RSA Authentication Manager 8.x Web Tier is not listening on TCP port 443
Originally Published: 2015-05-15
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x Web Tier
Issue
<Error> <WebLogicServer> <ShortName> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1431553005608> <BEA-000297> <Inconsistent security configuration, weblogic.management.configuration.ConfigurationException: Identity certificate has expired: [ Version: V3 Serial Number: SignatureAlgorithm: SHA1withRSA (1.2.840.113549.1.1.5) Issuer Name: SERIALNUMBER=17963287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US Validity From: Fri Apr 20 17:30:38 EDT 2012 To: Sat Apr 18 20:48:30 EDT 2015 Subject Name: CN=*.'domain'.com, OU=Domain Control Validated, O=*.'domain'.com Key: RSA (1.2.840.113549.1.1.1) Key value: ... <Emergency> <Security> <ShortName> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1431553005686> <BEA-090034> <Not listening for SSL, java.io.IOException: Identity certificate has expired: [ Version: V3 Serial Number: 22155402301514726 SignatureAlgorithm: SHA1withRSA (1.2.840.113549.1.1.5) Issuer Name: SERIALNUMBER=17963287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US Validity From: Fri Apr 20 17:30:38 EDT 2012 To: Sat Apr 18 20:48:30 EDT 2015 Subject Name: CN=*.'domain'.com, OU=Domain Control Validated, O=*.'domain'.com
While Authentication Manager imsTrace.log shows.
@@@2015-05-13 17:34:15,108, [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'], (EJBRemoteTarget.java:302), trace.com.rsa.command.EJBRemoteTargetBase, ERROR, ShortName.'domain'.com,,,, Attempting downgraded connection protocol to EJB/2.1. @@@2015-05-13 17:34:26,030, [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'], (EJBRemoteTarget.java:316), trace.com.rsa.command.EJBRemoteTargetBase, ERROR, ShortName.'domain'.com,,,, Unable to connect to downgraded EJB/2.1 command server.null
Cause
Resolution
Or revert back to the original RSA self-signed Certificate, by activating it in the operations console.
