EM13c: After Successful Securing OMS With Third-party Certificate, OMS Still Using Demo Certificate
(Doc ID 2970086.1)
Last updated on DECEMBER 21, 2023
Applies to:
Enterprise Manager Base Platform - Version 13.5.0.0.0 and laterInformation in this document applies to any platform.
Symptoms
In Enterprise Manager (EM) Cloud Control, even securing OMS with third-party certificates by following the below notes was successfully:
EM 13.4: How to Configure the Enterprise Manager Management Service (OMS) Console with Subject Alternative Name (SAN) SSL Certificates (Doc ID 2778531.1)
EM 13c, 12c: How to Configure the Enterprise Manager Management Service (OMS) with Secure Socket Layer (SSL) Certificates (Doc ID 2202569.1)
[oracle@oms_home/bin]$ ./emctl secure console -wallet <wallet location>
Oracle Enterprise Manager Cloud Control 13c Release 5
Copyright (c) 1996, 2021 Oracle Corporation. All rights reserved.
Securing Console... Started.
Enter Enterprise Manager Root (SYSMAN) Password :
Securing Console... Successful
Restart OMS
[oracle@oms_home/bin]$ ./emctl stop oms -all -force
Oracle Enterprise Manager Cloud Control 13c Release 5
Copyright (c) 1996, 2021 Oracle Corporation. All rights reserved.
Stopping Oracle Management Server...
WebTier could not be stopped normally. Stopping by force... ------------------Webtier not stopped normally
WebTier Successfully Stopped
Oracle Management Server Successfully Stopped
AdminServer Successfully Stopped
Oracle Management Server is Down
JVMD Engine is Down
Demo certificates are still present:
[oracle@oms_home/bin]$ ./emctl secdiag openurl -url https://oms_hostname:7803/em -ssl_protocol TLSv1.2
Oracle Enterprise Manager Cloud Control 13c Release 5
Copyright (c) 1996, 2021 Oracle Corporation. All rights reserved.
Log file: /tmp/OpenPage_2023_05_16_20_23_096230117022776874577.log
Opening page: https://oms_hostname:7803/em
Using non-validating trust manager; all certificates will be blindly accepted.
Proxy server is not set
Using protocol: TLSv1.2
Negotiated protocol: TLSv1.2
Getting the certificate chain
Details of cert# 1 in chain:
Subject: CN=oms_hostname
Issuer: CN=oms_hostname, C=US, ST=CA, L=EnterpriseManager on oms_hostname, OU=EnterpriseManager on oms_hostname, O=EnterpriseManager on oms_hostname
Valid from: Mon Jun 20 17:09:27 IST 2022
Valid till: Fri Jun 18 17:09:27 IST 2032
Serial#: -1660902826545153015
Public key: Sun RSA public key, 1024 bits
params: null
modulus: 97570722479940202374457617224534165171180842391281627660808215594620058380779657669679017028395469807823224408731332078424377030365667676608995666711250066975947407596392466888892666768277714286646677994080353002136674305305632568839245060096556940643627594862586350220845462985710590030839627326380326179429
public exponent: 65537
Signature algorithm: SHA512withRSA
Details of cert# 2 in chain:
Subject: CN=oms_hostname, C=US, ST=CA, L=EnterpriseManager on oms_hostname, OU=EnterpriseManager on oms_hostname, O=EnterpriseManager on oms_hostname
Issuer: CN=oms_hostname, C=US, ST=CA, L=EnterpriseManager on oms_hostname, OU=EnterpriseManager on oms_hostname, O=EnterpriseManager on oms_hostname
Valid from: Sun Feb 13 20:05:29 IST 2022
Valid till: Thu Feb 12 20:05:29 IST 2032
Serial#: -1745166630391661887
Public key: Sun RSA public key, 1024 bits
params: null
modulus: 92014226914473370928943987722557579419323709932121476044361811574824950171263113477553716474929433280927066987347137111804468694952246245468803502989607781869436375295704243955319631861981272442219693323289710674385417656280317840067350618915271007290103951391658417497667950799057611680447634281677776090069
public exponent: 65537
Signature algorithm: SHA512withRSA
Error stack reported in <OMS_HOME>gc_inst/em/EMGC_OMS1/sysman/log/emctl.log
2023-05-17 18:12:43,369 [Thread-1] INFO commands.BaseCommand run.628 - <OUT>Check log file <gc_inst>user_projects/domains/GCDomain/servers/ohs1/logs/ohs1.log]. Please check Node Manager log and/or server 'ohs1' log for detailed information.]. Please check Node Manager log for details. 2023-05-17 18:12:43,370 [Thread-1] INFO commands.BaseCommand run.628 - <OUT>Failed to start OHS component namedohs1 2023-05-17 18:12:43,370 [Thread-1] INFO commands.BaseCommand run.628 - <OUT>Exception while starting OHS: main.WLSTException value: Error occurred while performing nmStart : Error Starting server ohs1 : Received error message from Node Manager Server: [Server start command for OHS server 'ohs1' failed due to: [Failed to start the server ohs1 2023-05-17 18:12:43,370 [Thread-1] INFO commands.BaseCommand run.628 - <OUT>Check log file /grid/app/gc_inst/user_projects/domains/GCDomain/system_components/OHS/ohs_nm.log
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |