Using stripe Other Than 'system' with syncKeyStores for WLS Fails with: JPS-06633 / oracle.security.jps.service.keystore.KeyStoreServiceException: Failed to load the keystore. Is 'system' stripe Required for WLS? (Doc ID 2292754.1)

Last updated on AUGUST 03, 2017

Applies to:

Oracle Platform Security for Java - Version 12.2.1.1.0 and later
Information in this document applies to any platform.

Goal

This document addresses questions regarding stripes while evaluating OPSS/KSS for WLS and integrated products/environments.

Following:
Oracle® Fusion Middleware Securing Applications with Oracle Platform Security Services
Chapter 12 Managing Keys and Certificates
Section 12.8.1 Using the syncKeyStores Command

In case of WebLogic Server (WLS), the keystores always have to be exported to a filestore using syncKeyStores.

When doing so, it only works if the stripe is 'system'.

Choosing to use some other stripe, e.g. 'udg-dev', returns errors:


1. Is there something special with stripe 'system'? / Is the reason for the strange behavior reported with this SR the stripe "system" itself?
2. Is there a dependency between 'syncKeyStores' and 'system'?
3. Is it not allowed to use a 'own' stripe for WLS? / When it recommended to use your own stripe, e.g. named 'mystripe'?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms