My Oracle Support Banner

OAM11g : How To Recover From Coherence Keystore Corruption (Doc ID 1632589.1)

Last updated on FEBRUARY 22, 2018

Applies to:

Oracle Access Manager - Version to [Release 11g]
Information in this document applies to any platform.
Note: In OAM PS3 release, the WLS listCred command was removed so this issue applies up to release PS2

Identify the coherence keystore corruption by looking for below error messages in OAM logs

Caused by: Password must not be null
Caused By: Keystore was tampered with, or password was incorrect

Try below wlst command to retrieve coherence keystore password

wls:/OAM-Domain/domainRuntime> listCred(map="OAM_STORE",key="coh")

If you see below output then it means that coherence keystore credentials are missing in OPSS

Credential either does not exist or cannot be listed if it is of type "generic"

If you can retrieve credentials for coherence keystore then run below keytool command

keytool -list -v -keystore /config/fmwconfig/.cohstore.jks -storepass -storetype JCEKS

if above command results in below error then coherence keystore got corrupted, else the keystore is fine and this article is not valid for your case Keystore was tampered with, or password was incorrect


This article explains the procedure to recover from corrupted coherence keystore issue using data from other working environment.


             If you have DB and filesystem backups then restore OPSS schema and .cohstore.jks keystore from backups instead of following this procedure. 


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.