cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Error in WAIT-AS-JAVA-START phase : java.security.InvalidKeyException: PublicKey algorithm not implemented: ECPublicKey

former_member253718
Explorer

on ‎08-30-2014 5:47 AM

0 Kudos

Dear Experts ,

We are facing an issue in the WAIT-AS-JAVA-START step Post software deployment in SUM tool , below is the error we are facing

The following problem has occurred during step execution: com.sap.sdt.util.diag.DiagException: Could not check status o

f SAP instance with number 0.

Error getting the status of the instance with number 0 on host <hostname>.

Error while gathering information for all cluster instances from the instance with number 0 on host <hostname> using the SAPControl web service API. For mo

re information, see SAP Note 1401712.

com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: java.net.SocketException: java.security.NoSuchAlgorithmException: Error co

nstructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.su

n.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.Def

aultSSLContextImpl)

java.security.cert.CertificateException: java.security.InvalidKeyException: PublicKey algorithm not implemented: ECPublicKey

Sum tool tries to setup a connection using the following link  https://<hostname>:50014 , when i click on the link see a certificate error . I anyways followed the blog Sapstartsrv SSL access - SAP Netweaver Application Server Java - SCN Wiki and imported the certificate in SUM tool , but this stil does not work , Kindly let me know if it is possible to change the SUM settings post deployment phase so that it does not use https

i tried changing the parameter /sapstartsrv/httpsconnection = true to false but this does not seems to take affect , does this requires to restart the SUM tool in order for this parameter to take effect

Best Regards ,

Shubham Jain 

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎09-01-2014 8:09 PM
0 Kudos

Dear Shubham,

Upgrade your kernel to latest release level and try.

Regards,

Vikas Sharma.

Show replies
Show replies
former_member253718
Explorer
‎09-04-2014 1:07 PM
0 Kudos

Dear All,

With the help of SAP we were able to find a work around for this issue and switch to http instead of using https , like i had mentioned before changing the parameter /sapstartsrv/httpsconnection = true to false was not taking affect even after restarting SUM and restarting java ( including killing of old sapstartsrv and clean ipc)

SAP requested for the file SharedInputCatalog.xml which is present in ../../SUM/sdt/data and changed a parameter "useHttpsForSapControlConnection" to false

Best Regards,
Shubham Jain

former_member211029
Explorer
‎10-16-2014 11:52 AM
0 Kudos

Hi Shubham Jain,

today i got this error, and after some actions, like add the certificate from the scs also to the sum... the change of
SharedInputCatalog.xml

worked.

Thanks for sharing, do you got an final statement from SAP what should be done to prevent that ?

One point might be to disable https before , but that is no good way as the pw is transfered over the net..

Best regards

Thorsten Stracke

Sriram2009
Active Contributor
‎08-30-2014 6:38 AM
0 Kudos

Hi Jain

1. Is this Sum tool latest one?

2.. Have you refer the SAP Note in the Error message 1401712?


3. Could you check this SAP Note
1600846 - JSPM/SUM calls sapcontrol without user credentials

Regards

Show replies
Show replies
former_member253718
Explorer
‎08-30-2014 8:59 AM
0 Kudos

Dear Sriram,

Thanks for your inputs , we are using SUM - SP11 patch 2 , i have referred to the note 1401712 but the error we are getting does not match with the scenarios provided in the note , I have checked the note 1600846 , it does not seems to be relevant since the error message again is quite different

Kindly let me know if you can provide further help looking at the error message we are getting which i have mentioned in my first comment

regards ,

Shubham Jain

Reagan
Advisor
Advisor
‎08-30-2014 10:10 AM
0 Kudos

Have you checked the SUM guide?

There is a section called "Verifying Certificates" and you need to follow that.

Regards

RB

former_member253718
Explorer
‎08-30-2014 11:17 AM
0 Kudos

Dear Reagan,

I had already done that before and i have did it again to be double sure , but still i error persists ,

do you think this could be something because of policy files

Regards,
Shubham Jain

divyanshu_srivastava3
Active Contributor
‎08-30-2014 11:37 AM
0 Kudos

Didn't you used or updated to "Unlimited strength jurisdiction" policy anytime after JVM switch - the one which comes with SAPJVM has limited strength.

You can try to update them at all possible locations of your java instance.

That should be in ../sapjvm_X/jre/lib/security and also in JSPM folder.

Also, for above, after stopping java and cleaning shared memory, did you remove old sapstartsrv and was sure new was started at next start ?

former_member253718
Explorer
‎08-30-2014 12:24 PM
0 Kudos

Dear Divyanshu,

I made sure that all old sapstartsrv process were killed and new ones were started , i had also cleaned shared memory .

