无论我做什么,WebSphere 7 SSL 错误都不会消失?
我安装了 WebSphere 7.0 和 RAD 7.5。更新了 WAS 以修复包 11 并更新 RAD。 7.5.5。最新更新..等等...
- 我创建一个服务器配置文件。
- 我启动服务器。
- 我打开全局安全性并使用 LDAP。 (我已经做过十亿次了)
- 我什至不尝试发布应用程序。
- 服务器每两分钟不断地调试此消息。
你怎样让它停止?我尝试过制作新钥匙不起作用,我吹掉了配置文件并制作了一个新钥匙。什么都不起作用。没有什么。服务器以 400 MB 运行,未安装应用程序。这应该是正常的吗? 400 MB 且未发布应用程序?
服务器配置文件创建向导将这些无意义的 SSL 强制写入配置中。
这里究竟发生了什么?
我很想利用 IBM 提供的最新服务器技术,但它似乎是开箱即用的。 5 个修复包之后,它仍然损坏。
[8/25/10 8:12:44:896 CDT] 0000000b SSLHandshakeE E SSLC0008E: Unable to initialize SSL connection. Unauthorized access was denied or security settings have expired. Exception is javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.ibm.jsse2.b.a(b.java:34)
at com.ibm.jsse2.pc.a(pc.java:155)
at com.ibm.jsse2.pc.unwrap(pc.java:104)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:17)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.readyInbound(SSLConnectionLink.java:531)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.ready(SSLConnectionLink.java:291)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1550)
I installed WebSphere 7.0 and RAD 7.5. Updated WAS to fix pack 11 and update RAD. 7.5.5. latest updates..etc...
- I create a server profile.
- I start the server.
- I turn on global security and use LDAP. (something I have done a billion times)
- I don't even attempt to publish an application.
- The server constantly debugs out this message every two minutes.
How do you make it stop? I have tried making new keys doesn't work, I blow away the profile and make a new one. Nothing works. Nothing. The server is running at 400 MB without an application installed. Is this supposed to be normal? 400 MB with no app published?
The server profile creation wizard forces this SSL nonsense into the config.
What's really going on here?
I would love to utilize the latest server technology IBM has to offer but it seems to be broken right out of the box, out of the gate. 5 fix packs later and it's still broken.
[8/25/10 8:12:44:896 CDT] 0000000b SSLHandshakeE E SSLC0008E: Unable to initialize SSL connection. Unauthorized access was denied or security settings have expired. Exception is javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.ibm.jsse2.b.a(b.java:34)
at com.ibm.jsse2.pc.a(pc.java:155)
at com.ibm.jsse2.pc.unwrap(pc.java:104)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:17)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.readyInbound(SSLConnectionLink.java:531)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.ready(SSLConnectionLink.java:291)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1550)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(10)
我错了。无论以哪种方式创建它都会导致问题。 (运行 pmt.bat 或通过 rad 工具)。
真正的问题不是将全局安全内容复制为安全域。基本上你去安全> 安全域 >然后单击从全局安全选项复制。
这太疯狂了。为什么不简单地让愚蠢的向导询问您是否也希望发生这种情况??? IBM 激怒了我。
I was wrong. Creating it from either way causes the issue. (running the pmt.bat or through the rad tool).
The real issue was not copying the global security stuff as a security domain. Basically you go to Security > Security Domains > then click the Copy from Global Security option.
This is just crazy. Why not simply have the goofy wizard ask if you would like this to happen also??? IBM infuriates me.
我通过在服务器屏幕中启用安全性来解决此问题。
打开服务器视图,双击服务器,展开安全性,启用“安全性已在此服务器中启用”并提供用户 ID + 密码。此后问题就消失了。
由于某种原因,即使我通过管理控制台启用了它,它也被禁用了。
I solve this issue by enabling security in the server screen.
Open the Servers view, double click on the server, expand security, enable "Security is enabled in this server" and provide a user ID + password. After this the problem went away.
For some reason it was disabled even though I enabled it through the admin console.
为时已晚,但可能会帮助像我这样的其他人:)
同意上面 Peter 的观点,它的 IDE 检查服务器的状态。
您需要将证书“X”(即
exportedCertificate.cer)添加到 JRE 密钥库。为此,请在 Windows CMD 窗口中运行以下命令:证书“X”是 Websphere 服务器中的默认证书。您可以通过 IBM 控制台查找并导出它。另一种方法是在浏览器中点击 HTTPS url,然后以 DER 格式从浏览器导出。
Its too late but may be it helps others like me :)
Agree with Peter above, its IDE which checks status from server..
You need to add the certificate 'X' i.e.
exportedCertificate.certo JRE keystore. To do this, run this command in a Windows CMD window:Certificate 'X' is the default certificate in your Websphere server. You can find and export it through IBM console. Alternative is to hit HTTPS url at browser and export it from browser in DER format.
我发现这个解决方案最适合我。
http://wiing.fr/websphere-application-server-ssl-错误/I found that this solution worked best for me.
http://wiing.fr/websphere-application-server-ssl-error/您的应用程序服务器正在尝试在非 ssl 端口上建立 ssl 连接。实时查看的一个简单方法是尝试使用 http 但使用 ssl 端口访问管理控制台。
如果您使用标准端口,您可以尝试以下操作:
http://localhost:9043/ibm/console/
Your app server is trying to establish a ssl connection on a port that is not ssl. An easy way to see it live is trying to access the admin console using http but using the ssl port.
If you use the standard ports you can try this:
http://localhost:9043/ibm/console/
在大多数情况下,这是由于 SSL 证书过期造成的。转至:
并查看
key.p12和trust.p12文件。检查创建/修改日期。它通常会大一岁以上。这意味着它已过期,因为上述文件的有效期通常仅为 1 年。解决方案
删除整个 websphere 服务器配置文件(这将删除
C:\Program Files (x86)\IBM\WebSphere\AppServer\profiles\AppSrv01下的所有内容并创建一个新的。这将清除 < code>key.p12 和trust.p12文件以及其他文件,并创建新的key.p12和trust.p12创建新配置文件时从您同事的计算机(其密钥文件)复制
key.p12和trust.p12。 key.p12 和trust.p12)未过期。您还可以使用 iKeyman 工具续订key.p12。In most cases, this is due to expired SSL Certificate. Go to:
and see
key.p12andtrust.p12files. Check the created/modified date. It will typically be more than 1 year older. This means it's expired as typically above files are valid for 1 year only.Solution
Delete entire websphere server profile (which will delete everything under
C:\Program Files (x86)\IBM\WebSphere\AppServer\profiles\AppSrv01and create a new. this will wipe outkey.p12andtrust.p12files along with other files and create a newkey.p12andtrust.p12files when you create new profile.Copy
key.p12andtrust.p12from your colleague's machine whose key files(key.p12andtrust.p12) are not expired. You can also use iKeyman tool to renewkey.p12.此错误可能是由您的 IDE(让它是 Rational Application Developer RAD、Rational Software Architect RSA 或普通 Eclipse)引起的,该 IDE 正在尝试更新“服务器视图”中的服务器状态。
正如这里有人已经说过的,IDE 对 WebSphere Application Server 控制台的调用失败,因为它格式错误:
由于您的 IDE 尝试定期更新状态,因此服务器会经常打印此错误消息。
在我的例子中,有效的方法是从“服务器视图”中删除服务器(右键单击 - 删除)和 添加一个新的(右键单击 - 新建)。
This error may be caused by your IDE (let it be Rational Application Developer RAD, Rational Software Architect RSA or plain Eclipse), which is trying to update the server status in the "Servers View".
As somebody here already said, the IDE's call to WebSphere Application Server's console fails, because it's malformed:
Since your IDE tries to update the status regularly, the server prints this error message as often.
What worked in my case, was to remove the server from the "Servers View" (Right click - delete) and add a new one (Right click - new).
就我而言,我的 IDE 不使用 IBM 的 JRE 运行。既然是日食。所以我更新了 eclipse.ini 以包含
In my case, my IDE is not run with IBM's JRE. Since it's eclipse. so i update the eclipse.ini to include
我也面临这个问题。终于解决了这个问题。以下步骤可能会有所帮助。
删除您之前创建的配置文件。
IBM/AppServer/bin/manageprofiles.bat -listProfilesIBM/AppServer/bin/manageprofiles.bat -delete ProfileName< kbd>Windows-->开始-->服务 查找任何正在后台运行的 IBM WebSphere 服务器。尝试停止它们并重新启动服务器。
I also faced this issue . finally sorted out this issue. Below are the steps may helpful.
delete the profiles which you have created earlier.
IBM/AppServer/bin/manageprofiles.bat -listProfilesIBM/AppServer/bin/manageprofiles.bat -delete ProfileNameWindows-->Start-->Services find any IBM WebSphere servers are running background. try to stop them and restart the server.
修改 eclipse.ini 以显式使用 IBM JRE,如下所示:
重新启动 Eclipse 并重新启动 IBM Websphere Application Server 以解决问题。
Modify your eclipse.ini to explicitly use the IBM JRE as follows:
Restart Eclipse and Restart your IBM Websphere Application Server to fix the issue.