My Oracle Support Banner

Siebel Server & Tomcat Servers Failed to Start with Error "java.lang.IllegalArgumentException: Illegal character in opaque part at index 2" Post Renewal of Certificates (Doc ID 2980042.1)

Last updated on OCTOBER 12, 2023

Applies to:

Siebel CRM - Version 19.8 and later
Information in this document applies to any platform.

Symptoms

Siebel servers & tomcat services failing to start post renewal of certificates & deploying new JKS files. Since the certificates are going to expire, new certificates are created and imported in to new JKS.

Post copying the new JKS files into tomcat location of $applicationcontainer$/siebelcerts location, unable to start tomcat successfully. It is failing with below error:

catalina.xxxx.log

06-Oct-2023 04:55:53.716 SEVERE [main] org.apache.tomcat.util.net.SSLUtilBase.getStore Failed to load keystore type [JKS] with path [E:\Siebel\ses\applicationcontainer\siebelcerts\prod_siebelkeystore.jks] due to [Illegal character in opaque part at index 2: E:\Siebel\ses\applicationcontainer\siebelcerts\prod_siebelkeystore.jks]
java.lang.IllegalArgumentException: Illegal character in opaque part at index 2: E:\Siebel\ses\applicationcontainer\siebelcerts\prod_siebelkeystore.jks
at java.net.URI.create(URI.java:852)
at java.net.URI.resolve(URI.java:1036)
at org.apache.catalina.startup.CatalinaBaseConfigurationSource.getURI(CatalinaBaseConfigurationSource.java:138)
at org.apache.catalina.startup.CatalinaBaseConfigurationSource.getResource(CatalinaBaseConfigurationSource.java:102)

 

The issue can be reproduced by following below steps

1. Create new JKS and certificate request with same password as earlier, reference steps: Creating Self-Signed SSL Certificates for Siebel Innovation Pack 2017

NOTE: Self-signed certificates are not recommended for production instance.

2. Send CSR to CA vendor to sign it with RootCA

3. Once signed certificate provided, import the same to JKS

4. Copy the JKS to $applicationcontainer/siebelcerts

 



Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.