Tag Archives: identitydb

Javakey

This document shows how to use JavaKey.

  1. To display help for javakey, enter the command without any parameters:
 [applmgr@ebusinesstest u0]$ javakey
javakey
        l       list of the identities in the database.
        c       create an new identity.
        r       remove an identity from the database.
        i       import a public key, a key pair, etc.
        g       generate a key pair, a certificate, etc.
        d       display a certficate.
for more information, see documentation.
[applmgr@ebusinesstest u0]$
  1. To list all identities in the database, enter javakey l:
[applmgr@ebusinesstest u0]$ javakey l
Scope: sun.security.provider.IdentityDatabase, source file: /home/applmgr/identitydb.obj
JInitiator[identitydb.obj][trusted]
CWM[identitydb.obj][trusted]
ExpressWebAgent[identitydb.obj][trusted]
OEM_2.0[identitydb.obj][trusted]
obp[identitydb.obj][trusted]
appltop[identitydb.obj][trusted]
Pharm[identitydb.obj][trusted]
Developer[identitydb.obj][trusted]
Discoverer[identitydb.obj][trusted]
OracleApplications[identitydb.obj][trusted]
APPLTOP[identitydb.obj][trusted]
Dev2k[identitydb.obj][trusted]
[applmgr@ebusinesstest u0]$
  1. To create a new identity in the database, enter javakey c <newidentity>:
[applmgr@ebusinesstest u0]$ javakey c TestVS1
Created identity TestVS1[identitydb.obj][not trusted]
[applmgr@ebusinesstest u0]$ javakey c OracleApplications
An error occured trying to add OracleApplications to sun.security.provider.IdentityDatabase, source file: /home/applmgr/identitydb.obj[name conflict]
[applmgr@ebusinesstest u0]$

adogjf() Unable to generate jar files under JAVA_TOP

Problem:

While applying patch 6502082, the patch completes in error with the following message:

ERROR: Javakey subcommand exited with status 1
Javakey standard output:
Adding entry: META-INF/MANIFEST.MF
Copyright (c) 2002 Oracle Corporation
Redwood Shores, California, USA
AD Java Key Generation
Version 11.5.0
NOTE: You may not use this utility for custom development
unless you have written permission from Oracle Corporation.
Javakey error output:
Reading product information from file...
Reading language and territory information from file...
Reading language information from applUS.txt ...
Reading language information from applUS.txt ...
Successfully created javaVersionFile.
TEST_hrms not found in database.
java key error:
adjava -ms128m -mx256m sun.security.provider.Main -gs /u0/oracle/prodcomn/java/oracle/apps/pon/jar/ponam.jar.tmp /u0/oracle/prodcomn/java/oracle/apps/pon/jar/ponam.jar.uns
The above Java program failed with error code 1.
Assigned: file adpcpset.pls on worker  1 for product ad  username APPLSYS.

Solution:

  1. Source the apps tier environment (APPSORA.env) and run adjkey –l
[applmgr@ebusiness 6502082]$ adjkey -l
Copyright (c) 2002 Oracle Corporation
Redwood Shores, California, USA
AD Java Key Generation
Version 11.5.0
NOTE: You may not use this utility for custom development
unless you have written permission from Oracle Corporation.
Reading product information from file...
Reading language and territory information from file...
Reading language information from applUS.txt ...
Successfully created javaVersionFile.
Scope: sun.security.provider.IdentityDatabase, source file: /home/applmgr/identitydb.obj
[Signer]Customer[identitydb.obj][trusted]
[Signer]DEMO_ebusiness[identitydb.obj][trusted]
java key is complete.
  1. Rename the identitydb.obj file in /home/applmgr
  2. Run: adjkey –initialize to create a new certificate
[applmgr@ebusiness 6502082]$ mv /home/applmgr/identitydb.obj /home/applmgr/identitydb.obj.20080909a
[applmgr@ebusiness 6502082]$ adjkey -initialize
Copyright (c) 2002 Oracle Corporation
Redwood Shores, California, USA
AD Java Key Generation
Version 11.5.0
NOTE: You may not use this utility for custom development
unless you have written permission from Oracle Corporation.
Reading product information from file...
Reading language and territory information from file...
Reading language information from applUS.txt ...
Successfully created javaVersionFile.
AD Java Key will now create a signing entity for you.
Please enter the name of the entity you wish to create [Customer] :
After creating the signing entity, a certificate will
be created for signing jar files locally.  You can specify an
organization to be used in identifying the certificate.
Please specify an organization to be assigned to the certificate [DEFAULT_ORG] :
Created identity [Signer]Customer[identitydb.obj][trusted]
Generated DSA keys for Customer (strength: 512).
Generated certificate from directive file /u0/oracle/prodappl/admin/out/adcert.txt.
Your digital signature has been created successfully and
imported into the javakey identity database. This signature
will now be used to sign Applications JAR files whenever
they are patched.
IMPORTANT: If you have multiple web servers, you must copy
files to each of the remaining web servers on your site.
See the documentation reference for more information.
java key is complete.

References:

Note 141692.1 – How to Install a Digital Certificate in Oracle Applications Release 11i

Note 365735.1 – How to use, create and/or update Digital Certificates for 11i Applications

Resolving Yellow Bar Issue

Problem: When the Oracle Application BRAVO instance is loaded, the ‘yellow bar’ appears when the forms are loaded.

Solutions:

1. Refer to Metalink Doc ID: 162488.1, “Section 6: Troubleshooting and those Yellow Warning Bars”

Navigate to Start > All Programs > JInitiator Control Panel 1.1.8.16

Check “Show Java Console”

Exit and reload BRAVO instance.

Java Console shows no errors.

Try:

(a) Uninstall Jinitiator and clear browser cache

(b) Log back into Applications to get the new plugin, (oajinit.exe) including the new identitydb.obj

(c) Install the Jinitiator on the Client PC and then Log into the Oracle Applications to download the new signed JAR files

IE Tools > Internet Options > Security

Trusted > Custom Level

Download unsigned ActiveX controls: Prompt

Automatic Prompting for File Downloads: Enable

Had to copy jinit11816.exe manually off the server and install on client

Try:

1. Source the environment and recreate certificate:

adjkey -initialize

2. Repackage JInitiator:

adjbuild.sh /u0/bravo/bravocomn/util/jinitiator /u0/bravo/bravocomn/util/jinitiator/jinit11816.exe

3. Run adadmin and generate product jars (FORCE REGENERATION)

4. Then:

(a) Uninstall JInitiator, clear browser cache, and jcache

(b) Log back into Applications to get the new plugin, (oajinit.exe) including the new identitydb.obj

(c) Install the Jinitiator on the Client PC and then Log into the Oracle Applications to download the new signed JAR files

Rename C:Program FilesOracleidentitydb.obj

Then retry from step 4 above

Try:

1. Removed identitydb.obj from /home/applmgr

2.Source the environment and recreate certificate:

adjkey -initialize

3. Repackage JInitiator:

adjbuild.sh /u0/bravo/bravocomn/util/jinitiator /u0/bravo/bravocomn/util/jinitiator/jinit11816.exe

4. Run adadmin and generate product jars (FORCE REGENERATION)

5. Then:

(a) Cleared browser cache

(b) Removed files from C:Documents and SettingsjeffersonbOracle Jar Cache

Try:

1. Copied identitydb.obj.20070703 to identitydb.obj in /home/applmgr

2. Repackage JInitiator:

adjbuild.sh /u0/bravo/bravocomn/util/jinitiator /u0/bravo/bravocomn/util/jinitiator/jinit11816.exe

3. Run adadmin and generate product jars (FORCE REGENERATION)

4. Then:

(a) Cleared browser cache

(b) Removed files from C:Documents and SettingsjeffersonbOracle Jar Cache

(c) Launched Oracle Applications and loaded form

Solution 1:

Copied $OA_HTML/oajinit.exe off the server and onto the client machine.

Unzip oajinit.exe in a directory and run adjbuild/jinit11816.exe.

The following solution worked:

Refer to:

Subject:  How to use,create and /or update Digital Certificates for 11i Applications

Doc ID:   Note:365735.1

How to share Digital Certificate across multiple instances

———————————————————-

1. Copy Associated Files

+ Copy from alpha to bravo the following files respectively:

a. ADCERT.txt (certificate directive file)

$APPL_TOP/admin/out/adcert.txt

b. ADSIGN.txt (used to pass arguments to JRI for signing JAR files.)

$APPL_TOP/admin/adsign.txt

c. APPLTOP.cer (Certificate file that gets imported into the identitydb.obj)

$APPL_TOP/admin/appltop.cer

d. OAJINIT.exe (Repackaged Jinitiator executable that includes identitydb.obj)

$OA_HTML/oajinit.exe

Note: It will not be necessary to repackage your JInitiator file oajinit.exe if you copy it over.

e. IDENTITYDB.obj (Identity Database File used to sign JAR files on the server)

$HOME/identitydb.obj

DO NOT repackage Jinitiator.

2. Regenerate JAR files on bravo

+ Run ADADMIN to Regenerate (sign) the JAR files on each middle tier

a. Launch ADADMIN (Ensure you are APPLMGR with permissions to write to adadmin.log)

b. Choose option number 1 to Generate Files, then 5 to regenerate JAR Files making sure to enter ‘yes for force regeneration, which will resign every JAR file using the new digital certificate that you just copied over from the alpha instance.

In Summary:

Started to get yellow bar:
1. Deleted C:Program FilesOracleidentitydb.obj
2. Deleted Profile Oracle Cache
3. Uninstalled all JInitiators, verified by checking C:Program FilesOracle
4. Manually reinstalled JInitiator (oajinit.exe) from november instance – yellow bar still appearing on logon
5. Tried regenerating JAR files using adadmin – completed with error
6. Regenerated certificate using adjkey -initialize, then reran adadmin to regenerate JAR files – yellow bar still appearing on logon
7. Cleared browser cache and jcache – C:Program FilesOracleJInitiator 1.1.8.16jcache – yellow bar still appearing on logon
8. Manually copied identitydb.obj from /home/applmgr to  C:Program FilesOracle – WORKING