OpenAM Weblogic Policy Agent - Handshake failure

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenAM Weblogic Policy Agent - Handshake failure

juan_manuel.zarzuelo.diaz
Hi all,

This is my first question on the list.

We are integrating OpenAM with Oracle Identity Manager and we receives an error after deploy the agentapp.war on WLS:

amNaming:02/24/2016 10:17:53:417 AM CET: Thread[SystemTimer,5,Pooled Threads]
SiteStatusCheckThreadImpl.doCheckSiteStatus: check https://openamloadbalancer:443/opensso/namingservice
amNaming:02/24/2016 10:17:53:426 AM CET: Thread[SystemTimer,5,Pooled Threads]
URLChecker.checkSocketConnection() returning true for https://openamloadbalancer:443/opensso/namingservice
PLLClient:02/24/2016 10:17:53:439 AM CET: Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]
PLLClient send exception:
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.

We've added the load balancer certificate on JDK cacerts container and also in WLS Trust container.

Are we doing it well?

Thank you in advance.

Regards,
Juanma

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.


_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: OpenAM Weblogic Policy Agent - Handshake failure

Bernhard Thalmayr
The error seems not to be related to a trust issue ...


BTW if you want to hide your original URLs you should do it correctly
...
'https://ssoweb.int.i-administracion.junta-andalucia.es:443/opensso/namingservice'


-Bernhard


Am 24/02/16 um 11:19 schrieb [hidden email]:

> Hi all,
>
> This is my first question on the list.
>
> We are integrating OpenAM with Oracle Identity Manager and we receives
> an error after deploy the agentapp.war on WLS:
>
> /amNaming:02/24/2016 10:17:53:417 AM CET: Thread[SystemTimer,5,Pooled
> Threads]/
> /SiteStatusCheckThreadImpl.doCheckSiteStatus: check
> //https://openamloadbalancer:443/opensso/namingservice/
> <https://ssoweb.int.i-administracion.junta-andalucia.es:443/opensso/namingservice>
>
> /amNaming:02/24/2016 10:17:53:426 AM CET: Thread[SystemTimer,5,Pooled
> Threads]/
> /URLChecker.checkSocketConnection() returning true for
> //https://openamloadbalancer:443/opensso/namingservice/
> <https://ssoweb.int.i-administracion.junta-andalucia.es:443/opensso/namingservice>
>
> /PLLClient:02/24/2016 10:17:53:439 AM CET: Thread[[ACTIVE]
> ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)',5,Pooled Threads]/
> /PLLClient send exception:/
> /javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt
> or unuseable certificate was received./
>
> We've added the load balancer certificate on JDK cacerts container and
> also in WLS Trust container.
>
> Are we doing it well?
>
> Thank you in advance.
>
> Regards,
> Juanma
> ------------------------------------------------------------------------
>
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material. Any review, retransmission, dissemination or other use of, or
> taking of any action in reliance upon, this information by persons or
> entities other than the intended recipient is prohibited. If you
> received this in error, please contact the sender and delete the
> material from any computer.
>
>
>
> _______________________________________________
> Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
> OpenAM mailing list
> [hidden email]
> https://lists.forgerock.org/mailman/listinfo/openam
>


--
Painstaking Minds
IT-Consulting Bernhard Thalmayr
Herxheimer Str. 5, 83620 Vagen (Munich area), Germany
Tel: +49 (0)8062 7769174
Mobile: +49 (0)176 55060699

[hidden email] - Solution Architect
http://www.xing.com/profile/Bernhard_Thalmayr
http://de.linkedin.com/in/bernhardthalmayr

This e-mail may contain confidential and/or privileged information.If
you are not the intended recipient (or have received this email in
error) please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam