WLST FAILS TO CONNECT TO NODEMANAGER IN STANDALONE OHS 12.1.3 DOMAIN ON AIX 7.1
(Doc ID 2484471.1)
Last updated on AUGUST 06, 2020
Applies to:Oracle HTTP Server - Version 220.127.116.11.0 to 18.104.22.168.0 [Release 12c]
Oracle WebLogic Server - Version 22.214.171.124.0 to 126.96.36.199.0 [Release 12c]
IBM AIX on POWER Systems (64-bit)
In 12.1.3 standalone OHS, a scaled down domain is created. There is no Weblogic Server,
but there is still the WLS components nodemanager and wlst.
Configured the Nodemanager to use only TLSv1.2 by setting -Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2 in the DOMAIN_HOME/bin/startNodeManager.sh
After setting and testing, determined that TLSv1.0, TLSv1.1 and TLSv1.2 were
all being allowed by the nodemanager.
To get past this, apply the 12.1.3 PSU (tested both 28298916-188.8.131.52.181016 and 27919943-184.108.40.206.180717) After this, the
nodmenager allows only TLSv1.2 and blocks TLSv1.0 and TLSv1.1
However, after applying the PSUs, wlst is unable to connect to the nodemanager.
Whether trying to start the OHS using DOMAIN_HOME/bin/startComponent.sh ohs1 or running the wlst.sh and then running nmConnect...they both give the same error.
So there is something in the PSU patches that is causing the SSL handshake
issue between wlst and nodemanager.
To see if it may be something specific to an OHS 12.1.3 domain, tested against a 12.1.3 Infrastructure (WLS is included) with a collocated OHS
Determined the same issue occurs when configuring the Nodemanager to use only
TLS v1.2. Nodemanager allowed both TLS v1.1 and TLS v1.2 but not TLSv1.0
Applied PSU 28298916 and determined that wlst could make a connection to the
nodmenager through the wlst shell and when starting the OHS.
So it does appear to be an issue with wlst only in the OHS standalone install.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document