Tuesday, April 14, 2009

BAD_CERTIFICATE in startNodeManager.sh

<14-apr-2009>
javax.net.ssl.SSLKeyException: [Security:090482]BAD_CERTIFICATE alert was received from localhost - 127.0.0.1. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertReceived(Unknown Source)
at com.certicom.tls.record.alert.AlertHandler.handle(Unknown Source)
at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.ReadHandler.read(Unknown Source)
at com.certicom.io.InputSSLIOStreamWrapper.read(Unknown Source)
at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411)
at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)
at java.io.InputStreamReader.read(InputStreamReader.java:167)
at java.io.BufferedReader.fill(BufferedReader.java:136)
at java.io.BufferedReader.readLine(BufferedReader.java:299)
at java.io.BufferedReader.readLine(BufferedReader.java:362)
at weblogic.nodemanager.server.Handler.run(Handler.java:66)
at java.lang.Thread.run(Thread.java:595)



try this:

http://e-docs.bea.com/wls/docs90/secmanage/ssl.html#1194397

and also
http://e-docs.bea.com/wls/docs90/ConsoleHelp/taskh...sableHostNameVerification.html

you should start weblogic.Server with the property:
-Dweblogic.security.SSL.ignoreHostnameVerification=true

in the startWeblogic.sh or whatever you use to start...


Also, try:

-Dweblogic.webservice.client.verbose=true
-Dweblogic.security.SSL.verbose=true
-Dssl.debug=true
-Dweblogic.StdoutDebugEnabled=true

Posted by vernetto at 7:18 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)