Changing hostname/IP for Weblogic 11g
来源:互联网 发布:心内事无人知谐音歌词 编辑:程序博客网 时间:2024/06/06 10:06
Changing hostname/IP for Weblogic 11g
Recently I had to migrate two VMs hosting SOA/WebCenter 11g respectively from our US centers to India centers. This involved change in the hostname/IP of the two servers. Now the process is already documented @http://download.oracle.com/docs/cd/E12839_01/core.1111/e10105/host.htm#CHDGEDCF.
But as is with all documents, not everything is documented!
The startManagedServer.sh script has the URL of the AdminServer hard-coded. So you have to change that too. Having done this, start the nodemanager.
When you start your nodemanager, you might encounter the below error (in the AdminServer logfile):
BEA-090504 - Certificate chain received from localhost - 127.0.0.1 failed hostname verification check. Certificate contained xyz.abc.com but check expected localhost
OR
BEA-090482 - BAD_CERTIFICATE alert was received from localhost.localdomain - 127.0.0.1. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.
There are two ways to solve it.
1. Disable Flags - Jugaad way ;)
Put the following flags at the right places.
Node Manager: -Dweblogic.nodemanager.sslHostNameVerificationEnabled=false
Admin Server: -Dweblogic.security.SSL.ignoreHostnameVerification=true
2. Recreate the Certificates - The recommended way.
Node manager by default uses the WebLogic demo identity keystore. The keystore is generated at install time using the CertGen utility. The generated private key uses the common name (cn) resolved by Java.
2.1 Set the PATH
. $WL_HOME/server/bin/setWLSEnv.sh
2.2 Backup DemoIdentity.jks under $WL_HOME/server/lib
2.3 Generate the private key.
java utils.CertGen -cn hostname -keyfilepass DemoIdentityPassPhrase -certfile newcert -keyfile newkey
2.4 Import the key generated above to the keystore.
java utils.ImportPrivateKey -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -keyfile newkey.pem -keyfilepass DemoIdentityPassPhrase -certfile newcert.pem -alias demoidentity
2.5 Copy DemoIdentity.jks to $WL_HOME/server/lib
2.6 Restart your nodemanager.
That's it !
- Changing hostname/IP for Weblogic 11g
- Solaris 11: changing the hostname
- eclipse web.xml for weblogic 11g
- IP for 4G
- weblogic 11 g安装
- Oracle 11g & WebLogic 11g 研究
- weblogic portal 11g 集群
- WebLogic 11g默认用户密码
- WebLogic 11g重置用户密码
- WebLogic 11g重置用户密码
- weblogic 11g 配置集群
- WebLogic 11g重置用户密码
- linux 安装weblogic 11g
- Installation Guide for Oracle WebLogic Server 11g Release 一 (10.3.3)
- Ip to hostname
- 通过hostname获取IP
- 验证IP和HostName
- Modify the VIP or VIP Hostname for a 10g Oracle Clusterware
- UITapGestureRecognizer
- OSCACHE集群功能
- TCP协议疑难杂症全景解析
- 感触
- RHEL-5.4 i386安装tomcat 6
- Changing hostname/IP for Weblogic 11g
- GXT之旅:第一章:初识ExtGWT(1)——简介
- 你妹的,模拟QQ邮箱登录提示用户名或密码错误。
- Beej’s Guide Network to Programming 系列连载13
- 资源连接2
- oracle外连接和(+)用法
- private inheritance是怎么回事,解释得比较到位
- openssl之stack学习
- csdn C论坛的学习记录
Hi Rb,
I cloned my old WL server to a new server using Mono.
After that i got the same certificate problem when starting the new WL, so i tried your 2nd option to re-generate CA. However I stucked at step 3 with this error:
Exception in thread "Main Thread" java.lang.NoClassDefFoundError: utils/CertGen
Could not find the main class: utils.CertGen. Program will exit.
Could you please advise me how to fix this problem. Thank you
Could not find the main class: utils.CertGen
TuanNA,
if setWLSEnv.sh isn't setting the environment variables, export them with the script's output.
In Linux:
export CLASSPATH=...............
export PATH=....................
You should add java utils.CertGen -cn other wise it will throw the below error.
Unknown option: DemoIdentityPassPhrase
Usage: java utils.CertGen
-certfile -keyfile
-keyfilepass
[-cacert ][-cakey ]
[-cakeypass ]
[-selfsigned][-strength ]
[-e ][-cn ]
[-ou ][-o ]
[-l ][-s ][-c ]
[-keyusage [digitalSignature,nonRepudiation,keyEncipherment
dataEncipherment,keyAgreement,keyCertSign,
cRLSign,encipherOnly,decipherOnly]]
[-keyusagecritical true|false]
[-subjectkeyid ]
[-subjectkeyidformat UTF-8|BASE64]
[-help]