Posted on

Starting a Managed Server from the NodeManager

oracle weblogic book oracle weblogic books

In order to start a Weblogic Server using the Node Manager perform the following tasks:

1.       Make sure that the server is associated with a Machine. This can be checked through the Configuration | General option of the Server window.

2.       Make sure that also the Node Manager is started on the Machine that hosts the server.

3.       Move to the Server | Control window. In the lower table, you can check the servers you want to start and simply click on the Start button.

oracle weblogic book oracle weblogic books

Troubleshooting Node Manager

A common source of issues is related to the certificate hostname verification. As a matter of fact, when trying to connect to the NodeManager a check verification is performed based on the certificate which is configured as IdentityKeystore.

Certificates are located into the MW_HOME\Weblogic\wlserver\server\lib\ folder and the default (demo) certificate is named DemoIdentity.jks.

It can happen that the certificate has been bound to an hostname which has changed (think about a change in your network configuration). This generally produces a message like this on the console:

Certificate chain received from localhost – 127.0.0.1 failed host name verification check. Certificate contained rhp360-c4-13 but check expected localhost

Then, the first check to be done is that the Machine Listen address corresponds to the hostname of the certificate. If you still cannot solve the issue, don’t panic! you can still re-generate your certificate in a minute by executing the CertGen utility and the corresponding ImportPrivateKey as follows:

C:\wls1211_dev\wlserver\server\bin>setWLSEnv.cmd  java utils.CertGen -cn localhost -keyfilepass DemoIdentityPassPhrase -certfile testcert -keyfile testkey

Generating a certificate with common name rnhp360-c4-13 and key strength 1024 issued by CA with certificate from C:\WLS121~1\wlserver\server\lib\CertGenCA.der  file and key from C:\WLS121~1\wlserver\server\lib\CertGenCAKey.der file

java utils.ImportPrivateKey DemoIdentity.jks DemoIdentityKeyStorePassPhrase demoidentity DemoIdentityPassPhrase testcert.pem testkey.pem

<30-dic-2012 19.21.29 CET> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>

<30-dic-2012 19.21.30 CET> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>

<30-dic-2012 19.21.30 CET> <Info> <Security> <BEA-090908> <Using default WebLogic SSL Hostname Verifier implementation.>

Imported private key testkey.pem and certificate testcert.pem into a new keystore DemoIdentity.jks of type jks under alias demoidentity

Now copy this certificate into MW_HOME\wlserver\server\lib (before backing up a copy of the default DemoIdentity.jks certificate).

C:\wls1211_dev\wlserver\server\bin>copy DemoIdentity.jks C:\wls1211_dev\wlserver\server\lib  Overwrite C:\wls1211_dev\wlserver\server\lib\DemoIdentity.jks? (Yes/No/All): Yes          1 file(s) copied.