Today i faced a strange issue where i was working in one of our cloned instance-EBS 12.1.3 and while starting the apps tier, i got the below error.
You are running adopmnctl.sh version 120.6.12010000.5
Checking status of OPMN managed processes...
Unable to connect to opmn.
Opmn may not be up.
adopmnctl.sh: exiting with status 0
adopmnctl.sh: check the logfile
if we get the above errors, we should check the OPMN logs and the logs were showing the error:
(file:$INST_TOP/certs/opmn) [default password]: 28759
15/11/15 15:01:28 [ons-secure] Failed to open wallet
Thus i come down to a conclusion that there is something wrong with my wallet files. I navigated to the directory and found that the files are there at the appropriate location $INST_TOP/certs/opmn and $INST_TOP/certs/Apache
Note:If the files are missing in the above directory then we need to copy the same from "APPS Mount/tech_st/10.1.3/opmn/conf/ssl.wlt/default to $INST_TOP/certs/opmn and $INST_TOP/certs/Apache.
Now in my case my files were in the directory, then why the error was coming. I remember that to renew our SSL certifcates which was SHA-2, i had to patch 10.1.3 Oracle HOME with minimum CPU OCT 2015 patch(21845960). As in EBS 12.1.3, we don't refresh $INST_TOP, so the existing wallets files were expecting that the binaries of 10.1.3 OH should be compatible with SHA-2 algorithm. During refresh from our PROD instance, the 10.1.3 OH which got drilled down to cloned instance, in that the binaries were only compatible with SHA-1 algorithm. I suspect that because of this incompatibility my wallet files were not able to be detected.
So to resolve the issue, i had to patch the 10.1.3 OH again(minimum CPU OCT 2015 patch(21845960)) and the issue got resolved. I was able to start all the services with ease and login page certs started using new certs SHA-2. Hope it helps.
You are running adopmnctl.sh version 120.6.12010000.5
Checking status of OPMN managed processes...
Unable to connect to opmn.
Opmn may not be up.
adopmnctl.sh: exiting with status 0
adopmnctl.sh: check the logfile
if we get the above errors, we should check the OPMN logs and the logs were showing the error:
(file:$INST_TOP/certs/opmn) [default password]: 28759
15/11/15 15:01:28 [ons-secure] Failed to open wallet
Thus i come down to a conclusion that there is something wrong with my wallet files. I navigated to the directory and found that the files are there at the appropriate location $INST_TOP/certs/opmn and $INST_TOP/certs/Apache
Note:If the files are missing in the above directory then we need to copy the same from "APPS Mount/tech_st/10.1.3/opmn/conf/ssl.wlt/default to $INST_TOP/certs/opmn and $INST_TOP/certs/Apache.
Now in my case my files were in the directory, then why the error was coming. I remember that to renew our SSL certifcates which was SHA-2, i had to patch 10.1.3 Oracle HOME with minimum CPU OCT 2015 patch(21845960). As in EBS 12.1.3, we don't refresh $INST_TOP, so the existing wallets files were expecting that the binaries of 10.1.3 OH should be compatible with SHA-2 algorithm. During refresh from our PROD instance, the 10.1.3 OH which got drilled down to cloned instance, in that the binaries were only compatible with SHA-1 algorithm. I suspect that because of this incompatibility my wallet files were not able to be detected.
So to resolve the issue, i had to patch the 10.1.3 OH again(minimum CPU OCT 2015 patch(21845960)) and the issue got resolved. I was able to start all the services with ease and login page certs started using new certs SHA-2. Hope it helps.
No comments:
Post a Comment