” for domain “mohan” running in development mode.>
<Oct 21, 2013 1:03:19 AM SGT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING.>
<Oct 21, 2013 1:03:19 AM SGT> <Notice> <WebLogicServer> <BEA-000360> <The server started in RUNNING mode.>
<Oct 21, 2013 1:03:49 AM SGT> <Warning> <Security> <BEA-090504> <Certificate chain received from cluster2.rmohan.com – 192.168.1.41 failed hostname verification check. Certificate contained cluster1.rmohan.com but check expected cluster2.rmohan.com>
<Oct 21, 2013 1:03:49 AM SGT> <Warning> <Security> <BEA-090504> <Certificate chain received from cluster2.rmohan.com – 192.168.1.41 failed hostname verification check. Certificate contained cluster1.rmohan.com but check expected cluster2.rmohan.com>
<Oct 21, 2013 1:06:16 AM SGT> <Warning> <netuix> <BEA-423420> <Redirect is executed in begin or refresh action. Redirect url is /console/console.portal?_nfpb=true&_pageLabel=ServerControlServersPage.>
<Oct 21, 2013 1:06:51 AM SGT> <Warning> <Security> <BEA-090504> <Certificate chain received from cluster2.rmohan.com – 192.168.1.41 failed hostname verification check. Certificate contained cluster1.rmohan.com but check expected cluster2.rmohan.com>
<Oct 21, 2013 1:06:51 AM SGT> <Warning> <Security> <BEA-090504> <Certificate chain received from cluster2.rmohan.com – 192.168.1.41 failed hostname verification check. Certificate contained cluster1.rmohan.com but check expected cluster2.rmohan.com>
<Oct 21, 2013 1:06:57 AM SGT> <Warning> <Socket> <BEA-000449> <Closing the socket, as no data read from it on 192.168.1.2:51,146 during the configured idle timeout of 5 seconds.>
<Oct 21, 2013 1:06:57 AM SGT> <Warning> <Socket> <BEA-000449> <Closing the socket, as no data read from it on 192.168.1.2:51,145 during the configured idle timeout of 5 seconds.>
BEA-090504 – Certificate chain received from localhost – 127.0.0.1 failed hostname verification check. Certificate contained xyz.abc.com but check expected localhost
OR
BEA-090482 – BAD_CERTIFICATE alert was received from localhost.localdomain – 127.0.0.1. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.
There are two ways to solve it.
1. Disable Flags – Jugaad way 😉
Put the following flags at the right places.
Node Manager: -Dweblogic.nodemanager.sslHostNameVerificationEnabled=false
Admin Server: -Dweblogic.security.SSL.ignoreHostnameVerification=true
2. Recreate the Certificates – The recommended way.
Node manager by default uses the WebLogic demo identity keystore. The keystore is generated at install time using the CertGen utility. The generated private key uses the common name (cn) resolved by Java.
2.1 Set the PATH
. $WL_HOME/server/bin/setWLSEnv.sh
2.2 Backup DemoIdentity.jks under $WL_HOME/server/lib
2.3 Generate the private key.
java utils.CertGen -cn -keyfilepass DemoIdentityPassPhrase -certfile newcert -keyfile newkey
2.4 Import the key generated above to the keystore.
java utils.ImportPrivateKey -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -keyfile newkey.pem -keyfilepass DemoIdentityPassPhrase -certfile newcert.pem -alias demoidentity
2.5 Copy DemoIdentity.jks to $WL_HOME/server/lib
2.6 Restart your nodemanager.
Recent Comments