hi there
I am configuring ssl on weblogic7 I followed following procedure
1) I had used certificate servlet to generate CSR it has also create privatekey
file in der format
2) versign sent me a trail certificate
3) I had used der2pem to convert privatekey file to pem format
4) In config.xml i had specified
private key file name as : pem format file which I had created as above
Certificate key file name: pem format file which i recieved from verrsing
I am getting following exception:
ServerKeyFileName attribute.>
<Apr 30, 2004 12:18:39 AM IST> <Alert> <WebLogicServer> <000297> <Inconsistent
security configuration, java.lang.Exception: The Server was unable to find the
server's private key on server myserver in the file specified by the SSL ServerKeyFileName
attribute.>
java.lang.Exception: The Server was unable to find the server's private key on
server myserver in the file specified by the SSL ServerKeyFileName attribute.
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:419)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:288)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1519)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:858)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:294)
at weblogic.Server.main(Server.java:31)
-----BEGIN ENCRYPTED PRIVATE KEY-----
-----END ENCRYPTED PRIVATE KEY-----
The file based SSL configuration has been deprecated in 7.0, but if you want to
keep your certs, key in the flat files you'll need to specify the private key
password on the command line in weblogic.management.pkpassword property. If you
decide to use keystores, you'll need to import your key and certificate into a
keystore, and configure the server to use it. Search documentation for utils.ImportPrivateKey,
which is the tool for importing the private key. The CA certificates can be imported
with the Sun keytool.
Pavel.
I did as you said above only to get following error
<Apr 30, 2004 10:58:15 AM IST> <Alert> <WebLogicServer> <000297> <Inconsistent
s
ecurity configuration, java.security.KeyManagementException: ASN.1: Unxpected
AS
N.1 tag>
java.security.KeyManagementException: ASN.1: Unxpected ASN.1 tag
at com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdent
ityPartial(Unknown Source)
at com.certicom.net.ssl.CerticomContextWrapper.inputPrivateKey(Unknown
S
ource)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:425)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:288)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1519)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:858)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:294)
at weblogic.Server.main(Server.java:31)
<Apr 30, 2004 10:58:15 AM IST> <Emergency> <Security> <090034> <Not listening
fo
r SSL, java.io.IOException: Inconsistent security configuration, java.security.K
Pavel.