Enabling SSL for MQSeries Adapter Causes java.security.UnrecoverableKeyException
(Doc ID 1210425.1)
Last updated on OCTOBER 09, 2019
Applies to:
Oracle SOA Suite - Version 11.1.1.3.0 and laterInformation in this document applies to any platform.
Symptoms
You configure the MQ Series Adapter and it works as expected.
When you enable the MQ Series Adapter for SSL, the following error occurs.
ERROR
---------
at oracle.integration.platform.blocks.adapter.fw.jca.cci.JCAConnectionManager$JCAConnectionPool.createJCAConnection(JCAConnectionManager.java:1335)
... 59 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
at oracle.tip.adapter.mq.ManagedConnectionImpl.setupSSLSocketFactory(ManagedConnectionImpl.java:670)
STEPS
--------
1) Create a private key with a blank password field so that it inherits the keystore password.
2) Import the private key into the DemoIdentity store.
3) Create a certificate request.
4) Import the response into the keystore.
5) Import CA certificate into DemoTrust.jks.
Even after specifically changing the private key password to match the keystore password, the error still occurs.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |