Sunday, September 25, 2022

FMW/WLS New Configuration with Latest JDK Failing to Start - ConfigException: Identity key store file not found: DemoIdentity.jks

Symptoms

When installing Oracle Fusion Middleware and/or Oracle WebLogic Server 12c, there is a "weblogic.nodemanager.common.ConfigException: Identity key store file not found" error looking for DemoIdentity.jks. This happens for both WebLogic Server and Nodemanager startup. Full error stacks included below:

WebLogic Server:

<Feb 6, 2018 10:16:38,503 PM JST> <Alert> <Security> <BEA-090165> <Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer>
<Feb 6, 2018 10:16:38,504 PM JST> <Error> <WebLogicServer> <BEA-000297> <Inconsistent security configuration, weblogic.management.configuration.ConfigurationException: Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer>
<Feb 6, 2018 10:16:38,504 PM JST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, weblogic.management.configuration.ConfigurationException: Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer.>
<Feb 6, 2018 10:16:38,505 PM JST> <Error> <Server> <BEA-002606> <The server is unable to create a server socket for listening on channel "DefaultSecure[iiops][5]". The address 127.0.0.1 might be incorrect or another process is using port 7002: java.io.IOException: Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer>

Nodemanager:

<Feb 6, 2018 9:58:31 PM JST> <INFO> <Loading identity key store: FileName=<DOMAIN_HOME>/security/DemoIdentity.jks, Type=jks, PassPhraseUsed=true>
<Feb 6, 2018 9:58:31 PM JST> <SEVERE> <Fatal error in NodeManager server>
weblogic.nodemanager.common.ConfigException: Identity key store file not found: <DOMAIN_HOME>/security/DemoIdentity.jks
at weblogic.nodemanager.server.SSLConfig.loadKeyStoreConfig(SSLConfig.java:225)
at weblogic.nodemanager.server.SSLConfig.access$000(SSLConfig.java:33)
at weblogic.nodemanager.server.SSLConfig$1.run(SSLConfig.java:118)
at java.security.AccessController.doPrivileged(Native Method)
at weblogic.nodemanager.server.SSLConfig.<init>(SSLConfig.java:115)
at weblogic.nodemanager.server.NMServer.<init>(NMServer.java:169)
at weblogic.nodemanager.server.NMServer.getInstance(NMServer.java:134)
at weblogic.nodemanager.server.NMServer.main(NMServer.java:589)
at weblogic.NodeManager.main(NodeManager.java:31)
 

Solution:

The following is simplified steps on Linux/UNIX platform. Please see above notes about details.  If you have run the Configuration already and you have applied the PSU, you will not need the -noskid option. 

> cd $ORACLE_HOME/wlserver/server/bin

> . ./setWLSEnv.sh (that is DOT SPACE DOT SLASH setWLSEnv.sh )

> cd $DOMAIN_HOME/security

> java utils.CertGen -keyfilepass DemoIdentityPassPhrase -certfile democert -keyfile demokey -strength 2048 -noskid

> java utils.ImportPrivateKey -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -keyfile demokey.pem -keyfilepass DemoIdentityPassPhrase -certfile democert.pem -alias demoidentity

Posted by at No comments:

Installing Oracle Weblogic 14c (14.1.1) in linux.

Creating users and groups

As root, run the following commands to create the Oracle user and groups:

# sudo -i

The below commands must be executed as root.

Add the groups required by Oracle.

Create the Oracle Inventory group:

# groupadd oinstall

Create the Oracle DBA group:

# groupadd dba

Create the home directory for the Oracle user:

# mkdir /home/oracle/

Create the directory for installing Oracle:

# mkdir -p /u01/app/oracle

Then create the Oracle user account that is a member of the dba group, has the /home/oracle/ home directory and uses /bin/bash as the default shell:

# useradd -g oinstall -G dba -d /home/oracle -s /bin/bash oracle

Set the password for the oracle user (don’t forget this password):

# passwd oracle

Set the oracle user as the owner of the Oracle home directory and Oracle installation directory. The oracle user is a member of the oinstall group.

# chown -R oracle:oinstall /home/oracle

# chown -R oracle:oinstall /u01/app/oracle

Create the directory for Oracle Inventory:

# mkdir -p /u01/app/oraInventory

Set the oracle user as the owner for the Oracle Inventory directory:

# chown -R oracle:oinstall /u01/app/oraInventory
# chmod -R 775 /u01
======================================

Installing Oracle Weblogic Server 14c:

Switch to oracle user.

# su - oracle

Edit .bash_profile of oracle user in vim text editor.

$ vi .bash_profile

Add following environment variables in this file.

export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/14.1.1
export MW_HOME=$ORACLE_HOME
export WLS_HOME=$MW_HOME/wlserver
export DOMAIN_BASE=$ORACLE_HOME/user_projects/domains
export DOMAIN_HOME=$DOMAIN_BASE/base_domain

Execute the .bash_profile script to set environment variables for current Linux shell.

$ . ~/.bash_profile

Execute unzip command to extract Weblogic Generic Installer.

$ unzip fmw_14.1.1.0.0_wls_lite_Disk1_1of1.zip
Archive:  fmw_14.1.1.0.0_wls_lite_Disk1_1of1.zip
  inflating: fmw_14.1.1.0.0_wls_lite_generic.jar

Execute the Generic Installer JAR file by using following java command.

$ java -jar fmw_14.1.1.0.0_wls_lite_generic.jar
Launcher log file is /tmp/OraInstall2022-09-25_05-32-40PM/launcher2022-09-25_05-32-40PM.log.
Extracting the installer . . . . . . Done
 
Checking if CPU speed is above 300 MHz.   Actual 2111.999 MHz    Passed
Checking monitor: must be configured to display at least 256 colors.   Actual 16777216    Passed
Checking swap space: must be greater than 512 MB.   Actual 923 MB    Passed
Checking temp space: must be greater than 300 MB.   Actual 7497 MB    Passed
 
Preparing to launch the Oracle Universal Installer from /tmp/OraInstall2022-09-25_05-32-40PM
Log: /tmp/OraInstall2022-09-25_05-32-40PM/install2022-09-25_05-32-40PM.log

If you are installing on a Linux server with no graphical support, then you have to configure X11 forwarding by using PuTTY and XMing to get the graphical output at client console.

03-orainventory-setup

Set the OraInventory directory and click on ‘Next’ button.

04-welcome-screen

You are on the welcome page. Click on ‘Next’.

05-configure-auto-update

Select ‘Skip Auto Updates’ and click ‘Next’.

06-weblogic-installation-location

Set the Oracle Home directory here and move to ‘Next’ screen.

07-choose-installation-type

Select the components that you want to install on your application server. You can either install Weblogic Server, Coherence or both.

08-weblogic-prerequisites-checks

Click on ‘Next’.

09-weblogic-installation-summary

Click on ‘Install’ button.

10-weblogic-installation-progress

Click on ‘Next’.

11-weblogic-installation-complete

Uncheck ‘Automatically Launch the Quickstart Configuration Wizard’ and click on ‘Finish’.

 

Post-Installation Configurations:

If you are planning to deploy a Fusion Middleware product over your WebLogic application server, then you must skip the configuration step. Because the configurations will be performed by the respective FMW product.

Otherwise, you can configure WebLogic Server by executing following script.

$ /u01/app/oracle/product/14.1.1/oracle_common/common/bin/config.sh

12-weblogic-create-domain

Create a Domain for your Weblogic application server.

13-templates

Select a template to create the domain. Click ‘Next’.

14-weblogic-administrative-account

Set a strong password for Weblogic Server administrative user.

15-domain-mode-and-jdk

Select the Domain Mode and JDK for your Application Server.

16-weblogic-advanced-configurations

Click on ‘Next’.

17-wls-configuration-summary

Click on ‘Create’.

18-wls-configuration-progress

Click on ‘Next’.

19-wls-end-of-configurations

Click on ‘Finish’.

WebLogic Server has been configured successfully.

To grant access of your application server to network clients, allow the default service port of WebLogic server in Linux firewall.

# firewall-cmd --permanent --add-port=7001/tcp
success
# firewall-cmd --reload
success

Whenever you start the Weblogic service, it will always ask you for a username / password.

To automate it, you can define the credentials in boot.properties file.

$ mkdir -p $DOMAIN_HOME/servers/AdminServer/security/
$ echo "username=weblogic" > $DOMAIN_HOME/servers/AdminServer/security/boot.properties
$ echo "password=weblogic123" >> $DOMAIN_HOME/servers/AdminServer/security/boot.properties

Start the Oracle Weblogic Server 14c by executing following script.

$ $DOMAIN_HOME/startWebLogic.sh &

Browse URL https://192.168.1.9:7001/console in a web browser

20-wls-administrative-console-login

Login as Administrative user.

21-wls-dashboard

You have reached at the Weblogic Administrative Console.

 

 

 

 

Posted by at No comments:
Subscribe to: Posts (Atom)