prodriveit
asked on
Trouble installing SSL certificate
I have a problem with installing an SSL certificate from Verisign onto Oracle application server 10R2. When I configure the ssl.conf file with the default Oracle wallet location and password, https connectivity to my website works ok. When I create a new wallet through the Oracle Wallet Manager, import the certificate into the wallet and update the ssl.conf file with the new wallet location and password, I lose https connectivity. The error shown in the web browser (incidently, I am browsing from the application server itself) is a simple "Cannot find server or DNS Error"
http connectivity is fine throughout.
I have checked the ssl_engine_log file and when I use the default Oracle wallet, I get no entries. When I use the wallet I have created, I get the following entries:
[26/Mar/2006 05:16:31 02288] [error] SSL call to NZ function nzos_Handshake failed with error 28864 (server <servername>:443, client <client IP>)
[26/Mar/2006 05:16:31 02288] [error] SSL IO error [Hint: the client stop the connection unexpectedly]
Is there a way to determine if this is an error with the wallet I have created or with the certificate from Verisign, or neither?
I have a feeling that installing a certificate should be a straightforward process, but for some reason it isn't in this case!
Thanks in advance,
Matt
http connectivity is fine throughout.
I have checked the ssl_engine_log file and when I use the default Oracle wallet, I get no entries. When I use the wallet I have created, I get the following entries:
[26/Mar/2006 05:16:31 02288] [error] SSL call to NZ function nzos_Handshake failed with error 28864 (server <servername>:443, client <client IP>)
[26/Mar/2006 05:16:31 02288] [error] SSL IO error [Hint: the client stop the connection unexpectedly]
Is there a way to determine if this is an error with the wallet I have created or with the certificate from Verisign, or neither?
I have a feeling that installing a certificate should be a straightforward process, but for some reason it isn't in this case!
Thanks in advance,
Matt
ASKER
Thanks Gerald, I actually got this working as of last week. It turns out that it was a problem with the wallet I was using. Also, there is a need to download and install the root certficate and the intermediate certificate from Verisign. Their support guys talked me through it and it's now up and running.
Thanks,
Matt
Thanks,
Matt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Gerald