Enabling SSL for MQSeries Adapter Causes java.security.UnrecoverableKeyException
(Doc ID 1210425.1)
Last updated on AUGUST 31, 2018
Applies to:
Oracle SOA Platform - Version: 11.1.1.3.0Information in this document applies to any platform.
Symptoms
You configure the MQ Series Adapter and it works as expected.When you enable the MQ Series Adapter for SSL, the following error occurs.
ERROR
---------
at oracle.integration.platform.blocks.adapter.fw.jca.cci.JCAConnectionManager$JCAConnectionPool.createJCAConnection(JCAConnectionManager.java:1335)
... 59 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
at oracle.tip.adapter.mq.ManagedConnectionImpl.setupSSLSocketFactory(ManagedConnectionImpl.java:670)
STEPS
--------
1) Create a private key with a blank password field so that it inherits the keystore password.
2) Import the private key into the DemoIdentity store.
3) Create a certificate request.
4) Import the response into the keystore.
5) Import CA certificate into DemoTrust.jks.
Even after specifically changing the private key password to match the keystore password, the error still occurs.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms
Cause
Solution
| This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review. |