"Some Trusted Certificates Could Not Be Installed." Error Received For Import Of Certificates Into Oracle Wallet Manager For Beehive (Doc ID 1938452.1)

Last updated on MAY 09, 2017

Applies to:

Beehive - Version 2.0 and later
Information in this document applies to any platform.

Symptoms

On Beehive 2.0.1.x, Security Services

Cannot import certificates into Oracle Wallet Manager (OWM)

After creating the CSR and, receiving the certificate back, it was observed that the certificate paths do not match between the root and the chain. The standalone root certificate imported without issue but when the chainroot certificate import is attempted, it throws an error in wallet manager (OWM) as well as via orapki with the following command:


Error from Oracle Wallet Manager:
Some trusted certificates could not be installed.


Error from orapki:
Enter wallet password:
Unknown error occured:


The issue can be reproduced at will with the following steps:
- Start owm
- Open wallet in <Beehive_Home>/Apache/Apache/conf/ssl.wlt/default and enter password; the wallet opens
- Click on "Import trusted certificates"
- Select "Import from file"
- Navigate to the root file, select it and click OK. The file should be imported
- Click on "Import trusted certificates" again
- Select "Import from file"
- Navigate to the chainroot file, select it and click OK. Observe the error.

Note that the same error occurs with orapki command line (see output below)
oracle@server$ orapki wallet add -wallet <Beehive_Home>/Apache/Apache/conf/ssl.wlt/default/ -cert chainroot.txt -trusted_cert
Enter wallet password:
Unknown error occured:

Due to this issue, new certificates cannot be activated in the system.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms