was6portal配置ssl后启动不了?帮忙看下
按照portal与AD配置的文档步骤完成后,在AD增加用户后能成功登录portal,由于想通过portlet来实现对AD的用户操作,还需配置ssl,按照文档在AD服务器上安装IIS和CA证书,并下载到portal服务器,通过was的ikeyman将证书导入,将was的ldap的ssl启用,结果不能启动was、portal,错误日志如下:
was:
Caused by: com.ibm.websphere.security.CustomRegistryException: simple bind failed: ××××.com:636
... 43 more
Caused by: javax.naming.CommunicationException: simple bind failed: ×××××.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: No trusted certificate found]
poratl:
09-4-16 16:31:50:041 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:051 CST] 0000000a UserRegistryI A SECJ0136I: ¶¨ÖÆ×¢²á±í com.ibm.ws.security.registry.ldap.LdapRegistryImpl Òѳõʼ»¯
[09-4-16 16:31:50:161 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:181 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:211 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:281 CST] 0000000a LdapRegistryI E SECJ0352E: ÓÉÓÚÏÂÁÐÒì³£ {1} ¶øµ¼ÖÂÎÞ·¨»ñÈ¡Æ¥Åäģʽ CN=*admin,CN=Users,DC=**,DC=**,DC=com µÄÓû§¡£
[09-4-16 16:31:50:301 CST] 0000000a LdapRegistryI E SECJ0336E: ÓÉÓÚÏÂÁÐÒì³£ {1} ¶øµ¼ÖÂÓû§ CN=*admin,CN=Users,DC=**,DC=**,DC=com µÄÈÏ֤ʧ°Ü
[09-4-16 16:31:50:311 CST] 0000000a LTPAServerObj E SECJ0369E: ʹÓà LTPA ʱÈÏ֤ʧ°Ü¡£Ò쳣Ϊ simple bind failed: ****:636¡£
[09-4-16 16:31:50:382 CST] 0000000a distContextMa E SECJ0270E: ÎÞ·¨»ñȡʵ¼ÊµÄƾ֤¡£Ò쳣Ϊ javax.naming.CommunicationException: simple bind failed: ****:636. Root exception is javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: No trusted certificate found
at com.ibm.jsse2.bx.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.w.a(Unknown Source)
at com.ibm.jsse2.w.a(Unknown Source)
at com.ibm.jsse2.v.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.l(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.f.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:86)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:144)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:420)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:351)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:210)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2657)
at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:307)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.InitialContext.(InitialContext.java:209)
at javax.naming.directory.InitialDirContext.(InitialDirContext.java:94)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.getDirContext(LdapRegistryImpl.java:2314)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.search(LdapRegistryImpl.java:1806)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.search(LdapRegistryImpl.java:1736)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.getUsers(LdapRegistryImpl.java:1179)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.checkPassword(LdapRegistryImpl.java:290)
at com.ibm.ws.security.registry.UserRegistryImpl.checkPassword(UserRegistryImpl.java:296)
at com.ibm.ws.security.ltpa.LTPAServerObject.authenticate(LTPAServerObject.java:573)
at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:437)
at com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy.login(WSLoginModuleProxy.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:699)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:151)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:634)
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java:351)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:631)
at javax.security.auth.login.LoginContext.login(LoginContext.java:557)
at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLoginHelper.java:376)
at com.ibm.ws.security.auth.distContextManagerImpl.login(distContextManagerImpl.java:1047)
at com.ibm.ws.security.auth.distContextManagerImpl.login(distContextManagerImpl.java:887)
at com.ibm.ws.security.auth.distContextManagerImpl.login(distContextManagerImpl.java:878)
at com.ibm.ws.security.auth.distContextManagerImpl.getServerSubjectInternal(distContextManagerImpl.java:2164)
at com.ibm.ws.security.core.distSecurityComponentImpl.initializeServerSubject(distSecurityComponentImpl.java:1928)
at com.ibm.ws.security.core.distSecurityComponentImpl.initialize(distSecurityComponentImpl.java:341)
at com.ibm.ws.security.core.distSecurityComponentImpl.startSecurity(distSecurityComponentImpl.java:298)
at com.ibm.ws.security.core.SecurityComponentImpl.startSecurity(SecurityComponentImpl.java:101)
at com.ibm.ws.security.core.ServerSecurityComponentImpl.start(ServerSecurityComponentImpl.java:279)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:820)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:649)
at com.ibm.ws.runtime.component.ApplicationServerImpl.start(ApplicationServerImpl.java:149)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:820)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:649)
at com.ibm.ws.runtime.component.ServerImpl.start(ServerImpl.java:408)
at com.ibm.ws.runtime.WsServerImpl.bootServerContainer(WsServerImpl.java:187)
at com.ibm.ws.runtime.WsServerImpl.start(WsServerImpl.java:133)
at com.ibm.ws.runtime.WsServerImpl.main(WsServerImpl.java:387)
at com.ibm.ws.runtime.WsServer.main(WsServer.java:53)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.ibm.ws.bootstrap.WSLauncher.run(WSLauncher.java:219)
at java.lang.Thread.run(Thread.java:570)
Caused by: com.ibm.jsse2.util.g: No trusted certificate found
at com.ibm.jsse2.util.f.b(Unknown Source)
at com.ibm.jsse2.util.f.b(Unknown Source)
at com.ibm.jsse2.util.d.a(Unknown Source)
at com.ibm.jsse2.bo.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(Unknown Source)
... 71 more
---- Begin backtrace for Nested Throwables
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: No trusted certificate found
at com.ibm.jsse2.bx.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
was:
Caused by: com.ibm.websphere.security.CustomRegistryException: simple bind failed: ××××.com:636
... 43 more
Caused by: javax.naming.CommunicationException: simple bind failed: ×××××.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: No trusted certificate found]
poratl:
09-4-16 16:31:50:041 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:051 CST] 0000000a UserRegistryI A SECJ0136I: ¶¨ÖÆ×¢²á±í com.ibm.ws.security.registry.ldap.LdapRegistryImpl Òѳõʼ»¯
[09-4-16 16:31:50:161 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:181 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:211 CST] 0000000a LdapRegistryI A SECJ0418I: ²»ÄÜÁ¬½ÓÖÁ LDAP ·þÎñÆ÷ [url=ldap://****:636¡£/]ldap://****:636¡£[/url]
[09-4-16 16:31:50:281 CST] 0000000a LdapRegistryI E SECJ0352E: ÓÉÓÚÏÂÁÐÒì³£ {1} ¶øµ¼ÖÂÎÞ·¨»ñÈ¡Æ¥Åäģʽ CN=*admin,CN=Users,DC=**,DC=**,DC=com µÄÓû§¡£
[09-4-16 16:31:50:301 CST] 0000000a LdapRegistryI E SECJ0336E: ÓÉÓÚÏÂÁÐÒì³£ {1} ¶øµ¼ÖÂÓû§ CN=*admin,CN=Users,DC=**,DC=**,DC=com µÄÈÏ֤ʧ°Ü
[09-4-16 16:31:50:311 CST] 0000000a LTPAServerObj E SECJ0369E: ʹÓà LTPA ʱÈÏ֤ʧ°Ü¡£Ò쳣Ϊ simple bind failed: ****:636¡£
[09-4-16 16:31:50:382 CST] 0000000a distContextMa E SECJ0270E: ÎÞ·¨»ñȡʵ¼ÊµÄƾ֤¡£Ò쳣Ϊ javax.naming.CommunicationException: simple bind failed: ****:636. Root exception is javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: No trusted certificate found
at com.ibm.jsse2.bx.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.w.a(Unknown Source)
at com.ibm.jsse2.w.a(Unknown Source)
at com.ibm.jsse2.v.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.l(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.f.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:86)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:144)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:420)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:351)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:210)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2657)
at com.sun.jndi.ldap.LdapCtx.
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:190)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:208)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:151)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:81)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:675)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:257)
at javax.naming.InitialContext.init(InitialContext.java:233)
at javax.naming.InitialContext.
at javax.naming.directory.InitialDirContext.
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.getDirContext(LdapRegistryImpl.java:2314)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.search(LdapRegistryImpl.java:1806)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.search(LdapRegistryImpl.java:1736)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.getUsers(LdapRegistryImpl.java:1179)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.checkPassword(LdapRegistryImpl.java:290)
at com.ibm.ws.security.registry.UserRegistryImpl.checkPassword(UserRegistryImpl.java:296)
at com.ibm.ws.security.ltpa.LTPAServerObject.authenticate(LTPAServerObject.java:573)
at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:437)
at com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy.login(WSLoginModuleProxy.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:699)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:151)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:634)
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java:351)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:631)
at javax.security.auth.login.LoginContext.login(LoginContext.java:557)
at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLoginHelper.java:376)
at com.ibm.ws.security.auth.distContextManagerImpl.login(distContextManagerImpl.java:1047)
at com.ibm.ws.security.auth.distContextManagerImpl.login(distContextManagerImpl.java:887)
at com.ibm.ws.security.auth.distContextManagerImpl.login(distContextManagerImpl.java:878)
at com.ibm.ws.security.auth.distContextManagerImpl.getServerSubjectInternal(distContextManagerImpl.java:2164)
at com.ibm.ws.security.core.distSecurityComponentImpl.initializeServerSubject(distSecurityComponentImpl.java:1928)
at com.ibm.ws.security.core.distSecurityComponentImpl.initialize(distSecurityComponentImpl.java:341)
at com.ibm.ws.security.core.distSecurityComponentImpl.startSecurity(distSecurityComponentImpl.java:298)
at com.ibm.ws.security.core.SecurityComponentImpl.startSecurity(SecurityComponentImpl.java:101)
at com.ibm.ws.security.core.ServerSecurityComponentImpl.start(ServerSecurityComponentImpl.java:279)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:820)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:649)
at com.ibm.ws.runtime.component.ApplicationServerImpl.start(ApplicationServerImpl.java:149)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:820)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:649)
at com.ibm.ws.runtime.component.ServerImpl.start(ServerImpl.java:408)
at com.ibm.ws.runtime.WsServerImpl.bootServerContainer(WsServerImpl.java:187)
at com.ibm.ws.runtime.WsServerImpl.start(WsServerImpl.java:133)
at com.ibm.ws.runtime.WsServerImpl.main(WsServerImpl.java:387)
at com.ibm.ws.runtime.WsServer.main(WsServer.java:53)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.ibm.ws.bootstrap.WSLauncher.run(WSLauncher.java:219)
at java.lang.Thread.run(Thread.java:570)
Caused by: com.ibm.jsse2.util.g: No trusted certificate found
at com.ibm.jsse2.util.f.b(Unknown Source)
at com.ibm.jsse2.util.f.b(Unknown Source)
at com.ibm.jsse2.util.d.a(Unknown Source)
at com.ibm.jsse2.bo.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(Unknown Source)
... 71 more
---- Begin backtrace for Nested Throwables
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: No trusted certificate found
at com.ibm.jsse2.bx.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)
at com.ibm.jsse2.by.a(Unknown Source)