- I've been using the DemoIdentity.jks and DemoTrust.jks files located under <MIDDLEWARE_HOME>\wlserver_10.3\server\lib for all my certificate operations.
- I created a PrivateKey and imported it to my DemoIdentity store, created a certificate request and when I got the response imported it back using the same alias. Something I want to highlight here is that when I created the PrivateKey I left the password field empty so it supposed inherit the keystore's.
- I also imported the CA cert into the DemoTrust.jks
My MQAdapter is all set and when I used it with no SSL it was working just fine so I think I have the problem isolated.
Anyway, now when I try to connect this is what I'm getting in the logs:
at oracle.integration.platform.blocks.adapter.fw.jca.cci.JCAConnectionMa
nager$JCAConnectionPool.createJCAConnection(JCAConnectionManager.java:1335)
... 59 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java
:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyM
anagerImpl.java:113)
at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit
(KeyManagerFactoryImpl.java:48)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
at oracle.tip.adapter.mq.ManagedConnectionImpl.setupSSLSocketFactory(Man
agedConnectionImpl.java:670)
Googling this it seems like it's a problem with the keystore and private key passwords being different but I changed the private key's to match the keystore (something that I shouldn't be necessary because of the keytool's default behavior when generating the key) with no positive results.
Anyway, any ideas would be really appreciated. I've been spinning my wheels on this issue for 3 days now.
BTW, here's I'm using Oracle SOA11g.