Basically, I get "EOFException" or "IOException: Lengh is too big" when the server
starts. Please let me know what is the necessary steps.
Here are the steps I followed:
1) https://<mydomain>/certificate/CertificateServlet which generated the 3 files
below.
<mydomain>-request.dem
<mydomain>-request.pem
<mydomain>-key.der
2) Obtained a digital certificate from VeriSign (<mydomain>.pem), and stored in
\wlserver6.0\config\mydomain
Question: Should it be specified as "Server Certificate File Name"?
3) Using the console, I specified...
Server Key File Name: <mydomain>-key.der
Server Certificate File Name: <mydomain>-request.dem
Server Certificate Chain File Name: <mydomain>-request.pem
4) Added -D Dweblogic.management.pkpassword=<passwd> in startup script.
5) And restarted the server.
=======RESULT=======
<Aug 27, 2001 1:33:27 PM PDT> <Alert> <WebLogicServer> <Security configuration
problem with certificate file <domain>-key.der, java.io.EOFException>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:394)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
6) So, I checked "Use Encrypted Keys" as some article suggested, and got the different
result.
=======RESULT=======
java.io.IOException: Length is too big: takes 93 bytes
at weblogic.security.ASN1.ASN1Header.inputLength(ASN1Header.java:148)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:120)
at weblogic.security.X500Name.input(X500Name.java:58)
at weblogic.security.X509.input(X509.java:134)
at weblogic.security.X509.initialize(X509.java:81)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.java:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<Aug 27, 2001 1:31:25 PM PDT> <Alert> <WebLogicServer> <Inconsistent security
configuration, weblogic.security.KeyManagementException: java.io.IOException:
Length is too big: takes 93 bytes>
weblogic.security.KeyManagementException: java.io.IOException: Length is too big:
takes 93 bytes
at weblogic.security.X509.initialize(X509.java:86)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.java:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
PLEASE HELP ME! Thanks.
In order to solve it you need to do:
Server Key File Name: <mydomain>-key.der
Server Certificate File Name: <your-certificate-file-from-verisign>
Server Certificate Chain File Name: <virisign-sertificate> (download from verisign
site)
Also try don't use password in your request to verisign and don't specify -D Dweblogic.management.pkpassword=<passwd>
NOTE - Weblogic Server 6.1 has a problem with the CSR generated key and has
supplied a wlkeytool utility program. This is not very well documented and
really shouldn't be a problem. I would rather have it simply work.
Terry Trippany
Chicago
However, I would imagine that
"Igor Vinnikov" <vin...@rambler.ru> wrote in message
news:3b8e02f3$1...@newsgroups.bea.com...