Current Position:Home > Problems when setting SSL for a MQSeries Adapter

Problems when setting SSL for a MQSeries Adapter

Update:10-11Source: network consolidation
Advertisement
I'm trying to enable SSL and so far these are the steps I've done:
- I've been using the DemoIdentity.jks and DemoTrust.jks files located under <MIDDLEWARE_HOME>\wlserver_10.3\server\lib for all my certificate operations.
- I created a PrivateKey and imported it to my DemoIdentity store, created a certificate request and when I got the response imported it back using the same alias. Something I want to highlight here is that when I created the PrivateKey I left the password field empty so it supposed inherit the keystore's.
- I also imported the CA cert into the DemoTrust.jks
My MQAdapter is all set and when I used it with no SSL it was working just fine so I think I have the problem isolated.
Anyway, now when I try to connect this is what I'm getting in the logs:
at oracle.integration.platform.blocks.adapter.fw.jca.cci.JCAConnectionMa
nager$JCAConnectionPool.createJCAConnection(JCAConnectionManager.java:1335)
... 59 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java
:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyM
anagerImpl.java:113)
at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit
(KeyManagerFactoryImpl.java:48)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
at oracle.tip.adapter.mq.ManagedConnectionImpl.setupSSLSocketFactory(Man
agedConnectionImpl.java:670)
Googling this it seems like it's a problem with the keystore and private key passwords being different but I changed the private key's to match the keystore (something that I shouldn't be necessary because of the keytool's default behavior when generating the key) with no positive results.
Anyway, any ideas would be really appreciated. I've been spinning my wheels on this issue for 3 days now.
BTW, here's I'm using Oracle SOA11g.

The Best Answer

Advertisement
Hello MV,
I don't need to access my console through SSL as this is not part of what I'm trying to do.This will confirm whether SSL has been enabled on your weblogic. In your case it seems that SSL has not been enabled.
the demo keystore and truststore are regular stores and I was able to successfully import certificates into them using keytool.Demo keystores are not recommended to be used in production. Moreover DemoIdentity.jks already has a private (secret) key so importing another key may cause an issue. I don't think any application server supports multiple private keys for SSL.
I'll go ahead anyway and create a brand new set of keystores just to rule out that's not the problem here.Please test with new custom keystores and let us know the results.
Regards,
Anuj
  • Problems when setting SSL for a MQSeries Adapter Update:10-11

    I'm trying to enable SSL and so far these are the steps I've done: - I've been using the DemoIdentity.jks and DemoTrust.jks files located under <MIDDLEWARE_HOME>\wlserver_10.3\server\lib for all my certificate operations. - I created a PrivateKey an

  • Problem enabling SSL on a MQSeries Adapter Update:10-11

    I'm trying to enable SSL and so far these are the steps I've done: - I've been using the DemoIdentity.jks and DemoTrust.jks files located under <MIDDLEWARE_HOME>\wlserver_10.3\server\lib for all my certificate operations. - I created a PrivateKey an

  • Client Auth  and SSL with Seeburger AS2 adapter Update:10-11

    Hello All, We are using the Seeburger AS2 adapter in our landscape and I am in the process of setting the same up and have made quite some progress in all my issues. and I  hope that you will be able to help me out. 1. Server SSL on Receiver AS2 adap

  • Configure SSL in J2SE Plain adapter Update:10-11

    I tryed to configure SSL in J2SE Plain adapter. (7.0) I've generated a certificate file "certif_file.cer" and while I put in GUIBrowserEngine Property File the following line: HTTP.SSLcertificate=F:\tech_adapter_70\certif_file.cer I've got the f

  • Mqseries adapter on platform domain Update:11-30

    I've got a problem with BEA WebLogic Adapter for MQSeries, release 7.0. I'm using Platform Domain and when I try to test the adapter I get this kind of errors: ERROR [MQService] WMQService: {4.2} NoClassDef exception processing agent XDMQEmitAgent: c

  • Problem reading JMS message received from MQSeries Update:11-30

    I have a message listener listening on an MQSeries queue. I'm expecting a text message back, but what I get is partially listed below. Any idee's to what I need to do would be greatly received. thanks JMS Message class: jms_bytes JMSType: null JMSDel

  • HT4060 iPad will not charge if hooked by USB to pc or plugged into wall.  How do I know if the problem is with iPad, cable or power adapter.  I have a 12, 10 and 5W adapters no success with any.  Only one lightening cable so can't swap cables. Update:10-11

    iPad will not charge if hooked by USB to pc or plugged into wall.  How do I know if the problem is with iPad, cable or power adapter.  I have a 12, 10 and 5W adapters no success with any.  Only one lightening cable so can't swap cables.I'm sorry but

  • MQSeries Adapter and adapters in general Update:11-30

    I've tried the MQSeries Adapter and the Siebel Adapter and both give me the following exception at runtime through the test harness. I have included the com.ibm.mq.MQException class through the jar (com.ibm.mq.jar) by setting the CLASSPATH env var in

  • Error using SSL on Receiver Soap Adapter Update:10-11

    Hi there, I'm having some problems on connecting to a third-party application running a webservice (meaning, through Receiver Soap Adapter). The third-party appl. demands us to use a SSL connection (its url starts with https), with user authenticatio

  • FTP over SSL connectivity in File Adapter Update:10-11

    Hi All,   I request your suggestion on my problem.  I have a scenario idoc to file where I am connecting to my vendor server throught SFTP (Ftp over SSL).  In this my vendor specifically told that to obtain secure FTP connectivity to their server the