Sunday, September 25, 2022

FMW/WLS New Configuration with Latest JDK Failing to Start - ConfigException: Identity key store file not found: DemoIdentity.jks

Symptoms

When installing Oracle Fusion Middleware and/or Oracle WebLogic Server 12c, there is a "weblogic.nodemanager.common.ConfigException: Identity key store file not found" error looking for DemoIdentity.jks. This happens for both WebLogic Server and Nodemanager startup. Full error stacks included below:

WebLogic Server:

<Feb 6, 2018 10:16:38,503 PM JST> <Alert> <Security> <BEA-090165> <Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer>
<Feb 6, 2018 10:16:38,504 PM JST> <Error> <WebLogicServer> <BEA-000297> <Inconsistent security configuration, weblogic.management.configuration.ConfigurationException: Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer>
<Feb 6, 2018 10:16:38,504 PM JST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, weblogic.management.configuration.ConfigurationException: Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer.>
<Feb 6, 2018 10:16:38,505 PM JST> <Error> <Server> <BEA-002606> <The server is unable to create a server socket for listening on channel "DefaultSecure[iiops][5]". The address 127.0.0.1 might be incorrect or another process is using port 7002: java.io.IOException: Cannot find identity keystore file <DOMAIN_HOME>/security/DemoIdentity.jks on server AdminServer>

Nodemanager:

<Feb 6, 2018 9:58:31 PM JST> <INFO> <Loading identity key store: FileName=<DOMAIN_HOME>/security/DemoIdentity.jks, Type=jks, PassPhraseUsed=true>
<Feb 6, 2018 9:58:31 PM JST> <SEVERE> <Fatal error in NodeManager server>
weblogic.nodemanager.common.ConfigException: Identity key store file not found: <DOMAIN_HOME>/security/DemoIdentity.jks
at weblogic.nodemanager.server.SSLConfig.loadKeyStoreConfig(SSLConfig.java:225)
at weblogic.nodemanager.server.SSLConfig.access$000(SSLConfig.java:33)
at weblogic.nodemanager.server.SSLConfig$1.run(SSLConfig.java:118)
at java.security.AccessController.doPrivileged(Native Method)
at weblogic.nodemanager.server.SSLConfig.<init>(SSLConfig.java:115)
at weblogic.nodemanager.server.NMServer.<init>(NMServer.java:169)
at weblogic.nodemanager.server.NMServer.getInstance(NMServer.java:134)
at weblogic.nodemanager.server.NMServer.main(NMServer.java:589)
at weblogic.NodeManager.main(NodeManager.java:31)
 

Solution:

The following is simplified steps on Linux/UNIX platform. Please see above notes about details.  If you have run the Configuration already and you have applied the PSU, you will not need the -noskid option. 

> cd $ORACLE_HOME/wlserver/server/bin

> . ./setWLSEnv.sh (that is DOT SPACE DOT SLASH setWLSEnv.sh )

> cd $DOMAIN_HOME/security

> java utils.CertGen -keyfilepass DemoIdentityPassPhrase -certfile democert -keyfile demokey -strength 2048 -noskid

> java utils.ImportPrivateKey -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -keyfile demokey.pem -keyfilepass DemoIdentityPassPhrase -certfile democert.pem -alias demoidentity

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)