weblogic6.0SP2 SSL encryption on Solaris

[Ellen]

Hi,

I applied a Verisign test certificate using http: //hostname:7001/certificate,
after I installed my weblogic server to domestic version(with 128-bit license
in weblogic root before installing software itself).

But I got exception which I append at the end of this email, after I started weblogic
server.

Does this mean the test certificate I got from Verisign is not 128-bit(and inconsistent
with my weblogic version 128-bit)?

How can I generate a Verisign 128-bit test certificate then? I didn't find any
option for encryption when I filling out Verisign application form. I guess CSR
generator of weblogic domestic version is 128-bit by default. Any reason why the
certificate Verisign send to me is not?

Thanks a lot!
Ellen

Here is the error message:
No assurances (C)VS1997 , key =
modulus length=129 exponent length=3>
weblogic.security.CipherException: Incorrect block length 64 (modulus length
128)
at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:167)
at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
at weblogic.security.X509.verifySignature(X509.java:243)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:440)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)

[Yeshwant]

when you generate the CSR using http: //hostname:7001/certificate/
one of the options it gives is the strength 512,768 1024
You have to choose 1024 to get the 128 bit cert.
In additin if your private key is password protected then you have to check a similar
option under the ssl tab in the console {use encrypted keys} and also supply the pk pasword
in the startup script via a system property -D weblogic.management.pkpassword =value

yeshwant

[Ellen]

Thanks.