My Oracle Support Banner

Self Generated Certificate Not Able To Be Read By Tuxedo SALT GWWS Process (Doc ID 2229055.1)

Last updated on JUNE 07, 2022

Applies to:

Oracle Tuxedo - Version 12.2.2 and later
Oracle Service Architecture Leveraging Tuxedo (SALT) - Version 12.2.2 and later
Information in this document applies to any platform.

Symptoms

On : Oracle Linux 6 on Linux x86-64
Tuxedo Version 12.2.2.0.0, 32-bit, Patch Level (none)
Oracle Service Architecture Leveraging Tuxedo (also known as SALT), Version 12.2.2.0.0, 32-bit, Patch Level (none)

When attempting to try to deploy SALT web services the self generated certificate is not able to read by the Tuxedo SALT GWWS process.

This occurred using the SALT deployment script found in the $TUXDIR/samples/salt/secsapp example provided with the Tuxedo 12.2.2 binaries installation.

Tuxedo ULOG contains these errors:

110419.tuxmachine!GWWS.xxx.982393344.0: 01-24-2017: Tuxedo Version 12.2.2.0.0, 64-bit
110419.tuxmachine!GWWS.xxx.982393344.0: LIBTUX_CAT:262: INFO: Standard main starting
110419.tuxmachine!GWWS.xxx.982393344.0: INFO: Oracle SALT, Version 12.2.2.0.0, 64-bit, Patch Level (none)
110419.tuxmachine!GWWS.xxx.982393344.0: WSCFG_CAT:33: INFO: Get configuration for GWWS <GWWS2> successful.
110419.tuxmachine!GWWS.xxx.982393344.0: GWWS_CAT:1699: ERROR: Could not open private key file "/path/to/directory/mycerts/root.pem"
110419.tuxmachine!GWWS.xxx.982393344.0: File open failed on Oracle Wallet "file:/path/to/directory/mycerts" and subsequent attempt to dynamically create security credentials failed
110419.tuxmachine!GWWS.xxx.982393344.0: GWWS_CAT:103: ERROR: Cannot setup SSL context.
110419.tuxmachine!GWWS.xxx.982393344.0: GWWS_CAT:1699: ERROR: Could not open private key file "/path/to/directory/mycerts/root.pem"
110419.tuxmachine!GWWS.xxx.982393344.0: File open failed on Oracle Wallet "file:/path/to/directory/mycerts" and subsequent attempt to dynamically create security credentials failed
110419.tuxmachine!GWWS.xxx.982393344.0: Created SSL listening connection for https://<TuxMach_hostname>:<port#>/AppName
110419.tuxmachine!GWWS.xxx.982393344.0: GWWS_CAT:1457: Created REST listening connection for http://<TuxMach_hostname>:1240
110419.tuxmachine!GWWS.xxx.982393344.0: GWWS_CAT:1699: ERROR: Could not open private key file "/path/to/directory/mycerts/root.pem"
110419.tuxmachine!GWWS.xxx.982393344.0: File open failed on Oracle Wallet "file:/path/to/directory/mycerts" and subsequent attempt to dynamically create security credentials failed
110419.tuxmachine!GWWS.xxx.982393344.0: GWWS_CAT:1460: Created REST listening connection for https://<TuxMach_hostname>:1250
110419.tuxmachine!GWWS.xxx.982393344.0: GWWS_CAT:19: INFO: GWWS started.

 

With environment variables ULOG_SSLINFO=Y and TUXNZTRACE=8191 used the nz trace file, trace-pid#.log, contains the following:

nziropen: entry
nzdfo_open: entry
snzdfo_open_file: entry
snzdfo_open_file: Opening file /path/to/directory/mycerts/ewallet.p12 with READ ONLY permissions
snzdfo_open_file: File Open/Close error
nzdfo_open: File Open/Close error
nziropen: rio open failed with error 28759
nzirclose: entry
nzdtrsr_store_certreq: nziropen() returned error 28759
nzhewRetrieveencwltBlob: exit
nztwOpenWallet: Could not open wallet from file:/path/to/directory/mycerts: NZ error 28759
nztwOpenWallet: exit

 

Changes

 Upgrade to Tuxedo and SALT 12.2.2

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.