000014649 - Admin Server fails to start after replacing a server certificate

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014649
Applies ToRSA Authentication Manager 7.1 SP4
RSA SecurID Appliance 3.0.4
SHA384, SHA512
IssueAfter replacing a server certificate of AM Admin Server fails to start.
In the AdminServer.out:
<Feb 25, 2013 4:21:22 PM WET> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: 
There are 1 nested errors:
java.io.IOException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.13
The Weblogic of the AM 7.1 does not support certificates with hashing algorithm SHA512 (OID = 1.2.840.113549.1.1.13). 
This also applies to all CA certificates in the chain.
ResolutionNo workaround so far.
Legacy Article IDa62653