Improperly mapped sslConfig alias causes server startup failure
 Technote (troubleshooting)
 
Problem(Abstract)
An improperly mapped sslConfig alias can cause WebSphere® Application Server (including dmgr, nodeagent and application server) to fail with the following error:
:
[11/5/04 17:22:12:528 EST] d4fefb6 SecurityCompo E SECJ0007E: Error during security initialization. The exception is java.lang.RuntimeException
at com.ibm.ws.management.component.JMXConnectors.stateChanged(JMXConnectors.java:1224)
at com.ibm.ws.security.core.SecurityComponentImpl.fireStartedEvent(SecurityComponentImpl.java:865)
at com.ibm.ws.security.core.SecurityComponentImpl.start(SecurityComponentImpl.java:587)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:543)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:418)
at com.ibm.ws.runtime.component.ServerImpl.start(ServerImpl.java:183)
at com.ibm.ws.runtime.WsServer.start(WsServer.java:128)
at com.ibm.ws.runtime.WsServer.main(WsServer.java:225)
at java.lang.reflect.Method.invoke(Native Method)
at com.ibm.ws.bootstrap.WSLauncher.main(WSLauncher.java:94)
.
[11/5/04 17:22:12:608 EST] d4fefb6 SecurityCompo A SECJ0244I: Security service failed to start successfully
[11/5/04 17:22:18:016 EST] d4fefb6 WsServer E WSVR0003E: Server nodeagent failed to start
java.lang.RuntimeException
at com.ibm.ws.security.core.SecurityComponentImpl.start(SecurityComponentImpl.java:600)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:543)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:418)
at com.ibm.ws.runtime.component.ServerImpl.start(ServerImpl.java:183)
at com.ibm.ws.runtime.WsServer.start(WsServer.java:128)
at com.ibm.ws.runtime.WsServer.main(WsServer.java:225)
at java.lang.reflect.Method.invoke(Native Method)
at com.ibm.ws.bootstrap.WSLauncher.main(WSLauncher.java:94)

[11/5/04 17:22:18:066 EST] d4fefb6 WsServer E WSVR0009E: Error occurred during startup
 
Cause
The sslConfig alias used by the server matches an existing repertoire in the security. These can be seen in the administrative console by selecting the Security topology and then SSL. You can also look in the security.xml file to view the repertoire and the aliases:
<repertoire xmi:id="SSLConfig_#" alias="ibm/DefaultSSLSettings">
...
</repertoire>
 
Resolving the problem
Ensure that all application servers, nodeagent, and dmgr sslConfig aliases properly map to a valid repertoire in the security.xml.
  1. Check the HTTP transports if they have sslconfig setup:

    Servers > Web Container > HTTP Transport > choose the port
    server.xml: <transports xmi:type="applicationserver.webcontainer:HTTPTransport" xmi:id="HTTPTransport_#" sslEnabled="true" sslConfig="ibm/DefaultSSLSettings">

  2. Check the SOAP port setting:

    Servers > Administration Services > JMX Connectors > SOAPConnector > Custom Properties
    server.xml: <properties xmi:id="Property_1081209794574" name="sslConfig" value="ibm/DefaultSSLSettings"/>
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > System Management/Repository
Operating system(s): Windows
Software version: 5.1.1.2
Software edition:
Reference #: 1190602
IBM Group: Software Group
Modified date: Nov 5, 2004