This time around, I am using the BPMConfig command to create a BPM 8.5.5 Deployment Environment: -
/opt/IBM/WebSphere/AppServer/bin/BPMConfig.sh -create -de /mnt/hgfs/SoftwareLibrary/ResponseFiles/Advanced-PC-ThreeClusters-DB2.properties
which keeps failing with: -
/opt/IBM/WebSphere/AppServer/bin/BPMConfig.sh -create -de /mnt/hgfs/SoftwareLibrary/ResponseFiles/Advanced-PC-ThreeClusters-DB2.properties
Logging to file /opt/IBM/WebSphere/AppServer/logs/config/BPMConfig_20141106-213359.log.
Validating the profile registry.
[]
Configuring the deployment manager.
Creating the deployment manager profile.
The following validation errors were present with the command line arguments:
signingCertDN: Enter only one value for the signingCertDN parameter.
importSigningCertKS: importSigningCertKS cannot be empty.
importSigningCertKSType: importSigningCertKSType cannot be empty.
importSigningCertKSAlias: importSigningCertKSAlias cannot be empty.
CWMCB0003E: A profile was not created for Dmgr01.
The 'BPMConfig.sh -create -de /mnt/hgfs/SoftwareLibrary/ResponseFiles/Advanced-PC-ThreeClusters-DB2.properties' command failed. For more information, see the log file /opt/IBM/WebSphere/AppServer/logs/config/BPMConfig_20141106-213359.log.
Logging to file /opt/IBM/WebSphere/AppServer/logs/config/BPMConfig_20141106-213359.log.
Validating the profile registry.
[]
Configuring the deployment manager.
Creating the deployment manager profile.
The following validation errors were present with the command line arguments:
signingCertDN: Enter only one value for the signingCertDN parameter.
importSigningCertKS: importSigningCertKS cannot be empty.
importSigningCertKSType: importSigningCertKSType cannot be empty.
importSigningCertKSAlias: importSigningCertKSAlias cannot be empty.
CWMCB0003E: A profile was not created for Dmgr01.
The 'BPMConfig.sh -create -de /mnt/hgfs/SoftwareLibrary/ResponseFiles/Advanced-PC-ThreeClusters-DB2.properties' command failed. For more information, see the log file /opt/IBM/WebSphere/AppServer/logs/config/BPMConfig_20141106-213359.log.
and: -
...
2014-11-06 21:38.48.231 com.ibm.bpm.config.util.scripting.InvocationHelper.invokeCommand(): Result of executing /opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -create -templatePath BPM/BpmDmgr -profileName Dmgr01 -profilePath /opt/IBM/WebSphere/AppServer/profiles/Dmgr01 -cellName PCCell1 -nodeName Dmgr -hostName bpm855.uk.ibm.com -serverType DEPLOYMENT_MANAGER -enableAdminSecurity true -adminAliasName CellAdminAlias -adminUserName wasadmin -adminPassword ******** -personalCertDN cn=bpm855.uk.ibm.com,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US -signingCertDN cn=bpm855.uk.ibm.com,ou=Root Certificate,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword ******** -winserviceCheck false: 1
2014-11-06 21:38.48.231 com.ibm.bpm.config.util.scripting.InvocationHelper.invokeShellScript(): RETURN 1
2014-11-06 21:38.48.231 com.ibm.bpm.config.BPMConfig.invokeShellScript(): RETURN Result of execution: 1
2014-11-06 21:38.48.237 com.ibm.bpm.config.BPMConfig.main(): CWMCB0003E: A profile was not created for Dmgr01.
com.ibm.bpm.config.util.ConfigException: CWMCB0003E: A profile was not created for Dmgr01.
...
2014-11-06 21:38.48.231 com.ibm.bpm.config.util.scripting.InvocationHelper.invokeCommand(): Result of executing /opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -create -templatePath BPM/BpmDmgr -profileName Dmgr01 -profilePath /opt/IBM/WebSphere/AppServer/profiles/Dmgr01 -cellName PCCell1 -nodeName Dmgr -hostName bpm855.uk.ibm.com -serverType DEPLOYMENT_MANAGER -enableAdminSecurity true -adminAliasName CellAdminAlias -adminUserName wasadmin -adminPassword ******** -personalCertDN cn=bpm855.uk.ibm.com,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US -signingCertDN cn=bpm855.uk.ibm.com,ou=Root Certificate,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword ******** -winserviceCheck false: 1
2014-11-06 21:38.48.231 com.ibm.bpm.config.util.scripting.InvocationHelper.invokeShellScript(): RETURN 1
2014-11-06 21:38.48.231 com.ibm.bpm.config.BPMConfig.invokeShellScript(): RETURN Result of execution: 1
2014-11-06 21:38.48.237 com.ibm.bpm.config.BPMConfig.main(): CWMCB0003E: A profile was not created for Dmgr01.
com.ibm.bpm.config.util.ConfigException: CWMCB0003E: A profile was not created for Dmgr01.
...
This is because I'm using the following line: -
bpm.dmgr.profileOptions=-personalCertDN "cn=bpm855.uk.ibm.com\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -signingCertDN "cn=bpm855.uk.ibm.com\\,ou=Root Certificate\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword passw0rd
bpm.de.node.1.profileOptions=-personalCertDN "cn=bpm855.uk.ibm.com\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -signingCertDN "cn=bpm855.uk.ibm.com\\,ou=Root Certificate\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword passw0rd
bpm.de.node.1.profileOptions=-personalCertDN "cn=bpm855.uk.ibm.com\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -signingCertDN "cn=bpm855.uk.ibm.com\\,ou=Root Certificate\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword passw0rd
in my response file - Advanced-PC-ThreeClusters-DB2.properties - to override the defaults that BPMConfig uses when it creates a profile, as described here: -
Long story short, this was again down to the use of escape characters, which differs from my prior experience ( as per the previous blog posts ).
After much trial and error, I tested this hypothesis by manually executing the manageProfiles command using the exception listed above: -
/opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -create -templatePath BPM/BpmDmgr -profileName Dmgr01 -profilePath /opt/IBM/WebSphere/AppServer/profiles/Dmgr01 -cellName PCCell1 -nodeName Dmgr -hostName bpm855.uk.ibm.com -serverType DEPLOYMENT_MANAGER -enableAdminSecurity true -adminAliasName CellAdminAlias -adminUserName wasadmin -adminPassword passw0rd -personalCertDN "cn=bpm855.uk.ibm.com,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US" -signingCertDN "cn=bpm855.uk.ibm.com,ou=Root Certificate,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US" -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword passw0rd -winserviceCheck false: 1
which now completes with: -
INSTCONFSUCCESS: Success: Profile Dmgr01 now exists. Please consult /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/logs/AboutThisProfile.txt for more information about this profile.
The solution ?
In this case, I did NOT need to use the escape characters ( \ or \\ ) but I did need to use double-quotes ( "" ) to wrap up the certificate Distinguished Names.
Another lesson learned.
"Every day is a school day!"
No comments:
Post a Comment