Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

configuring ssl giving CipherException

0 views
Skip to first unread message

nivas

unread,
Dec 23, 2001, 7:37:25 AM12/23/01
to

after getting certificate from verisign i opened myserver and
on SSL tab gave the 1)Server Key File Name 2)Server Certificate File Name and
rest all with their default value.
but when i am restarting the weblogic it gives the following exception.
is it compulsory to specify
3) Server Certificate Chain File Name:....?


exception :---------
weblogic.security.CipherException: Incorrect encrypted block
at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:216)
at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
at weblogic.security.X509.verifySignature(X509.java:243)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:443)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
at weblogic.Server.main(Server.java:35)
<Dec 23, 2001 4:34:47 PM GST> <Alert> <WebLogicServer> <Inconsistent security
co
nfiguration, weblogic.security.AuthenticationException: Incorrect encrypted bloc
k possibly incorrect SSLServerCertificateChainFileName set for this server certi
ficate>
weblogic.security.AuthenticationException: Incorrect encrypted block possibly
in
correct SSLServerCertificateChainFileName set for this server certificate
at weblogic.security.X509.verifySignature(X509.java:251)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:443)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
at weblogic.Server.main(Server.java:35)

Sunnynani (Reply@ToNewsgroup.Only)

unread,
Dec 23, 2001, 3:37:44 PM12/23/01
to
Nivas,

ServerCeritificateChain file that is in place appears to be the wrong one.
That is CA's root certificate, which you can download from CA site (e.g.,
verisign)

"nivas" <ni...@india.com> wrote in message
news:3c25d005$1...@newsgroups.bea.com...

0 new messages