Enabling SSL for MQSeries Adapter Causes java.security.UnrecoverableKeyException
Last updated on NOVEMBER 19, 2016
Applies to:
Oracle SOA Platform - Version: 11.1.1.3.0Information in this document applies to any platform.
Symptoms
You configure the MQ Series Adapter and it works as expected.When you enable the MQ Series Adapter for SSL, the following error occurs.
ERROR
---------
at oracle.integration.platform.blocks.adapter.fw.jca.cci.JCAConnectionManager$JCAConnectionPool.createJCAConnection(JCAConnectionManager.java:1335)
... 59 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
at oracle.tip.adapter.mq.ManagedConnectionImpl.setupSSLSocketFactory(ManagedConnectionImpl.java:670)
STEPS
--------
1) Create a private key with a blank password field so that it inherits the keystore password.
2) Import the private key into the DemoIdentity store.
3) Create a certificate request.
4) Import the response into the keystore.
5) Import CA certificate into DemoTrust.jks.
Even after specifically changing the private key password to match the keystore password, the error still occurs.
Cause
Sign In with your My Oracle Support account |
|
Don't have a My Oracle Support account? Click to get started |
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms