Tuesday, October 27, 2020

javax.net.ssl.SSLHandshakeException: General SSLEngine problem

  ERROR : 

Connecting to Node Manager ...

<Jun 15, 2020 8:47:01 PM EDT> <Info> <Security> <BEA-090905> <Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.>

<Jun 15, 2020 8:47:01 PM EDT> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG128 to HMACDRBG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true.>

<Jun 15, 2020 8:47:01 PM EDT> <Info> <Security> <BEA-090909> <Using the configured custom SSL Hostname Verifier implementation: weblogic.security.utils.SSLWLSHostnameVerifier$NullHostnameVerifier.>

This Exception occurred at Mon Jun 15 20:47:02 EDT 2020.

javax.net.ssl.SSLHandshakeException: General SSLEngine problem

Error: Error occurred while performing nmConnect : Cannot connect to Node Manager. : General SSLEngine problem

Use dumpStack() to view the full stacktrace :



SOLUTION : 


[user@node1 bin]$ cd $DOMAIN_HOME/bin

[appuser@node1 bin]$ ]$ cp node1-new-PKCS-12.p12 cert1.ccc cert2.ccc $JAVA_HOME/jre/lib/security

-bash: ]$: command not found

[user@node1 bin]$ ls node1-new-PKCS-12.p12 cert1.ccc cert2.ccc

node1-new-PKCS-12.p12  cert1.ccc  cert2.ccc

[user@node1 bin]$ ls -dl $JAVA_HOME/jre/lib/security

drwxr-xr-x 3 user wcc 10 Apr 21 10:43 $JAVA_HOME/jre/lib/security

[user@node1 bin]$ cp node1-new-PKCS-12.p12 cert1.ccc cert2.ccc $JAVA_HOME/jre/lib/security

[user@node1 bin]$ export JAVA_HOME=/<path>/jdk

[user@node1 bin]$ export PATH=$JAVA_HOME/bin:$PATH

[user@node1 bin]$ which java

$JAVA_HOME/bin/java

[user@node1 bin]$ cd $JAVA_HOME/jre/lib/security

[user@node1 security]$

[user@node1 security]$ keytool -importkeystore -deststorepass password -destkeystore cacerts -srckeystore node1-new-PKCS-12.p12 -srcstoretype PKCS12

Importing keystore node1-new-PKCS-12.p12 to cacerts...

Enter source keystore password:

Entry for alias node1 successfully imported.

Import command completed:  1 entries successfully imported, 0 entries failed or cancelled


Warning:

The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore cacerts -destkeystore cacerts -deststoretype pkcs12".

[user@node1 security]$

You have new mail in /var/spool/mail/user

[user@node1 security]$

[user@node1 security]$

[user@node1 security]$ keytool -import  -trustcacerts -alias ******* -file cert1.ccc -keystore cacerts -storepass password

Certificate was added to keystore


Warning:

The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore cacerts -destkeystore cacerts -deststoretype pkcs12".

[user@node1 security]$


START OHS NOW

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)