I updated the Policy files now , do i need to restart the system after this change , i tried to continue with SUM but getting the same error

Best Regards,

Shubham Jain

divyanshu_srivastava3
Active Contributor
‎08-30-2014 12:28 PM
0 Kudos

Hi Shubham,

Yes, please restart everything once.

Hope that should work.

Good luck

Divyanshu

Reagan
Advisor
Advisor
‎08-30-2014 2:43 PM
0 Kudos

If you have restarted the Java system manually then check the trace files in the work directory to know why the J2EE fails to start and if there are errors related to Jurisdiction policy files then update the policy files and restart the system.

Regards

RB

divyanshu_srivastava3
Active Contributor
‎08-30-2014 5:52 AM
0 Kudos

Yes, you can restart SUM or repeat.

Refer 

Show replies
Show replies
former_member253718
Explorer
‎08-30-2014 8:47 AM
0 Kudos

Dear Divyanshu,

I changed the config as below , restarted SUM but it stil tries to connect to https web service and gives the same error

### Sapcontrol web service configuration

/sapstartsrv/httpsconnection = false

I read the thread you have provided , the error mentioned in that threads comes in uptime phase before extraction , we got that error too and followed the steps in the SUM guide which resolved it at that time

see below the log of that phase

Aug 26, 2014 1:19:39 PM [Info  ]: Creating a proxy to the sapcontrol web service at https://pdxxdi00:50014

Aug 26, 2014 1:19:39 PM [Info  ]: Setting the credentials for user dxxadm and a password.

Aug 26, 2014 1:19:39 PM [Info  ]: Using user name dxxadm to authenticate against the SAPControl web service API.

Aug 26, 2014 1:19:39 PM [Info  ]: Setting the service timeout to 300 s.

Aug 26, 2014 1:19:39 PM [Info  ]: getParameterValue INSTANCE_NAME from https://pdxxdi00:50014

Aug 26, 2014 1:19:39 PM [Info  ]: getParameterValue response: J00

Aug 26, 2014 1:19:39 PM [Info  ]: All retrieved properties from sapcontrol at https://pdxxdi00:50014:

Aug 26, 2014 1:19:39 PM [Info  ]: Property: J2EEGetVMGCHistory2

Aug 26, 2014 1:19:39 PM [Info  ]: Property: GetTraceFile

Aug 26, 2014 1:19:39 PM [Info  ]: Property: GetStartProfile

Aug 26, 2014 1:19:39 PM [Info  ]: Property: ABAPReadRawSyslog

Aug 26, 2014 1:19:39 PM [Info  ]: Property: InstanceStart

Aug 26, 2014 1:19:39 PM [Info  ]: Property: InstanceStop

Kindly let me know if you have any other suggestion for this issue

Regards,

Shubham Jain

divyanshu_srivastava3
Active Contributor
‎08-30-2014 8:59 AM
0 Kudos

Shutdown java instance and restart it.

Make sure SAP start service is running on each of the instances.

Share the stage logs and last 2 logs from ../Sum logs.

Also, your kernel version.

former_member253718
Explorer
‎08-30-2014 9:36 AM
0 Kudos

Dear Divyanshu,

I have already restarted java but that did not helped , please find below the last two logs for your reference , I hope it is readable

=========================================================================

<!--LOGHEADER[START]/-->

<!--HELP[Manual modification of the header may cause parsing problem!]/-->

<!--LOGGINGVERSION[2.0.7.1006]/-->

<!--NAME[/usr/sap/xx/SUM/sdt/log/SUM/WAIT-AS-JAVA-START_11.LOG]/-->

<!--PATTERN[WAIT-AS-JAVA-START_11.LOG]/-->

<!--FORMATTER[com.sap.tc.logging.TraceFormatter(%d [%6s]: %m)]/-->

<!--ENCODING[UTF8]/-->

<!--LOGHEADER[END]/-->

Aug 30, 2014 9:24:50 AM [Info  ]: Creating a proxy to the sapcontrol web service at https://pxxdi00:50014

Aug 30, 2014 9:24:51 AM [Info  ]: Setting the credentials for user xxadm and a password.

Aug 30, 2014 9:24:51 AM [Info  ]: Using user name xxadm to authenticate against the SAPControl web service API.

Aug 30, 2014 9:24:51 AM [Info  ]: Setting the service timeout to 300 s.

Aug 30, 2014 9:24:51 AM [Error ]: HTTP transport error: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

Aug 30, 2014 9:24:51 AM [Error ]: Error getting the status of the instance with number 0 on host com.sap.sdt.tools.sapcontrolws.SapControlWsException: Error while gathering information for all cluster instances from the instance with number 0 on host pxxdi00 using the SAPControl web service API. For more information, see SAP Note 1401712.

com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.security.cert.CertificateException: java.security.InvalidKeyException: PublicKey algorithm not implemented: ECPublicKey

.

Aug 30, 2014 9:24:51 AM [Error ]: The following problem has occurred during step execution: com.sap.sdt.util.diag.DiagException: Could not check status of SAP instance with number 0.

Error getting the status of the instance with number 0 on host pxxdi00.

Error while gathering information for all cluster instances from the instance with number 0 on host pxxdi00 using the SAPControl web service API. For more information, see SAP Note 1401712.

com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

java.security.cert.CertificateException: java.security.InvalidKeyException: PublicKey algorithm not implemented: ECPublicKey

=======================================================================

former_member253718
Explorer
‎08-30-2014 9:40 AM
0 Kudos

the previous one WAIT-AS-JAVA-START_11.LOG was the last log , here is the second last log for the issue

=================================================================

<!--LOGHEADER[START]/-->

<!--HELP[Manual modification of the header may cause parsing problem!]/-->

<!--LOGGINGVERSION[2.0.7.1006]/-->

<!--NAME[/usr/sap/dxx/SUM/sdt/log/SUM/POST-UNDEPLOY-COMPONENTS_01.LOG]/-->

<!--PATTERN[POST-UNDEPLOY-COMPONENTS_01.LOG]/-->

<!--FORMATTER[com.sap.tc.logging.TraceFormatter(%d [%6s]: %m)]/-->

<!--ENCODING[UTF8]/-->

<!--LOGHEADER[END]/-->

Aug 29, 2014 3:19:50 PM [Info  ]: Connecting to Deploy Controller on host pdxxdi00 port 50004 with user Administrator.

Aug 29, 2014 3:19:51 PM [Info  ]: Connection to AS Java on host pdxxdi00, port 50004 is valid.

Aug 29, 2014 3:19:51 PM [Info  ]: You can find additional information in Deploy Controller log file /usr/sap/dxx/SUM/sdt/log/SUM/deploy_api.0.log.

Aug 29, 2014 3:19:53 PM [Info  ]: About to undeploy component sap.com/com.sap.portal.supportability.tools

Aug 29, 2014 3:19:54 PM [Info  ]: About to undeploy component sap.com/com.sap.portal.ivs.global.admin.consumersoverview

Aug 29, 2014 3:19:55 PM [Info  ]: About to undeploy component sap.com/com.sap.portal.ivs.global.admin.producerscockpit

Aug 29, 2014 3:19:56 PM [Info  ]: About to undeploy component sap.com/com.sap.portal.fpn.ui

Aug 29, 2014 3:19:57 PM [Info  ]: About to undeploy component sap.com/com.sap.portal.ivs.alias_editor

Aug 29, 2014 3:19:57 PM [Info  ]: About to undeploy component sap.com/com.sap.portal.pcd.admintools.administration

Aug 29, 2014 3:19:58 PM [Info  ]: About to undeploy component sap.com/com.sap.portal.pcd.admintools.personalizationadmin

Aug 29, 2014 3:20:02 PM [Info  ]: Undeployment finished successfully; See log /usr/sap/dxx/SUM/sdt/log/SUM/deploy_api.0.log for details.

Aug 29, 2014 3:20:03 PM [Info  ]: Component sap.com/com.sap.portal.ivs.alias_editor was undeployed successfully

Aug 29, 2014 3:20:03 PM [Info  ]: Component sap.com/com.sap.portal.ivs.global.admin.consumersoverview was undeployed successfully

Aug 29, 2014 3:20:03 PM [Info  ]: Component sap.com/com.sap.portal.supportability.tools was undeployed successfully

Aug 29, 2014 3:20:03 PM [Info  ]: Component sap.com/com.sap.portal.pcd.admintools.personalizationadmin was undeployed successfully

Aug 29, 2014 3:20:03 PM [Info  ]: Component sap.com/com.sap.portal.pcd.admintools.administration was undeployed successfully

Aug 29, 2014 3:20:03 PM [Info  ]: Component sap.com/com.sap.portal.ivs.global.admin.producerscockpit was undeployed successfully

Aug 29, 2014 3:20:03 PM [Info  ]: Component sap.com/com.sap.portal.fpn.ui was undeployed successfully

====================================================================

divyanshu_srivastava3
Active Contributor
‎08-30-2014 10:57 AM
0 Kudos

Hi Shubham,

What is your the version kernel and java in your system ?

Regards

former_member253718
Explorer
‎08-30-2014 11:01 AM
0 Kudos

Hi Divyanshu,

Kernel 721_EXT patch 201

Java - 1.5.0

Regards,

Shubham jain

divyanshu_srivastava3
Active Contributor
‎08-30-2014 11:04 AM
0 Kudos

is it SAP JVM ?

former_member253718
Explorer
‎08-30-2014 11:06 AM
0 Kudos

yes

Ask a Question