Many of us would have faced the below error and weblogic server won't start shortly after either extending a domain or creating a domain or done something related to domain.
weblogic.security.internal.encryption.EncryptionServiceException: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.
I use weblogic 10.3.4. This error occurs when the SerializedSystemIni.dat file gets corrupted. It simply means that the server is unable to decrypt the encrypted passwords because the file that has the hash value to decrypt it - SerializedSystemIni.dat - has got corrupted.
There is nothing to worry though, this error could be resolved easily.
All the encrypted passwords in the file config.xml should be replaced with its corresponding clear text (ordinary text) values and then start the server.
For example if weblogic@123 was your password for the server, then follow the below steps to solve the error.
1) In SecurityConfiguration tag, do the following.
i) Replace
<node-manager-password-encrypted>{3DES}Va1McYXiUPirK77U+SQfMg==</node-manager-password-encrypted>
with
<node-manager-password-encrypted>weblogic@123</node-manager-password-encrypted>
ii) Replace
<credential-encrypted>{3DES}diqufr0TEjlJuLvdnhvtCxEUbxr0yIm8dadNaJRqiefJgGQqcWagiY4tlLX3I3pWa/jpBKeMzyEJgufp/725y1/PXSt0mWOh</credential-encrypted>
with
<credential-encrypted>weblogic@123</credential-encrypted>
2) In the EmbeddedLDAP tag do the following.
Replace
<embedded-ldap>
<name>Your_Domain</name>
<credential-encrypted>{3DES}OVxKttua/KHdFNAxuTypkcPZFAcC8kSHQ4X/ZrhTRLUFLAGocQP0yBT7xX7qijqTBMcMBuXkPq0PC19KDuGy2/fAUXMUGpUn</credential-encrypted>
</embedded-ldap>
with
<embedded-ldap>
<name>Your_Domain</name>
<credential-encrypted>weblogic@123</credential-encrypted>
</embedded-ldap>
Now start your server. It should start without any error.
Note: A word of caution - don't change the order of any of the tags in the config.xml file because if you change it, then you get SchemaValidator error. Just replace the encrypted passwords with its corresponding clear text values.
No comments:
Post a Comment