BEA WebLogic Admin Server for RSA Federated Identity Module (FIM) does not restart after adding a new DefaultKeyStore
Originally Published: 2004-09-08
Article Number
Applies To
RSA Federated Identity Manager (FIM) 2.0
Issue
WebLogic admin server log file, adminserver.log, shows the following exceptions/errors:
***************************************************************************
The WebLogic Server did not start up properly.
Exception raised:
Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.
at weblogic.management.security.RealmImpl.validate(RealmImpl.java:42)
at java.lang.reflect.Method.invoke(Native Method)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1287)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:928)
at weblogic.management.commo.CommoProxy.invoke(CommoProxy.java:384)
at $Proxy57.validate(Unknown Source)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:643)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
--------------- nested within: ------------------
weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:647)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.
at weblogic.management.security.RealmImpl.validate(RealmImpl.java:42)
at java.lang.reflect.Method.invoke(Native Method)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1287)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:928)
at weblogic.management.commo.CommoProxy.invoke(CommoProxy.java:384)
at $Proxy57.validate(Unknown Source)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:643)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
--------------- nested within: ------------------
weblogic.security.service.SecurityServiceRuntimeException: Security Realm [myrealm] improperly configured - with nested exception:
[Realm myrealm not properly configured.
The realm has more than one trusted CA keystore configured.
The realm has more than one private key keystore configured.]
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:647)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:620)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:742)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:530)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:917)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
***************************************************************************
Cause
WebLogic does not allow more than one DefaultKeyStore
Resolution
1. Make a backup of c:\RSASecurity\ before proceeding with the remaining steps below
2. Go to the directory c:\RSASecurity\CTFIMM\rsaappserver\config\csfdomain. In this directory, there should be 2 files: config.xml and config.booted. Rename config.xml to config.xml.notworking and config.booted to config.xml.
3. Delete the following directory and all subdirectories: c:\RSASecurity\CTFIMM\rsaapserver\config\csfdomain\userConfig\Security
4. Start WebLogic admin and managed servers
NOTE: Do not create a new default keystore in WebLogic without first removing the existing one
Workaround
Created a second DefaultKeyStore through WebLogic administration console
Related Articles
How to set up a MySQL driver jar file for data collection using WebLogic server using RSA Via Lifecycle and Governance 79Number of Views How to determine if a dependent package is installed or missing in a target host environment 3Number of Views How to determine the version of Oracle WebLogic and dependencies in RSA Authentication Manager 8.x 314Number of Views WorkPoint.log and heap dumps are written to the Linux root directory ( / ) on WebSphere and WebLogic implementations of RS… 152Number of Views RSA Authentication Manager 8.x Web Tier is not listening on TCP port 443 731Number of Views
Trending Articles
RSA Authentication Manager 8.9 Setup and Configuration Guide How to 'Trust' the RSA Authentication Manager Security Console Self-Signed Root CA certificate and prevent Cert warnings. RSA Authentication Manager 8.9 Release Notes (January 2026) Configure RSA Authentication Manager as a Secure Proxy Server for Cloud Access Service RSA Authentication Manager Upgrade Process
Don't see what you're looking for?