Resolving scripted configuration errors
You get error messages in the job log concerning SSL. These errors might be caused when the SSL certificate is not set up correctly for the user who is running the scripted setup.
Symptoms
You get the following error messages in the job log:
WASX7023E: Error creating "SOAP" connection to host "localhost"; exception information: com.ibm.websphere.management.exception.ConnectorNotAvailableException: SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty; targetException=java.lang.IllegalArgumentException: Error opening socket: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-emptyCauses
The SSL certificate might not be set up correctly for the
user who is running the scripted setup.
Environment
You are running Decision Server Rules,
the Decision
Center Enterprise
console, or Decision
Center Business
console on WebSphere® Application
Server or WebSphere Application
Server for z/OS®.
Resolving the problem
- In the WebSphere Application Server Integrated Solutions Console, go to .
- Click <was_node>/DefaultIIOPSSL, where <was_node> is the name of the WebSphere Application Server node in which the error occurs.
- Run the following TSO command:
where <keyring_name> specifies the key ring to which this certificate is being connected. You must specify the ring name in use by WebSphere Application Server. For more information, see RACDCERT CONNECT (Connect a certificate to key ring) in the IBM Knowledge Center.RACDCERT ADDRING(<keyring_name>) LABEL('WebSphereCA') CERTAUTH) - Run the following TSO command:
where <user_id> is the RACF® user ID running the scripted setup.RACDCERT ID(<user_id>) CONNECT (RING(<keyring_name>) LABEL('WebSphereCA') CERTAUTH)
If no errors occur when you run these commands, the SSL certificate is set up correctly to allow the script to run.