weblogic NodeManager的 [Security:090482]BAD_CERTIFICATE alert 错误

最新推荐文章于 2022-10-21 11:20:22 发布

rocklei123

最新推荐文章于 2022-10-21 11:20:22 发布

阅读量5.9k

点赞数

分类专栏： Weblogic 文章标签： weblogic nodeManager Security090482

Weblogic 专栏收录该内容

38 篇文章 0 订阅

订阅专栏

之前由于虚拟机换了ip，所以出现了如下错误：

<Sep 12, 2013 4:17:12 AM BRT> <Warning> <Security> <BEA-090482> <BAD_CERTIFICATE alert was received from 192.168.1.127 - 192.168.1.127. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.> 
<Sep 12, 2013 4:17:12 AM> <WARNING> <Uncaught exception in server handlerjavax.net.ssl.SSLKeyException: [Security:090482]BAD_CERTIFICATE alert was received from 192.168.1.127 - 192.168.1.127. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.>
javax.net.ssl.SSLKeyException: [Security:090482]BAD_CERTIFICATE alert was received from 192.168.1.127 - 192.168.1.127. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.
	at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
	at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertReceived(Unknown Source)
	at com.certicom.tls.record.alert.AlertHandler.handle(Unknown Source)
	at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown Source)
	at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
	at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
	at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
	at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
	at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
	at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
	at com.certicom.tls.record.ReadHandler.read(Unknown Source)
	at com.certicom.io.InputSSLIOStreamWrapper.read(Unknown Source)
	at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:264)
	at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:306)
	at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:158)
	at java.io.InputStreamReader.read(InputStreamReader.java:167)
	at java.io.BufferedReader.fill(BufferedReader.java:136)
	at java.io.BufferedReader.readLine(BufferedReader.java:299)
	at java.io.BufferedReader.readLine(BufferedReader.java:362)
	at weblogic.nodemanager.server.Handler.run(Handler.java:70)
	at java.lang.Thread.run(Thread.java:619)

1.修改adminserver的ssl默认参数Hostname Verification:None

2.startWeblogic.cmd中追加:
set JAVA_OPTIONS=%JAVA_OPTIONS% -Dweblogic.security.SSL.ignoreHostnameVerification=true

Admin Server and Other managed Servers (Startup Scripts):
-Dweblogic.security.SSL.ignoreHostnameVerification=true

For Node Manager (in startNodeManager.sh):
-Dweblogic.nodemanager.sslHostNameVerificationEnabled=false

我只用了第一种就解决了，设置Hostname Verification None 重启管理server，问题解决。

参考地址：https://forums.oracle.com/thread/1031567

http://tonydlut.iteye.com/blog/1291326