Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Sample for setting up SSL in WLS 7 SP4??

0 views
Skip to first unread message

Markus

unread,
Dec 19, 2003, 4:07:24 AM12/19/03
to

Hi!
Can someone provide me the steps to configure a simple one-way-SSL connection
(certification) with WLS 7 SP4 on Windows 2000 using the developer edition?

All my tries to configure it on my own were not successful -> receiving the execption:

<19.12.2003 09:42:20 CET> <Debug> <TLS> <000000> <Using 6.x configuration for
SSL Server PrivateKey>
<19.12.2003 09:42:20 CET> <Debug> <TLS> <000000> <SSLManager.getServerCertificate()>
<19.12.2003 09:42:20 CET> <Alert> <WebLogicServer> <000297> <Inconsistent security
configuration, ja
va.security.KeyManagementException: ASN.1: Unxpected ASN.1 tag>
java.security.KeyManagementException: ASN.1: Unxpected ASN.1 tag
at com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdentityPartial(Unknown
S
ource)
at com.certicom.net.ssl.CerticomContextWrapper.inputCertChain(Unknown
Source)
at weblogic.security.utils.SSLCertUtility.inputCertificateChain(SSLCertUtility.java:277)
at weblogic.security.service.SSLManager.getServerCertificate(SSLManager.java:319)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:154)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1556)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:891)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:300)
at weblogic.Server.main(Server.java:32)

Well, the documentation didn't help much. It oftens refers to a "CompatibiltyRealm"
which I cannot find in the developer edition!! Turning on the SSL debug flag,
Weblogic tells me I am using a "6.x SSL configuration" ... I don't know why WebLogic
is using this configuration. I simply generated my certificates by uing the "Certificate
Request Generator Servlet" ...

Since many people are having the same problem, it would be great if someone can
describe the steps or point to a place where the steps are described (just for
a simple example!!) :)

Thanks so much!

Peter

unread,
Dec 21, 2003, 8:11:06 AM12/21/03
to

"Markus" <markus....@bank-verlag.de> wrote in message
news:3fe2...@newsgroups.bea.com...

>
> Hi!
> Can someone provide me the steps to configure a simple one-way-SSL
connection
> (certification) with WLS 7 SP4 on Windows 2000 using the developer
edition?
>

A previous post with the same call stack and error had the following
suggestion.

According to the stack the SSL server thread failed to initialize at the WL
server
boot time because it could not read the private key. Make sure the key file
is
valid. The pem file with the key must starts with:
-----BEGIN ENCRYPTED PRIVATE KEY-----
Make sure the private key password that you pass on the command line is
correct:

-Dweblogic.management.pkpassword=<pwd>

Pavel.


0 new messages