Self Generated Certificate Not Able To Be Read By Tuxedo SALT GWWS Process (Doc ID 2229055.1)

Last updated on JULY 31, 2017

Applies to:

Oracle Tuxedo - Version 12.2.2 and later
Oracle Service Architecture Leveraging Tuxedo (SALT) - Version 12.2.2 and later
Information in this document applies to any platform.

Symptoms

On : Oracle Linux 6 on Linux x86-64
Tuxedo Version 12.2.2.0.0, 32-bit, Patch Level (none)
Oracle Service Architecture Leveraging Tuxedo (also known as SALT), Version 12.2.2.0.0, 32-bit, Patch Level (none)

When attempting to try to deploy SALT web services the self generated certificate is not able to read by the Tuxedo SALT GWWS process.

This occurred using the SALT deployment script found in the $TUXDIR/samples/salt/secsapp example provided with the Tuxedo 12.2.2 binaries installation.

Tuxedo ULOG contains these errors:

110419.tuxmachine!GWWS.27940.982393344.0: 01-24-2017: Tuxedo Version 12.2.2.0.0, 64-bit
110419.tuxmachine!GWWS.27940.982393344.0: LIBTUX_CAT:262: INFO: Standard main starting
110419.tuxmachine!GWWS.27940.982393344.0: INFO: Oracle SALT, Version 12.2.2.0.0, 64-bit, Patch Level (none)
110419.tuxmachine!GWWS.27940.982393344.0: WSCFG_CAT:33: INFO: Get configuration for GWWS <GWWS2> successful.
110419.tuxmachine!GWWS.27940.982393344.0: GWWS_CAT:1699: ERROR: Could not open private key file "/opt/mycerts/root.pem"
110419.tuxmachine!GWWS.27940.982393344.0: File open failed on Oracle Wallet "file:/opt/mycerts" and subsequent attempt to dynamically create security credentials failed
110419.tuxmachine!GWWS.27940.982393344.0: GWWS_CAT:103: ERROR: Cannot setup SSL context.
110419.tuxmachine!GWWS.27940.982393344.0: GWWS_CAT:1699: ERROR: Could not open private key file "/opt/mycerts/root.pem"
110419.tuxmachine!GWWS.27940.982393344.0: File open failed on Oracle Wallet "file:/opt/mycerts" and subsequent attempt to dynamically create security credentials failed
110419.tuxmachine!GWWS.27940.982393344.0: Created SSL listening connection for https://mymach:1230/bankapp
110419.tuxmachine!GWWS.27940.982393344.0: GWWS_CAT:1457: Created REST listening connection for http://mymach:1240
110419.tuxmachine!GWWS.27940.982393344.0: GWWS_CAT:1699: ERROR: Could not open private key file "/opt/mycerts/root.pem"
110419.tuxmachine!GWWS.27940.982393344.0: File open failed on Oracle Wallet "file:/opt/mycerts" and subsequent attempt to dynamically create security credentials failed
110419.tuxmachine!GWWS.27940.982393344.0: GWWS_CAT:1460: Created REST listening connection for https://mymach:1250
110419.tuxmachine!GWWS.27940.982393344.0: GWWS_CAT:19: INFO: GWWS started.

 

With environment variables ULOG_SSLINFO=Y and TUXNZTRACE=8191 used the nz trace file, trace-pid#.log, contains the following:

nziropen: entry
nzdfo_open: entry
snzdfo_open_file: entry
snzdfo_open_file: Opening file /opt/mycerts/ewallet.p12 with READ ONLY permissions
snzdfo_open_file: File Open/Close error
nzdfo_open: File Open/Close error
nziropen: rio open failed with error 28759
nzirclose: entry
nzdtrsr_store_certreq: nziropen() returned error 28759
nzhewRetrieveencwltBlob: exit
nztwOpenWallet: Could not open wallet from file:/opt/mycerts: NZ error 28759
nztwOpenWallet: exit

 





Changes

 Upgrade to Tuxedo and SALT 12.2.2

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms