BEA WebLogic Admin Server for RSA Federated Identity Module (FIM) does not restart after adding a new DefaultKeyStore
Originally Published: 2004-09-08
Article Number
Applies To
RSA Federated Identity Manager (FIM) 2.0
Issue
WebLogic admin server log file, adminserver.log, shows the following exceptions/errors:
***************************************************************************
The WebLogic Server did not start up properly.
Exception raised:
Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.
at weblogic.management.security.RealmImpl.validate(RealmImpl.java:42)
at java.lang.reflect.Method.invoke(Native Method)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1287)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:928)
at weblogic.management.commo.CommoProxy.invoke(CommoProxy.java:384)
at $Proxy57.validate(Unknown Source)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:643)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
--------------- nested within: ------------------
weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:647)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.
at weblogic.management.security.RealmImpl.validate(RealmImpl.java:42)
at java.lang.reflect.Method.invoke(Native Method)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1287)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:928)
at weblogic.management.commo.CommoProxy.invoke(CommoProxy.java:384)
at $Proxy57.validate(Unknown Source)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:643)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
--------------- nested within: ------------------
weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:647)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
***************************************************************************
Cause
WebLogic does not allow more than one DefaultKeyStore
Resolution
1. Make a backup of c:\RSASecurity\ before proceeding with the remaining steps below
2. Go to the directory c:\RSASecurity\CTFIMM\rsaappserver\config\csfdomain. In this directory, there should be 2 files: config.xml and config.booted. Rename config.xml to config.xml.notworking and config.booted to config.xml.
3. Delete the following directory and all subdirectories: c:\RSASecurity\CTFIMM\rsaapserver\config\csfdomain\userConfig\Security
4. Start WebLogic admin and managed servers
NOTE: Do not create a new default keystore in WebLogic without first removing the existing one
Workaround
Created a second DefaultKeyStore through WebLogic administration console
Related Articles
How to set up a MySQL driver jar file for data collection using WebLogic server using RSA Via Lifecycle and Governance Number of Views How to determine the version of Oracle WebLogic and dependencies in RSA Authentication Manager 8.x Number of Views A parameter cannot be found that matches parameter name Generation when installing RSA Authentication Manager 8.1 SP1 on M… Number of Views RSA Authentication Manager 8.x Web Tier is not listening on TCP port 443 Number of Views Unable to install RSA Authentication Manager Web Tier on Microsoft Windows Server Number of Views
Trending Articles
RSA Authentication Manager 8.3 Dell 630 and 230 hardware appliance loses ability to access keyboard when running PING 4.0 … RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows Troubleshooting RSA MFA Agent for Microsoft Windows RSA Release Notes for RSA Authentication Manager 8.8
Don't see what you're looking for?
