Wednesday, March 21, 2018

Weblogic certificate issues

"The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object:"

"javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received"

Above error was raised while accessing https URL in application server. To avoid this error, we have following options.

  1. Install certificate in cacert to trust the certificate (JAVA_HOME/jre/lib/security)
  2. Install certificate in a key store and refer it
  3. Install certificate in Linux server
For the option 3, you can download https URL in server. Following commands can be used to download page using curl or wget.

curl - k https://www.google.com
wget https://www.google.com

Since, this is a valid http request server will install certificate in Linux server and validate requests against it.