weblogic certificate import issue
I am using jdk 1.8 for weblogic 12.2.1.3 with the SOA suite. I have to import one certificate from the webserver to the application server. I have downloaded the certificate from the webserver and tried to import it in default cacerts
. Path is /u01/oracle/products/jdk/jre/lib/security/cacerts
My certificate is imported as I am getting a message saying certificate is added. But when i am trying to call the soap URL I am getting an error as below
<bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://stageosb.au.ar/restricted/soasession" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
So I went to check the certificate I have imported by listing them with alias name with below command
keytool -list -v -keystore cacerts -storepass changeit | grep "Alias name:"
I got list of certificates installed. In that list I saw my certificate also mentioned there with one weird thing: All certificates installed from previously have jdk
at the end. But for my certificates which I am importing it is not showing jdk
at last of it. please see below
Alias name: popcasca
Alias name: verisignclass1g2ca [jdk]
Alias name: comodoaaaca [jdk]
Alias name: geotrustprimarycag2 [jdk]
Alias name: globalsignr3ca [jdk]
popcasca is my certificate installed in cacerts but there is no jdk
mentioned here. What could be the reason for this. Any help.
Regards
java ssl ssl-certificate soa weblogic12c
add a comment |
I am using jdk 1.8 for weblogic 12.2.1.3 with the SOA suite. I have to import one certificate from the webserver to the application server. I have downloaded the certificate from the webserver and tried to import it in default cacerts
. Path is /u01/oracle/products/jdk/jre/lib/security/cacerts
My certificate is imported as I am getting a message saying certificate is added. But when i am trying to call the soap URL I am getting an error as below
<bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://stageosb.au.ar/restricted/soasession" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
So I went to check the certificate I have imported by listing them with alias name with below command
keytool -list -v -keystore cacerts -storepass changeit | grep "Alias name:"
I got list of certificates installed. In that list I saw my certificate also mentioned there with one weird thing: All certificates installed from previously have jdk
at the end. But for my certificates which I am importing it is not showing jdk
at last of it. please see below
Alias name: popcasca
Alias name: verisignclass1g2ca [jdk]
Alias name: comodoaaaca [jdk]
Alias name: geotrustprimarycag2 [jdk]
Alias name: globalsignr3ca [jdk]
popcasca is my certificate installed in cacerts but there is no jdk
mentioned here. What could be the reason for this. Any help.
Regards
java ssl ssl-certificate soa weblogic12c
add a comment |
I am using jdk 1.8 for weblogic 12.2.1.3 with the SOA suite. I have to import one certificate from the webserver to the application server. I have downloaded the certificate from the webserver and tried to import it in default cacerts
. Path is /u01/oracle/products/jdk/jre/lib/security/cacerts
My certificate is imported as I am getting a message saying certificate is added. But when i am trying to call the soap URL I am getting an error as below
<bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://stageosb.au.ar/restricted/soasession" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
So I went to check the certificate I have imported by listing them with alias name with below command
keytool -list -v -keystore cacerts -storepass changeit | grep "Alias name:"
I got list of certificates installed. In that list I saw my certificate also mentioned there with one weird thing: All certificates installed from previously have jdk
at the end. But for my certificates which I am importing it is not showing jdk
at last of it. please see below
Alias name: popcasca
Alias name: verisignclass1g2ca [jdk]
Alias name: comodoaaaca [jdk]
Alias name: geotrustprimarycag2 [jdk]
Alias name: globalsignr3ca [jdk]
popcasca is my certificate installed in cacerts but there is no jdk
mentioned here. What could be the reason for this. Any help.
Regards
java ssl ssl-certificate soa weblogic12c
I am using jdk 1.8 for weblogic 12.2.1.3 with the SOA suite. I have to import one certificate from the webserver to the application server. I have downloaded the certificate from the webserver and tried to import it in default cacerts
. Path is /u01/oracle/products/jdk/jre/lib/security/cacerts
My certificate is imported as I am getting a message saying certificate is added. But when i am trying to call the soap URL I am getting an error as below
<bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://stageosb.au.ar/restricted/soasession" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
So I went to check the certificate I have imported by listing them with alias name with below command
keytool -list -v -keystore cacerts -storepass changeit | grep "Alias name:"
I got list of certificates installed. In that list I saw my certificate also mentioned there with one weird thing: All certificates installed from previously have jdk
at the end. But for my certificates which I am importing it is not showing jdk
at last of it. please see below
Alias name: popcasca
Alias name: verisignclass1g2ca [jdk]
Alias name: comodoaaaca [jdk]
Alias name: geotrustprimarycag2 [jdk]
Alias name: globalsignr3ca [jdk]
popcasca is my certificate installed in cacerts but there is no jdk
mentioned here. What could be the reason for this. Any help.
Regards
java ssl ssl-certificate soa weblogic12c
java ssl ssl-certificate soa weblogic12c
edited Nov 15 '18 at 10:21
Ashish Kamble
725620
725620
asked Nov 15 '18 at 5:52
Amit PrasadAmit Prasad
64
64
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Your server will be referring to DemoTrust.jks. So just updating cacerts will not help.
You need to remove below line from setDomainEnv[.cmd|.sh].
“-Djavax.net.ssl.trustStore=%WL_HOME%serverlibDemoTrust.jks”
For more details refer: https://sswaro.wordpress.com/pkix-path-building-failed-in-soa/
add a comment |
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53313219%2fweblogic-certificate-import-issue%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Your server will be referring to DemoTrust.jks. So just updating cacerts will not help.
You need to remove below line from setDomainEnv[.cmd|.sh].
“-Djavax.net.ssl.trustStore=%WL_HOME%serverlibDemoTrust.jks”
For more details refer: https://sswaro.wordpress.com/pkix-path-building-failed-in-soa/
add a comment |
Your server will be referring to DemoTrust.jks. So just updating cacerts will not help.
You need to remove below line from setDomainEnv[.cmd|.sh].
“-Djavax.net.ssl.trustStore=%WL_HOME%serverlibDemoTrust.jks”
For more details refer: https://sswaro.wordpress.com/pkix-path-building-failed-in-soa/
add a comment |
Your server will be referring to DemoTrust.jks. So just updating cacerts will not help.
You need to remove below line from setDomainEnv[.cmd|.sh].
“-Djavax.net.ssl.trustStore=%WL_HOME%serverlibDemoTrust.jks”
For more details refer: https://sswaro.wordpress.com/pkix-path-building-failed-in-soa/
Your server will be referring to DemoTrust.jks. So just updating cacerts will not help.
You need to remove below line from setDomainEnv[.cmd|.sh].
“-Djavax.net.ssl.trustStore=%WL_HOME%serverlibDemoTrust.jks”
For more details refer: https://sswaro.wordpress.com/pkix-path-building-failed-in-soa/
answered Jan 22 at 19:37
Datta1Datta1
111
111
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53313219%2fweblogic-certificate-import-issue%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown