This discussion is archived
8 Replies Latest reply: Jan 23, 2013 12:47 AM by zari RSS

Config SSL in OHS and Weblogic

zari Newbie
Currently Being Moderated
Hi everyone,

I use weblogic 10.3.6. I want to config wls and ohs for SSL. I get a certificate that it's DN is like DN=*.mydomain.com.
I read some article that mention DN must be domain name exactly. I config wls and ohs but when I connect by https://test.mydomain.com (for example) nothing happen. is it for my DN name in my certificate ?

Thanks very much.
  • 1. Re: Config SSL in OHS and Weblogic
    Kalyan Pasupuleti-Oracle Expert
    Currently Being Moderated
    Hi Zari,

    follow KM article.

    Configuring Mod_wl_ohs to use SSL between Oracle HTTP Server and Weblogic Server in FMW 11g (11.1.1.X)

    KM Doc ID 1268723.1

    try to check in your MOS.

    Regards,
    kal
  • 2. Re: Config SSL in OHS and Weblogic
    zari Newbie
    Currently Being Moderated
    Hi Kalyan Pasupuleti,

    Thank you very much for your response. I studied KM Doc ID 1268723.1 and some other documents.
    I 'm confused I have a weblogic and Oracle http server and web cache. I want to use SSL But I don't know how can I do that?? some of my question are

    1. I get some certificate for IIS and apache webserver can I use this certificate without create csr ?

    2.if answer of first question is no how many csr file I must create ? I create csr from keytool for weblogic or create csr file for wallet in OHS or webCache?


    please help me.
  • 3. Re: Config SSL in OHS and Weblogic
    zari Newbie
    Currently Being Moderated
    hi every body,

    I config ssl on weblogic and ohs finally. when I check weblogic port for ssl every thing in OK but when I check ohs port that I config for ssl to redirect to weblogic, bellow error show on browser :

    Failure of server APACHE bridge:

    No backend server available for connection: timed out after 10 seconds or idempotent set to OFF or method not idempotent.

    and when I check ohs log I see :

    +2013-01-21T08:45:14.8881+03:30 <324813587453142> ================New Request: [GET /favicon.ico HTTP/1.1] =================+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> Using Uri /favicon.ico+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> After trimming path: '/favicon.ico'+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> adding prepend path: /CRM+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> The final request string is '/CRM/favicon.ico'+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> SEARCHING id=[localhost:7002,localhost:7005] from current ID=[localhost:7003,localhost:7004]+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> SEARCHING id=[localhost:7002,localhost:7005] from current ID=[localhost:7002,localhost:7005]+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> The two ids matched+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> @@@FOUND...id=[localhost:7002,localhost:7005], server_name=[*.khorasansteel.com], server_port=[7777]+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> getPreferred: availcookie=[JSESSIONID=LNfCQ8TKY3p6CL8JTTBzh6PGDV69HK902hPXnlfzB4pKvV125d8j!-1221882455]+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> Found cookie from cookie header: JSESSIONID=LNfCQ8TKY3p6CL8JTTBzh6PGDV69HK902hPXnlfzB4pKvV125d8j!-1221882455+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> Parsing cookie JSESSIONID=LNfCQ8TKY3p6CL8JTTBzh6PGDV69HK902hPXnlfzB4pKvV125d8j!-1221882455+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> getpreferredServersFromCookie: [-1221882455]+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> primaryJVMID: [-1221882455], secondaryJVMID: []+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> No of JVMIDs found in cookie: 1+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> Number of nodes in the list: 2+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> SrvrInfo 0 with JVMID: NULL+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> SrvrInfo 1 with JVMID: NULL+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> getPreferredFromCookie: Start Position is 1, listLen is 2+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> getPreferredFromCookie: Either JVMIDs not set or they are stale. Will try to get JVMIDs from WLS+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> initJVMID: Iterating SrvrList from position 1+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> initJVMID: Server is either Marked BAD or not accepting new requests. Ignoring 127.0.0.1/7005/7005+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> initJVMID: Server is either Marked BAD or not accepting new requests. Ignoring /0/0+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> getPreferredFromCookie: Found 0 servers+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> attempt #0 out of a max of 5+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> No good servers left in the general list, reverting back to the static list+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> --------------------------Entering method freeSrvrList-----------------------------+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> --------------------------Exiting method freeSrvrList-----------------------------+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> parseServerList: Socket Address hostnames 'localhost:7002,localhost:7005'+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:14.8881+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:15.9021+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:15.9021+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:16.9161+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:16.9161+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:16.9161+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:16.9161+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:17.9301+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:17.9301+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:18.9285+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:18.9285+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:18.9285+03:30 <324813587453142> Initializing lastIndex=1 for a list of length=2+
    +2013-01-21T08:45:18.9285+03:30 <324813587453142> keepAlive = 1, canRecycle = 1+
    +2013-01-21T08:45:18.9285+03:30 <324813587453142> Trying a pooled connection for '127.0.0.1/7005/7005'+
    +2013-01-21T08:45:18.9285+03:30 <324813587453142> getPooledConn: found a host and port/securePort match+
    +2013-01-21T08:45:18.9285+03:30 <324813587453142> getPooledConn: No more connections in the pool for Host[127.0.0.1] Port[7005] SecurePort[7005]+
    +2013-01-21T08:45:18.9285+03:30 <324813587453142> general list: trying connect to '127.0.0.1'/7005/7005 at line 2378 for '/CRM/favicon.ico'+
    +2013-01-21T08:45:19.9425+03:30 <324813587453142> *******Exception type [CONNECTION_REFUSED] (apr_socket_connect call failed with error=730061, host=127.0.0.1, port=7005 ) raised at line 1590 of ../common/URL.cpp+
    +2013-01-21T08:45:19.9425+03:30 <324813587453142> Sleeping for 2 seconds+
    +2013-01-21T08:45:21.9549+03:30 <324813587453142> attempt #1 out of a max of 5+
    +2013-01-21T08:45:21.9549+03:30 <324813587453142> No good servers left in the general list, reverting back to the static list+
    +2013-01-21T08:45:21.9549+03:30 <324813587453142> --------------------------Entering method freeSrvrList-----------------------------+
    +2013-01-21T08:45:21.9549+03:30 <324813587453142> --------------------------Exiting method freeSrvrList-----------------------------+
    +2013-01-21T08:45:21.9549+03:30 <324813587453142> parseServerList: Socket Address hostnames 'localhost:7002,localhost:7005'+
    +2013-01-21T08:45:21.9549+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:21.9549+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:22.9845+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:22.9845+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:23.9985+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:23.9985+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:23.9985+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:23.9985+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:25.0281+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:25.0281+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:26.0577+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:26.0577+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:26.0577+03:30 <324813587453142> Initializing lastIndex=1 for a list of length=2+
    +2013-01-21T08:45:26.0577+03:30 <324813587453142> keepAlive = 1, canRecycle = 1+
    +2013-01-21T08:45:26.0577+03:30 <324813587453142> Trying a pooled connection for '127.0.0.1/7005/7005'+
    +2013-01-21T08:45:26.0577+03:30 <324813587453142> getPooledConn: found a host and port/securePort match+
    +2013-01-21T08:45:26.0577+03:30 <324813587453142> getPooledConn: No more connections in the pool for Host[127.0.0.1] Port[7005] SecurePort[7005]+
    +2013-01-21T08:45:26.0577+03:30 <324813587453142> general list: trying connect to '127.0.0.1'/7005/7005 at line 2378 for '/CRM/favicon.ico'+
    +2013-01-21T08:45:27.0717+03:30 <324813587453142> *******Exception type [CONNECTION_REFUSED] (apr_socket_connect call failed with error=730061, host=127.0.0.1, port=7005 ) raised at line 1590 of ../common/URL.cpp+
    +2013-01-21T08:45:27.0717+03:30 <324813587453142> Sleeping for 2 seconds+
    +2013-01-21T08:45:29.0841+03:30 <324813587453142> attempt #2 out of a max of 5+
    +2013-01-21T08:45:29.0841+03:30 <324813587453142> No good servers left in the general list, reverting back to the static list+
    +2013-01-21T08:45:29.0841+03:30 <324813587453142> --------------------------Entering method freeSrvrList-----------------------------+
    +2013-01-21T08:45:29.0841+03:30 <324813587453142> --------------------------Exiting method freeSrvrList-----------------------------+
    +2013-01-21T08:45:29.0841+03:30 <324813587453142> parseServerList: Socket Address hostnames 'localhost:7002,localhost:7005'+
    +2013-01-21T08:45:29.0841+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:29.0841+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:30.1137+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:30.1137+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:31.1277+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:31.1277+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:31.1277+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:31.1277+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:32.1417+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:32.1417+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:33.1557+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:33.1557+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:33.1557+03:30 <324813587453142> Initializing lastIndex=0 for a list of length=2+
    +2013-01-21T08:45:33.1557+03:30 <324813587453142> keepAlive = 1, canRecycle = 1+
    +2013-01-21T08:45:33.1557+03:30 <324813587453142> Trying a pooled connection for '127.0.0.1/7005/7005'+
    +2013-01-21T08:45:33.1557+03:30 <324813587453142> getPooledConn: found a host and port/securePort match+
    +2013-01-21T08:45:33.1557+03:30 <324813587453142> getPooledConn: No more connections in the pool for Host[127.0.0.1] Port[7005] SecurePort[7005]+
    +2013-01-21T08:45:33.1557+03:30 <324813587453142> general list: trying connect to '127.0.0.1'/7005/7005 at line 2378 for '/CRM/favicon.ico'+
    +2013-01-21T08:45:34.1853+03:30 <324813587453142> *******Exception type [CONNECTION_REFUSED] (apr_socket_connect call failed with error=730061, host=127.0.0.1, port=7005 ) raised at line 1590 of ../common/URL.cpp+
    +2013-01-21T08:45:34.1853+03:30 <324813587453142> Sleeping for 2 seconds+
    +2013-01-21T08:45:36.1977+03:30 <324813587453142> attempt #3 out of a max of 5+
    +2013-01-21T08:45:36.1977+03:30 <324813587453142> No good servers left in the general list, reverting back to the static list+
    +2013-01-21T08:45:36.1977+03:30 <324813587453142> --------------------------Entering method freeSrvrList-----------------------------+
    +2013-01-21T08:45:36.1977+03:30 <324813587453142> --------------------------Exiting method freeSrvrList-----------------------------+
    +2013-01-21T08:45:36.1977+03:30 <324813587453142> parseServerList: Socket Address hostnames 'localhost:7002,localhost:7005'+
    +2013-01-21T08:45:36.1977+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:36.1977+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:37.2273+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:37.2273+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:38.2569+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:38.2569+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:38.2569+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:38.2569+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:39.2865+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:39.2865+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:40.3161+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:40.3161+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:40.3161+03:30 <324813587453142> Initializing lastIndex=1 for a list of length=2+
    +2013-01-21T08:45:40.3161+03:30 <324813587453142> keepAlive = 1, canRecycle = 1+
    +2013-01-21T08:45:40.3161+03:30 <324813587453142> Trying a pooled connection for '127.0.0.1/7005/7005'+
    +2013-01-21T08:45:40.3161+03:30 <324813587453142> getPooledConn: found a host and port/securePort match+
    +2013-01-21T08:45:40.3161+03:30 <324813587453142> getPooledConn: No more connections in the pool for Host[127.0.0.1] Port[7005] SecurePort[7005]+
    +2013-01-21T08:45:40.3161+03:30 <324813587453142> general list: trying connect to '127.0.0.1'/7005/7005 at line 2378 for '/CRM/favicon.ico'+
    +2013-01-21T08:45:41.3457+03:30 <324813587453142> *******Exception type [CONNECTION_REFUSED] (apr_socket_connect call failed with error=730061, host=127.0.0.1, port=7005 ) raised at line 1590 of ../common/URL.cpp+
    +2013-01-21T08:45:41.3457+03:30 <324813587453142> Sleeping for 2 seconds+
    +2013-01-21T08:45:43.3581+03:30 <324813587453142> attempt #4 out of a max of 5+
    +2013-01-21T08:45:43.3581+03:30 <324813587453142> No good servers left in the general list, reverting back to the static list+
    +2013-01-21T08:45:43.3581+03:30 <324813587453142> --------------------------Entering method freeSrvrList-----------------------------+
    +2013-01-21T08:45:43.3581+03:30 <324813587453142> --------------------------Exiting method freeSrvrList-----------------------------+
    +2013-01-21T08:45:43.3581+03:30 <324813587453142> parseServerList: Socket Address hostnames 'localhost:7002,localhost:7005'+
    +2013-01-21T08:45:43.3581+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:43.3581+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:44.3721+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:44.3721+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:45.4017+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:45.4017+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:45.4017+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:45.4017+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:46.4001+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:46.4001+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:47.3985+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:47.3985+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:47.3985+03:30 <324813587453142> Initializing lastIndex=1 for a list of length=2+
    +2013-01-21T08:45:47.3985+03:30 <324813587453142> keepAlive = 1, canRecycle = 1+
    +2013-01-21T08:45:47.3985+03:30 <324813587453142> Trying a pooled connection for '127.0.0.1/7005/7005'+
    +2013-01-21T08:45:47.3985+03:30 <324813587453142> getPooledConn: found a host and port/securePort match+
    +2013-01-21T08:45:47.3985+03:30 <324813587453142> getPooledConn: No more connections in the pool for Host[127.0.0.1] Port[7005] SecurePort[7005]+
    +2013-01-21T08:45:47.3985+03:30 <324813587453142> general list: trying connect to '127.0.0.1'/7005/7005 at line 2378 for '/CRM/favicon.ico'+
    +2013-01-21T08:45:48.4282+03:30 <324813587453142> *******Exception type [CONNECTION_REFUSED] (apr_socket_connect call failed with error=730061, host=127.0.0.1, port=7005 ) raised at line 1590 of ../common/URL.cpp+
    +2013-01-21T08:45:48.4282+03:30 <324813587453142> Sleeping for 2 seconds+
    +2013-01-21T08:45:50.4406+03:30 <324813587453142> attempt #5 out of a max of 5+
    +2013-01-21T08:45:50.4406+03:30 <324813587453142> No good servers left in the general list, reverting back to the static list+
    +2013-01-21T08:45:50.4406+03:30 <324813587453142> --------------------------Entering method freeSrvrList-----------------------------+
    +2013-01-21T08:45:50.4406+03:30 <324813587453142> --------------------------Exiting method freeSrvrList-----------------------------+
    +2013-01-21T08:45:50.4406+03:30 <324813587453142> parseServerList: Socket Address hostnames 'localhost:7002,localhost:7005'+
    +2013-01-21T08:45:50.4406+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:50.4406+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:51.4702+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:51.4702+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:52.4842+03:30 <324813587453142> parseServerList: localhost:7002 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:52.4842+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:52.4842+03:30 <324813587453142> Host extracted from serverlist is [localhost]+
    +2013-01-21T08:45:52.4842+03:30 <324813587453142> parseServerList: trying IP addr ::1+
    +2013-01-21T08:45:53.5138+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:53.5138+03:30 <324813587453142> parseServerList: trying IP addr 127.0.0.1+
    +2013-01-21T08:45:54.5434+03:30 <324813587453142> parseServerList: localhost:7005 apr_socket_connect error [730061] No connection could be made because the target machine actively refused it.+

    +2013-01-21T08:45:54.5434+03:30 <324813587453142> parseServerList: IP from socket Address [127.0.0.1]+
    +2013-01-21T08:45:54.5434+03:30 <324813587453142> Initializing lastIndex=0 for a list of length=2+
    +2013-01-21T08:45:54.5434+03:30 <324813587453142> keepAlive = 1, canRecycle = 1+
    +2013-01-21T08:45:54.5434+03:30 <324813587453142> Trying a pooled connection for '127.0.0.1/7005/7005'+
    +2013-01-21T08:45:54.5434+03:30 <324813587453142> getPooledConn: found a host and port/securePort match+
    +2013-01-21T08:45:54.5434+03:30 <324813587453142> getPooledConn: No more connections in the pool for Host[127.0.0.1] Port[7005] SecurePort[7005]+
    +2013-01-21T08:45:54.5434+03:30 <324813587453142> general list: trying connect to '127.0.0.1'/7005/7005 at line 2378 for '/CRM/favicon.ico'+
    +2013-01-21T08:45:55.5574+03:30 <324813587453142> *******Exception type [CONNECTION_REFUSED] (apr_socket_connect call failed with error=730061, host=127.0.0.1, port=7005 ) raised at line 1590 of ../common/URL.cpp+
    +2013-01-21T08:45:55.5574+03:30 <324813587453142> Sleeping for 2 seconds+
    +2013-01-21T08:45:57.5698+03:30 <324813587453142> request [CRM/favicon.ico] did NOT process successfully..................+

    and manageserver log is :

    +####<Aug 22, 2012 4:32:58 PM GMT> <Notice> <Security> <ksccoappsrv5> <ManagedServer_1> <[ACTIVE] ExecuteThread: '16' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1345653178837> <BEA-090171> <Loading the identity certificate and private key stored under the alias client from the JKS keystore file E:\oracle\Middleware\user_projects\domains\ADFdomain\ewalletK.jks.>+

    +####<Aug 22, 2012 4:32:58 PM GMT> <Emergency> <Security> <ksccoappsrv5> <ManagedServer_1> <[ACTIVE] ExecuteThread: '16' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1345653178868> <BEA-090155> <Identity certificate is not yet valid: [+
    +[+
    Version: V3
    Subject: CN=*.mydomain.com, OU=IT, O=mycompany complex co, L=test, ST=test, C=IR
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

    Key:  Sun RSA public key, 2048 bits
    modulus: 22170784900373340765064457943877317434606328140208816369588434576853773667039320251736789008441872383559356572097780471482943397974247268981641320776953284061897192414867706528244530237601507250956599998027568133177266791956132105490043357738065355483384409913058525939879874519582287615517544045836113677210223087634981655378491405176040582720237781061182995076728898050814166851359825070101297115749339214468290506639411113225124957905920357412696978728090866345336480969084292433017541717415576756954258604947058469411121021947404510070698773704801576497131864114328541742341038929225582608510238108553927470401887
    public exponent: 65537
    +Validity: [From: Sun Oct 07 04:55:26 GMT 2012,+
                   +To: Mon Oct 07 05:15:26 GMT 2013]+
    Issuer: CN=*.mydomain.com, OU=IT, O=mycompany complex co, L=test, ST=test, C=IR
    +SerialNumber: [    68cbf428 2ed7108c 4d312e65 5ef4572c]+

    Certificate Extensions: 4
    +[1]: ObjectId: 2.5.29.14 Criticality=false+
    +SubjectKeyIdentifier [+
    +KeyIdentifier [+
    +0000: D6 AE 65 E8 17 C7 5C D0 7C 00 7C C9 62 74 C4 40 ..e...\.....bt.@+
    +0010: 3C C1 FD 62 <..b+
    +]+
    +]+

    +[2]: ObjectId: 1.2.840.113549.1.9.15 Criticality=false+
    Extension unknown: DER encoded OCTET string =
    +0000: 04 6B 30 69 30 0E 06 08 2A 86 48 86 F7 0D 03 02 .k0i0...*.H.....+
    +0010: 02 02 00 80 30 0E 06 08 2A 86 48 86 F7 0D 03 04 ....0...*.H.....+
    +0020: 02 02 00 80 30 0B 06 09 60 86 48 01 65 03 04 01 ....0...`.H.e...+
    +0030: 2A 30 0B 06 09 60 86 48 01 65 03 04 01 2D 30 0B *0...`.H.e...-0.+
    +0040: 06 09 60 86 48 01 65 03 04 01 02 30 0B 06 09 60 ..`.H.e....0...`+
    +0050: 86 48 01 65 03 04 01 05 30 07 06 05 2B 0E 03 02 .H.e....0...+...+
    +0060: 07 30 0A 06 08 2A 86 48 86 F7 0D 03 07 .0...*.H.....+


    +[3]: ObjectId: 2.5.29.37 Criticality=false+
    +ExtendedKeyUsages [+
    serverAuth
    +]+

    +[4]: ObjectId: 2.5.29.15 Criticality=true+
    +KeyUsage [+
    DigitalSignature
    Non_repudiation
    Key_Encipherment
    Data_Encipherment
    +]+

    +]+
    +Algorithm: [SHA1withRSA]+
    Signature:
    +0000: 37 E3 0C B6 72 AB F8 BD 11 F2 C7 9E 34 DB 69 E1 7...r.......4.i.+
    +0010: 26 3A 64 91 32 9B CA 61 DA 86 04 2A F0 9F F4 98 &:d.2..a...*....+
    +0020: 89 A6 87 E1 CB DF 9A F0 AA EA F6 DE BF B0 25 0E ..............%.+
    +0030: C9 F3 ED 42 B3 2B CF C1 1B A6 27 2F 7C C7 BD 67 ...B.+....'/...g+
    +0040: 77 5D 4E D5 41 C2 0D D3 3A EF AF B7 12 6C 9C B6 w]N.A...:....l..+
    +0050: 22 02 1A 60 12 40 FE 42 8C CA E2 CA 0D 89 40 91 "..`.@.B......@.+
    +0060: 73 F4 A6 DE E5 E3 EF E5 23 E9 B0 F9 C6 B9 5E 06 s.......#.....^.+
    +0070: 40 57 3D 04 D5 15 DE FB 53 17 68 A5 34 0F BE BC @W=.....S.h.4...+
    +0080: C4 B3 AC E3 94 46 72 89 50 21 6C 6E 15 91 1F 1C .....Fr.P!ln....+
    +0090: 9F B1 65 14 7C B9 B7 01 23 83 31 0E 4F B7 2C A7 ..e.....#.1.O.,.+
    +00A0: 41 87 81 53 81 93 1C 57 BB 97 6E E9 1A 9B 19 A5 A..S...W..n.....+
    +00B0: 55 8B 72 1B 1B 24 DB CB E6 CE 21 A6 95 63 4D 7B U.r..$....!..cM.+
    +00C0: 29 2D CE 8A 42 F7 80 22 2B 8F 9A 49 F9 62 68 E9 )-..B.."+..I.bh.+
    +00D0: A9 81 76 43 17 5A 1D CD 13 A9 93 6F E4 44 AD 0A ..vC.Z.....o.D..+
    +00E0: 26 9E 81 88 B1 95 06 C0 D3 E8 29 C7 57 71 3A 25 &.........).Wq:%+
    +00F0: 0A BA CE 63 45 2B 2E 85 B2 FE F6 D0 76 AF 29 37 ...cE+......v.)7+

    and

    +<Jan 20, 2013 12:44:53 PM GMT> <Warning> <Security> <BEA-090475> <Plaintext data for protocol HTTP was received from peer ksccoappsrv5.itksc - 0:0:0:0:0:0:0:1 instead of an SSL handshake.>+



    I read some Documents and do some solutions :
    1. set WebLogic Plug-In Enabled for domain . manage server and admin server
    2.set Hostname Verification to None for manage server

    also I convert my wallet to key store.

    please help me to solve this problem.
  • 4. Re: Config SSL in OHS and Weblogic
    Mohammed Rayan-Oracle Journeyer
    Currently Being Moderated
    Zari,

    Seems to me that the logs of weblogic server are very old,way back to Aug 2012 and having said that,the SSL is not confiogured fine at the weblogic and logs says that very clearly: *"Identity certificate is not yet valid"*

    ####<Aug 22, 2012 4:32:58 PM GMT> <Emergency> <Security> <ksccoappsrv5> <ManagedServer_1> <[ACTIVE] ExecuteThread: '16' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <1345653178868> <BEA-090155> <Identity certificate is not yet valid:


    You can cross check the same about why the certificate is not getting loaded and also are you able to access the weblogic console directly with the SSL Port (7002)


    Hope this helps
  • 5. Re: Config SSL in OHS and Weblogic
    zari Newbie
    Currently Being Moderated
    Hi 809364,

    Thank you very much for your reply. I surprised when I see Aug 2012 date in weblogic log I didn't mention it. I don't know why date is old! I checked weblogic server date , it was up to date!

    anyway, As I told before, I convert my wallet to key store for weblogic and when I see my wallet detail in ohs Security/Wallets section I see one certificate and 2 trusted certificate that their status are valid so I think my wallet is ok but I don't have ny idea about my key store.
    how can I distinguish my key store is ok or not ??
    also I check app url directly with the SSL Port (https://127.0.0.1:7002/mycontext) and it is ok.

    Appreciate any help.
  • 6. Re: Config SSL in OHS and Weblogic
    zari Newbie
    Currently Being Moderated
    Hi everybody,

    I think my key store have some problems because when I see certificate in browser I see Issued by and Issud to are same and both of them are my CN.

    I use below command to convert my wallet to key store and then change alias of ewalletK.jks to client and use it to ssl tab of weblogic console. is it wrong ??


    orapki wallet pkcs12_to_jks -wallet ./ -pwd ab123adb -jksKeyStoreLoc ./ewalletK.jks -jksKeyStorepwd ab123adb-jksTrustStoreLoc ./ewalletT.jks -jksTrustStorepwd ab123adb

    please help me...
  • 7. Re: Config SSL in OHS and Weblogic
    user13344656 Newbie
    Currently Being Moderated
    any solution ??
  • 8. Re: Config SSL in OHS and Weblogic
    zari Newbie
    Currently Being Moderated
    Hi ,

    when I see technical details I see The certificate is not trusted because it is self-signed ???!!! I get certificate from a Trusted CA and when I convert my wallet generate trusted key store why this error happen??

    any Idea?

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points