wood burning stoves 2.0*
The moose likes BEA/Weblogic and the fly likes BAD_CERTIFICATE alert Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "BAD_CERTIFICATE alert " Watch "BAD_CERTIFICATE alert " New topic
Author

BAD_CERTIFICATE alert

nikks0101
Greenhorn

Joined: Mar 22, 2004
Posts: 2
Hi All,
I am setting up Weblogic8.1 to run in production mode using JRocketJVM having an admin instance and a managing instance. Iniatially, when I set up I was running Weblogic on 7010(Admin), 7012(where all Applications wil be deployed). The server instances ran fine.
Then, I modified the configuration from console application and Enabled Administration Port on 9002. I restarted the server, but the server instance running as managed server instance(7012) fails to start. The following error I see on the command line:
<Warning> <Security> <BEA-090482> <BAD_CERTIFICATE alert was received from <supernet-test.YMCA.NET - 10.17.4.19. Check the peer to determine why it rejected the certificate <trusted CA configuration, hostname verifcation>. SSl debug tracing may be required to determine the exact reason the certificate was rejected>.
thank you,
-nikhil
Alexandre Fidalgo
Greenhorn

Joined: Apr 14, 2004
Posts: 1
First: excuse my bad english.
I have same problem. You know some soluction ?
I am trying...
Thanks
Dilip Karki
Greenhorn

Joined: Apr 20, 2004
Posts: 20
Check that you have SSL configured correctly on the admin server and that the CA of the managed server certs are trusted by the admin server.
By electing to have an administration port, you have elected to use SSL between admin and managed servers. The erorr you are seeing, seems to indicate that the admin server has a problem trusting the managed server's certificate.


BEA Certified WebLogic Server Specialist.<br />Author of Whizlabs Weblogic 7.0 Simulator:<br /><a href="http://www.whizlabs.com/weblogic/weblogic.html" target="_blank" rel="nofollow">http://www.whizlabs.com/weblogic/weblogic.html</a><p>Moderator of Whizlabs Weblogic Certification forum:<br /><a href="http://www.whizlabs.com/ubbthreads/postlist.php?Cat=&Board=Weblogic" target="_blank" rel="nofollow">http://www.whizlabs.com/ubbthreads/postlist.php?Cat=&Board=Weblogic</a>
Klaus Kreuzwieser
Greenhorn

Joined: Dec 19, 2009
Posts: 1
The error "... BEA-090482 ... BAD_CERTIFICATE ... hostname verifcation ..." indicates that the common name (cn) of the server's private key does not match the expected server name.
This is very good documented under Limitation on CertGen Usage.

To solve the issue correct the common name (cn) of the private key or disable host name verification (Java option -Dweblogic.security.SSL.ignoreHostnameVerification=true).

If you are using the WebLogic demo identity and trust you can create a new private key with these commands:

JAVA_HOME=/opt/weblogic/jdk160_14
WL_HOME=/opt/weblogic/wlserver_10.3
PATH=$JAVA_HOME/bin:$PATH
export PATH

. $WL_HOME/server/bin/setWLSEnv.sh

java utils.CertGen -cn YOURSERVER.DOMAIN.COM -keyfilepass DemoIdentityPassPhrase -certfile mycert -keyfile mykey

java utils.ImportPrivateKey -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -keyfile mykey.pem -keyfilepass DemoIdentityPassPhrase -certfile mycert.pem -alias demoidentity

Copy the newly created demo identity key store to $WL_HOME/server/lib directory.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: BAD_CERTIFICATE alert
 
Similar Threads
NodeManager Error in WLS81
WLSERVER ANT TASK
2-way ssl not working: bad certificate
Problem in starting Nodemanager in weblogic 8.1
Cannot start managed server