SSL Errors: Signature verification failed because RSA key public exponent [3] is too small And Validation error = 8 (Doc ID 1933416.1)

Last updated on MAY 24, 2017

Applies to:

Oracle WebLogic Server - Version 10.0 and later
Information in this document applies to any platform.

Symptoms

 

After enabling the debug SSL flags, the following errors were seen in the logs :
 

<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 1221944608731945
Issuer:C=US, ST=Arizona, L=Scottsdale, O=Foo.com, Inc., OU=http://certificates.foo.com/repository, CN=Foo CA, ?=07969287
Subject:O=*.foo.com, OU=Domain Control Validated, CN=*.foo.com
Not Valid Before:Thu Jul 14 08:49:26 PDT 2011
Not Valid After:Thu Aug 07 10:32:13 PDT 2014
Signature Algorithm:SHA1withRSA
>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 769
Issuer:C=US, O=The FOO Org Group, Inc., OU=FOO Org Class 2 Certification Authority
Subject:C=US, ST=Arizona, L=Scottsdale, O=Foo.com, Inc., OU=http://certificates.foo.com/repository, CN=Foo CA, ?=07969287
Not Valid Before:Wed Nov 15 17:54:37 PST 2006
Not Valid After:Sun Nov 15 17:54:37 PST 2026
Signature Algorithm:SHA1withRSA
>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <Signature verification failed because RSA key public exponent [3] is too small>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 2 in the chain: Serial number: 269
Issuer:L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, EMAIL=info@valicert.com
Subject:C=US, O=The FOO Org Group, Inc., OU=FOO Org Class 2 Certification Authority
Not Valid Before:Tue Jun 29 10:06:20 PDT 2004
Not Valid After:Sat Jun 29 10:06:20 PDT 2024
Signature Algorithm:SHA1withRSA
>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 8>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 1221944608731945
Issuer:C=US, ST=Arizona, L=Scottsdale, O=Foo.com, Inc., OU=http://certificates.foo.com/repository, CN=Foo CA, ?=07969287
Subject:O=*.foo.com, OU=Domain Control Validated, CN=*.foo.com
Not Valid Before:Thu Jul 14 08:49:26 PDT 2011
Not Valid After:Thu Aug 07 10:32:13 PDT 2014
Signature Algorithm:SHA1withRSA
>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 769
Issuer:C=US, O=The FOO Org Group, Inc., OU=FOO Org Class 2 Certification Authority
Subject:C=US, ST=Arizona, L=Scottsdale, O=Foo.com, Inc., OU=http://certificates.foo.com/repository, CN=Foo CA, ?=07969287
Not Valid Before:Wed Nov 15 17:54:37 PST 2006
Not Valid After:Sun Nov 15 17:54:37 PST 2026
Signature Algorithm:SHA1withRSA
>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> < cert[2] = Serial number: 269
Issuer:L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, EMAIL=info@valicert.com
Subject:C=US, O=The FOO Org Group, Inc., OU=FOO Org Class 2 Certification Authority
Not Valid Before:Tue Jun 29 10:06:20 PDT 2004
Not Valid After:Sat Jun 29 10:06:20 PDT 2024
Signature Algorithm:SHA1withRSA
>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 8>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 8>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 8>
<Sep 8, 2011 11:30:15 PM PDT> <Debug> <SecuritySSL> <BEA-000000> <Trust status (8): SIGNATURE_INVALID>

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms