    <custom-identity-key-store-type>jks</custom-identity-key-store-type>
    <custom-identity-key-store-pass-phrase-encrypted>{3DES}tPlZGhoSkfnu0h93w1MeKw==</custom-identity-key-store-pass-phrase-encrypted>
    <custom-trust-key-store-file-name>C:\dev\bea\weblogic92\server\lib\tomcat.keystore</custom-trust-key-store-file-name>
    <custom-trust-key-store-type>jks</custom-trust-key-store-type>
    <custom-trust-key-store-pass-phrase-encrypted>{3DES}tPlZGhoSkfnu0h93w1MeKw==</custom-trust-key-store-pass-phrase-encrypted>
</server>
<embedded-ldap>
    <name>medrec</name>
    <credential-encrypted>{3DES}W+XDJAixeMZcbdmRm/jIF8u8ZMzBMLyGQpcjb1lWzlM=</credential-encrypted>
</embedded-ldap>
<configuration-version>9.2.0.0</configuration-version>
<admin-server-name>MedRecServer</admin-server-name>
</domain>You can see our Auditor provider configuration and the custom identity and trust sections, which look right.
I'm wondering if somehow the demo application is special in any way, or if we are missing some step to change the identity and trust configuration. Any ideas? Any further investigation clues?
Kind regards,
Alex

OK, we have been reading this:
http://e-docs.bea.com/wls/docs81/security/SSL_client.html
, so I think I need to make a few clarifications.
Our Auditing Provider communicates remotely with another system using remoting libraries (in this case, the Hessian library), which open SSL connections in the "usual JDK manner". In fact, when handshaking, we see a failure that has a stack trace like the following:
<Mar 6, 2007 3:59:36 PM CET> <Debug> <SecuritySSL> <000000> <Exception during ha
ndshake, stack trace follows
java.net.SocketException: socket write error: Connection aborted by peer
        at jrockit.net.SocketNativeIO.socketWrite(Ljava.io.FileDescriptor;[BII)V
(Unknown Source)
        at java.net.SocketOutputStream.socketWrite0(Ljava.io.FileDescriptor;[BII
)V(SocketOutputStream.java:???)
        at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
        at com.certicom.io.OutputSSLIOStream.write([BII)I(Unknown Source)
        at com.certicom.tls.record.WriteHandler.flushOutput()I(Unknown Source)
        at com.certicom.tls.record.handshake.HandshakeHandler.flush()V(Unknown S
ource)
        at com.certicom.tls.record.handshake.ClientStateReceivedCertificate.hand
le(Lcom.certicom.tls.record.handshake.HandshakeMessage;)V(Unknown Source)
        at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMes
sage(Lcom.certicom.tls.record.handshake.HandshakeMessage;)V(Unknown Source)
        at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMes
sages([BILcom.certicom.tls.interfaceimpl.ProtocolVersion;)V(Unknown Source)
        at com.certicom.tls.record.MessageInterpreter.interpretContent([BIILcom.
certicom.tls.interfaceimpl.ProtocolVersion;)V(Unknown Source)
        at com.certicom.tls.record.MessageInterpreter.decryptMessage(II[BIILcom.
certicom.tls.interfaceimpl.ProtocolVersion;)V(Unknown Source)
        at com.certicom.tls.record.ReadHandler.processRecord()I(Unknown Source)
        at com.certicom.tls.record.ReadHandler.readRecord()I(Unknown Source)
        at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete()V(Unk
nown Source)
        at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake()V
(Unknown Source)
        at com.certicom.tls.record.WriteHandler.write([BII)I(Unknown Source)
        at com.certicom.io.OutputSSLIOStreamWrapper.write([BII)V(Unknown Source)
        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
        at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
        at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.j
ava:142)
        at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.
java:344)
        at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLC
onnection.java:32)
        at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection
.java:935)
        at com.caucho.hessian.client.HessianProxy.invoke(Ljava.lang.Object;Ljava
.lang.reflect.Method;[Ljava.lang.Object;)Ljava.lang.Object;(HessianProxy.java:??
        at $Proxy0.startup(JLjava.lang.String;Ljava.lang.String;)V(Unknown Sourc
e)
        at com.kroopier.bea.sap.utils.BeaAuditLogServiceSSLWrapper.startup(BeaAu
ditLogServiceSSLWrapper.java:43)
[/pre]
I guess that the Hessian library opens up a connection, actually using these certicom classes and not the usual https ssl client classes and then I should configure client certificates accordingly in the Certicom thing, but I'm unsure how to do that.
Any ideas?
Alex

Need some hel in SSL Configuration in R12

Hi All,
I am facing challenges in configuring SSL in R12. I am not able to get bigger picture of the SSL Configuration. If any body does this before please share you knowledge
Thanks in Advance.
Reddy

Hi Hussein
The below are the steps I am trying to implement.
Section 3 : Middle Tier Setup
The default location for the wallet in Release 12 is $INST_TOP/certs/Apache. This directory contains a wallet with demo certificates. If you wish to use these certificates for testing start with Step 8 below to configure SSL
Decided to test the application with demo certificates.
Step 8: Update the Context File.
Updated the context file as per the recommendations.
Step 9 - Run Autoconfig
Finished
Section 4: Database Tier Setup
Here I got confused. Whether to proceed or not ?
Thanks
Reddy

BOE ssl configuration

Hello,
I'm working on migrating our BOE XI R2 to BOE 3.1 SP2 on a new server (windows).
Before we were using iis and ssl setting was easy. Now on tomcat I'm having problems.
I'm not creating a new certificate I want to use a special one created for our domain from a 3rd party cert authority.
I don't know much about certificates.
so I have domain.cer domain.der domain.key domain.pem domain.pfx password.txt trustedcer.crt (root ceritiificate) files in d:\ssl folder.
From CCM I check the "enable the ssl"
and I try to fill below
SSL certificates folder=d:\ssl
server ssl certificate file=domain.cer
SSL trusted certificates file=trustedcer.crt
SSL private key file=domain.key
SSL private key passphrase file=password.txt
in tomcat configuration I use the same pattern.
Do I have to convert cer files to der.
Why this combination is not working how can I set the ssl.
Thank you

If yoour users are using the browser and no thick clients then it is all about configuring Tomcat for SSL. You can find plenty information about this in Internet or here https://css.wdf.sap.corp/sap/support/notes/1299147.
Regards,
Stratos

Weblogic 10.3.6 SSL configuration with Crt files

Similar Messages

Maybe you are looking for