OPSS - Unable Start Admin Server Showing OPSS Java security policy provider failed, JPS-01050 and PKI-02002 Caused By SecurityException Cannot locate policy or framework files! (Doc ID 2270349.1)

Last updated on MAY 30, 2017

Applies to:

Oracle Platform Security for Java - Version 12.2.1.2.0 and later
Information in this document applies to any platform.

Symptoms

Unable start Admin Server showing OPSS java security policy provider failed

Error:

 

####<May 21, 2017 7:47:02 PM EDT> <Critical> <WebLogicServer> <c1debsvap01.ert.com> <AdminServer> <main> <<WLS Kernel>> <> <> <1495410422550> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1402)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1022)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:888)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: oracle.security.jps.JpsRuntimeException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:190)
at oracle.security.jps.internal.policystore.TenantJavaPolicyProvider.<init>(TenantJavaPolicyProvider.java:161)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:306)
.............
Caused By: oracle.security.jps.JpsException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPDPService(PolicyUtil.java:3180)
at oracle.security.jps.internal.policystore.PolicyUtil.getPDPService(PolicyUtil.java:3480)
at oracle.security.jps.internal.policystore.PolicyUtil.getPDPService(PolicyUtil.java:3466)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:188)
at oracle.security.jps.internal.policystore.TenantJavaPolicyProvider.<init>(TenantJavaPolicyProvider.java:161)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:306)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:279)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
..............
Caused By: oracle.security.jps.service.credstore.CredStoreException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
at oracle.security.jps.internal.credstore.ssp.CsfWalletManager.openWallet(CsfWalletManager.java:189)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.doInit(SspCredentialStore.java:378)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:193)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:177)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:182)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider.getInstance(SspCredentialStoreProvider.java:130)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider.getInstance(SspCredentialStoreProvider.java:89)
..................
Caused By: java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
at oracle.security.pki.OracleWallet.open(Unknown Source)
at oracle.security.jps.internal.credstore.ssp.CsfWalletManager.openWallet(CsfWalletManager.java:177)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.doInit(SspCredentialStore.java:378)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:193)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:177)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:182)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider.getInstance(SspCredentialStoreProvider.java:130)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider.getInstance(SspCredentialStoreProvider.java:89)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider.getInstance(SspCredentialStoreProvider.java:63)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.findServiceInstance(ContextFactoryImpl.java:139)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:170)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:191)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:132)
..................
Caused By: java.lang.ExceptionInInitializerError
at javax.crypto.Mac.getInstance(Mac.java:176)
at oracle.security.crypto.cert.PKCS12.verify(PKCS12.java:406)
at oracle.security.pki.OracleKeyStoreSpi.engineLoad(Unknown Source)
at oracle.security.pki.OracleSSOKeyStoreSpi.engineLoad(Unknown Source)
at oracle.security.pki.OracleSecretStore.load(Unknown Source)
at oracle.security.pki.OracleWallet.getSecretStore(Unknown Source)
at oracle.security.pki.OracleWallet.open(Unknown Source)
at oracle.security.jps.internal.credstore.ssp.CsfWalletManager.openWallet(CsfWalletManager.java:177)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.doInit(SspCredentialStore.java:378)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:193)
................
Caused By: java.lang.SecurityException: Can not initialize cryptographic mechanism
at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:86)
at javax.crypto.Mac.getInstance(Mac.java:176)
at oracle.security.crypto.cert.PKCS12.verify(PKCS12.java:406)
at oracle.security.pki.OracleKeyStoreSpi.engineLoad(Unknown Source)
at oracle.security.pki.OracleSSOKeyStoreSpi.engineLoad(Unknown Source)
at oracle.security.pki.OracleSecretStore.load(Unknown Source)
at oracle.security.pki.OracleWallet.getSecretStore(Unknown Source)
at oracle.security.pki.OracleWallet.open(Unknown Source)
at oracle.security.jps.internal.credstore.ssp.CsfWalletManager.openWallet(CsfWalletManager.java:177)
..........
Caused By: java.lang.SecurityException: Cannot locate policy or framework files!
at javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:256)
at javax.crypto.JceSecurity.access$000(JceSecurity.java:48)
at javax.crypto.JceSecurity$1.run(JceSecurity.java:78)
at java.security.AccessController.doPrivileged(Native Method)
at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:76)
at javax.crypto.Mac.getInstance(Mac.java:176)
at oracle.security.crypto.cert.PKCS12.verify(PKCS12.java:406)
at oracle.security.pki.OracleKeyStoreSpi.engineLoad(Unknown Source)
at oracle.security.pki.OracleSSOKeyStoreSpi.engineLoad(Unknown Source)
at oracle.security.pki.OracleSecretStore.load(Unknown Source)
............

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms