Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Setting up SSL on WL7

0 views
Skip to first unread message

Rajendran Nair

unread,
Nov 17, 2002, 5:05:25 PM11/17/02
to
I am trying to set up SSL on WL7, and I used the certgen utility to
generate the key and the certificate. But I do not know what I must
use for the trusted ca file name. I tried out the following
combination:

Server Certificate File Name: xyz.pem (the name of my certificate
file)
Server Key File Name: abc.pem (the name of my private key file)
Trusted CA File Name: trusted-ca.pem (the default value)

When I start my server, I get this exception:
<Nov 17, 2002 2:03:14 PM PST> <Alert> <WebLogicServer> <000297>
<Inconsistent security configuration
, java.security.KeyManagementException>
java.security.KeyManagementException
at com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdentityPartial(Unknown
S
ource)
at com.certicom.net.ssl.CerticomContextWrapper.inputPrivateKey(Unknown
Source)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:425)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:288)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1519)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:858)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:294)
at weblogic.Server.main(Server.java:31)

I used a password when I generated my key using the certgen utility.
Do I need to provide this password to WL? How do I provide it?

rajendran

gou...@hotmail.com

unread,
Nov 17, 2002, 8:07:31 PM11/17/02
to

Hello,
First of all you need to get a trusted certificate root file name from the
company (ex. verisign) where you got the certificate. Also if you have used password
on the certificate then you must enter that in your startweblogic.cmd file.
Don't forget to select "Key Encrypted" under SSL option of server tab in console.
I hope this helps. Verisign provides you with a test root certificate which
you need to install on you machine. If you have real one then they provide you
with a real root certicate. Make sure you take care of text vs. binary certicates
as you have to name the file with proper extension.
-Goutam

Rajendran Nair

unread,
Nov 18, 2002, 9:41:22 AM11/18/02
to
Goutam

I am not sure I understand... I used the weblogic certgen utility to
generate a demonstration key and certificate. Can I use a trusted
certificate root file name from verisign with this key?

rajendran

<gou...@hotmail.com> wrote in message news:<3dd83d53$1...@newsgroups.bea.com>...

0 new messages