BEA WebLogic Admin Server for RSA Federated Identity Module (FIM) does not restart after adding a new DefaultKeyStore
Originally Published: 2004-09-08
Article Number
Applies To
RSA Federated Identity Manager (FIM) 2.0
Issue
WebLogic admin server log file, adminserver.log, shows the following exceptions/errors:
***************************************************************************
The WebLogic Server did not start up properly.
Exception raised:
Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.
at weblogic.management.security.RealmImpl.validate(RealmImpl.java:42)
at java.lang.reflect.Method.invoke(Native Method)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1287)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:928)
at weblogic.management.commo.CommoProxy.invoke(CommoProxy.java:384)
at $Proxy57.validate(Unknown Source)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:643)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
--------------- nested within: ------------------
weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:647)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.
at weblogic.management.security.RealmImpl.validate(RealmImpl.java:42)
at java.lang.reflect.Method.invoke(Native Method)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1287)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:928)
at weblogic.management.commo.CommoProxy.invoke(CommoProxy.java:384)
at $Proxy57.validate(Unknown Source)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:643)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
--------------- nested within: ------------------
weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:647)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
***************************************************************************
Cause
WebLogic does not allow more than one DefaultKeyStore
Resolution
1. Make a backup of c:\RSASecurity\ before proceeding with the remaining steps below
2. Go to the directory c:\RSASecurity\CTFIMM\rsaappserver\config\csfdomain. In this directory, there should be 2 files: config.xml and config.booted. Rename config.xml to config.xml.notworking and config.booted to config.xml.
3. Delete the following directory and all subdirectories: c:\RSASecurity\CTFIMM\rsaapserver\config\csfdomain\userConfig\Security
4. Start WebLogic admin and managed servers
NOTE: Do not create a new default keystore in WebLogic without first removing the existing one
Workaround
Created a second DefaultKeyStore through WebLogic administration console
Related Articles
How to set up a MySQL driver jar file for data collection using WebLogic server using RSA Via Lifecycle and Governance Number of Views How to determine the version of Oracle WebLogic and dependencies in RSA Authentication Manager 8.x Number of Views A parameter cannot be found that matches parameter name Generation when installing RSA Authentication Manager 8.1 SP1 on M… Number of Views RSA Authentication Manager 8.x Web Tier is not listening on TCP port 443 Number of Views RSA Identity Governance & Lifecycle log message "Could not find new XAResource" in server.log file Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA announces the availability of the RSA SecurID Hardware Appliance 230 based on the Dell PowerEdge R240 Server How to troubleshoot Oracle database ORA-04030 errors in RSA Identity Governance & Lifecycle RSA Authentication Manager Upgrade Process Microsoft SQL Server Collectors can no longer connect to the SQL Server database after upgrade to Microsoft SQL Server 201…
Don't see what you're looking for?
