Cannot Start Opmn Processes After Configuring TLS 1.2

(Doc ID 2408594.1)

Last updated on JULY 04, 2018

Applies to:

Oracle E-Business Suite Technology Stack - Version 12.1.3 and later
Information in this document applies to any platform.

Symptoms


Problem Summary
---------------------------------------------------
Cannot start opmn processes after configuring the production server for TLS 1.2

Problem Description
---------------------------------------------------
Migrated Oracle EBS production server that runs iStore, iRecruitment, Oracle Self Service, etc. from a Windows 2003 server to Windows 2012 (Note 1188535.1). The opmn processes all started. Took opmn process down and then configured the server for TLS 1.2. If the custom files are present in the FND_TOP \...\ template\custom folder (per the note for Enabling TLS 1.2 376700.1), the opmn processes do not start. If they're removed, the opmn starts.

The server was ssl enabled. Now moving to TLS 1.2. This is needed for this server that resides in DMZ to talk to the Paypal Gateway Server.
*****************
Moved from SSL to TLS 1.2.
Remove the PEM phrase from server.key to make the opmn processes start with the custom files in place.

The server.key file for production also had the password removed. But this didn't allow the OPMN processes to start with the custom files in the template\custom folder as it did with the test server that also resides in DMZ. Had to remove them until we find a solution.

HTTP_Server~1.log:

--------
18/05/26 08:31:35 Start process
--------
WARNING: StartServers has no effect on Win32
[Sat May 26 08:31:35 2018] [notice] User directive has no affect on Win32
running...
8/05/26 08:40:43 Stop process
--------
WARNING: StartServers has no effect on Win32
[Sat May 26 08:40:43 2018] [notice] User directive has no affect on Win32

--------
18/05/23 05:17:27 Start process
--------
WARNING: StartServers has no effect on Win32
[Wed May 23 05:17:27 2018] [notice] User directive has no affect on Win32
[Wed May 23 05:17:27 2018] [warn] pid file f:/oracle/inst/apps/or15_websrvor15/pids/10.1.3/apache/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Wed May 23 05:17:28 2018] [error] mod_ssl: Init: (host.domain:8000) Unable to configure RSA server private key (OpenSSL library error follows)
[Wed May 23 05:17:28 2018] [error] OpenSSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Changes

Migrate from Windows 2003 server to Windows 2012

Moved from SSL to TLS 1.2

Remove the PEM phrase from server.key to make the opmn processes start with the custom files in place

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms