My Oracle Support Banner

Enabling SSL for MQSeries Adapter Causes java.security.UnrecoverableKeyException (Doc ID 1210425.1)

Last updated on OCTOBER 09, 2019

Applies to:

Oracle SOA Suite - Version 11.1.1.3.0 and later
Information in this document applies to any platform.

Symptoms

You configure the MQ Series Adapter and it works as expected.
When you enable the MQ Series Adapter for SSL, the following error occurs.

ERROR
---------
at oracle.integration.platform.blocks.adapter.fw.jca.cci.JCAConnectionManager$JCAConnectionPool.createJCAConnection(JCAConnectionManager.java:1335)
... 59 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
at oracle.tip.adapter.mq.ManagedConnectionImpl.setupSSLSocketFactory(ManagedConnectionImpl.java:670)

STEPS
--------
1) Create a private key with a blank password field so that it inherits the keystore password.
2) Import the private key into the DemoIdentity store.
3) Create a certificate request.
4) Import the response into the keystore.
5) Import CA certificate into DemoTrust.jks.

Even after specifically changing the private key password to match the keystore password, the error still occurs.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.