Error of SSL certificate
adamfeng
I got your information from weblogic.developer.interest.security.
I have a question about the SSL certificate
1. I generate the private key file using Weblogic certificate servlet,
2. get the request, then goto thawte get the response
3. goto weblogic console -> server -> ssl, specify the filename, click "Enable", click "Key Encrypted"
4. change the startWeblogic.cmd, adding -Dpkpassword=adminadmin
But when I restart the weblogic, got the following error msg:
Starting WebLogic Server ....
<Sep 27, 2001 1:34:29 PM CST> <Notice> <Management> <Loading configuration file
.\config\citi1\config.xml ...>
<Sep 27, 2001 1:34:35 PM CST> <Notice> <WebLogicServer> <Starting WebLogic Admin
Server "server1" for domain "citi1">
<Sep 27, 2001 1:34:35 PM CST> <Alert> <WebLogicServer> <Security configuration p
roblem with certificate file adamfeng-key.der, java.lang.NullPointerException>
java.lang.NullPointerException
at weblogic.security.PKCS5.setPassword(PKCS5.java:173)
at weblogic.security.RSAPrivateKeyPKCS8.<init>(RSAPrivateKeyPKCS8.java:1
24)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:390)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr
Sujit More
Hi adam,
I wish to let u know that your ****-key.der file is not generated correctly. I
suppose you must have used Certificate Requeste Generator of WLS to generate the
key file and the request file.
please follow the following to get your system running:
(1) Generate a new certificate request making sure that you enter "yourmachine.domain.com"
in the Full Host name field within the certificate request generator. Fill all
the required values like the state should be filled in full not with abreviations
etc(do not fill the ones which are not required. That means do not fill the password
field and random string field...etc )then u will get a key file and the request
file..press the submit button on the same page to test the key file with Verisign..if
all fields are filled correctly then it says so..if not it will bounce back saying
an ERROR..so see to it that u get the right key file..i.e. ****;key.der file.
(2) Save the certificate request in a text file. (including the ----BEGIN CERTIFICATE
REQUEST-- and --END CERTIFICATE REQUEST--)
(3) Go to https://www.thawte.com/cgi/server/test.exe and paste the above request.
(4) Do *NOT* choose any other options as the default options are set correctly
(unless you are using a domestic build of the weblogic server which requires a
different license).
(5) Save the certificate obtained in a text file and save it as a .pem file
(6) Also save the root certificate obtained in the above URL (see the 2nd line
from the top) in .pem format and use this file against the ServerCertChain name.
(7) Make sure you enter the certificate key and server certificate fields with
the correct path to the key and cert (inclusive of the file names).
After having done the above steps restart the server and you should be able to
get SSL to work. Hope the above information
If not then mail me at su...@mediaocean.com.
Sujit.
adamfeng <feng_zh...@huateng.com> wrote:
>"hi, all,
>
> I got your information from weblogic.developer.interest.security.
> I have a question about the SSL certificate
>1. I generate the private key file using Weblogic certificate servlet,
>2. get the request, then goto thawte get the response
>3. goto weblogic console -> server -> ssl, specify the filename, click
>"Enable", click "Key Encrypted"
>4. change the startWeblogic.cmd, adding -Dpkpassword=adminadmin
>
>But when I restart the weblogic, got the following error msg:
>Starting WebLogic Server ....
><Sep 27, 2001 1:34:29 PM CST> <Notice> <Management> <Loading configuration
>file
>..\config\citi1\config.xml ...>