This follows on from my earlier blog post: -
and reflects a very annoying hour or so, trying ( and failing ) to create WAS profiles using WAS 8.5.
This is what I kept seeing: -
$ /opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -response dmgrBPM85.rsp
The following validation errors were present with the command line arguments:
signingCertDN: Enter only one value for the signingCertDN parameter.
importPersonalCertKSType: importPersonalCertKSType cannot be empty.
importSigningCertKS: importSigningCertKS cannot be empty.
personalCertDN: Enter only one value for the personalCertDN parameter.
importSigningCertKSType: importSigningCertKSType cannot be empty.
importPersonalCertKS: importPersonalCertKS cannot be empty.
importPersonalCertKSAlias: importPersonalCertKSAlias cannot be empty.
importSigningCertKSAlias: importSigningCertKSAlias cannot be empty.
signingCertDN: Enter only one value for the signingCertDN parameter.
importPersonalCertKSType: importPersonalCertKSType cannot be empty.
importSigningCertKS: importSigningCertKS cannot be empty.
personalCertDN: Enter only one value for the personalCertDN parameter.
importSigningCertKSType: importSigningCertKSType cannot be empty.
importPersonalCertKS: importPersonalCertKS cannot be empty.
importPersonalCertKSAlias: importPersonalCertKSAlias cannot be empty.
importSigningCertKSAlias: importSigningCertKSAlias cannot be empty.
using a response file like this: -
-create
-adminUserName=wasadmin
-adminPassword=passw0rd
-enableAdminSecurity=true
-cellName=bpm85Cell
-nodeName=bpm85Node1
-personalCertDN=cn=rhel6.uk.ibm.com,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US
-profilePath=/opt/IBM/WebSphere/AppServer/profiles/Dmgr01
-signingCertDN=cn=rhel6.uk.ibm.com,ou=Root Certificate,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US
-hostName=rhel6.uk.ibm.com
-profileName=Dmgr01
-personalCertValidityPeriod=15
-signingCertValidityPeriod=25
-keyStorePassword=passw0rd
-serverType=DEPLOYMENT_MANAGER
-templatePath=/opt/IBM/WebSphere/AppServer/profileTemplates/BPM/BpmDmgr
-adminUserName=wasadmin
-adminPassword=passw0rd
-enableAdminSecurity=true
-cellName=bpm85Cell
-nodeName=bpm85Node1
-personalCertDN=cn=rhel6.uk.ibm.com,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US
-profilePath=/opt/IBM/WebSphere/AppServer/profiles/Dmgr01
-signingCertDN=cn=rhel6.uk.ibm.com,ou=Root Certificate,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US
-hostName=rhel6.uk.ibm.com
-profileName=Dmgr01
-personalCertValidityPeriod=15
-signingCertValidityPeriod=25
-keyStorePassword=passw0rd
-serverType=DEPLOYMENT_MANAGER
-templatePath=/opt/IBM/WebSphere/AppServer/profileTemplates/BPM/BpmDmgr
I've highlighted the two most annoying messages, as the others shouldn't have appeared, as I'm not importing signer or personal certificates.
Can you spot what I missed ?
Yes, that's right - I'd NOT read my own blog post, and escaped out the commas.
This is what I wrote last time: -
<snip>
It took me a while to work it out, but the WAS Information Center was of great use: -
manageprofiles command
which says: -
…
When you specify a single value that contains a comma character, such as the distinguished names for the personalCertDN and signingCertDN parameters, use a double-backslash before the comma character. For example, here is how to specify the personalCertDN value with a distinguished name:
signingCertDN=cn=testserver.ibm.com\\,ou=Root Certificate\\, ou=testCell\\,ou=testNode01\\,o=IBM\\,c=US
…
</snip>
manageprofiles command
which says: -
…
When you specify a single value that contains a comma character, such as the distinguished names for the personalCertDN and signingCertDN parameters, use a double-backslash before the comma character. For example, here is how to specify the personalCertDN value with a distinguished name:
signingCertDN=cn=testserver.ibm.com\\,ou=Root Certificate\\, ou=testCell\\,ou=testNode01\\,o=IBM\\,c=US
…
</snip>
So, once I amended my response file: -
create
adminUserName=wasadmin
adminPassword=passw0rd
enableAdminSecurity=true
cellName=bpm85Cell
nodeName=bpm85Node1
personalCertDN=cn=rhel6.uk.ibm.com\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US
profilePath=/opt/IBM/WebSphere/AppServer/profiles/Dmgr01
signingCertDN=cn=rhel6.uk.ibm.com\\,ou=Root Certificate\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US
hostName=rhel6.uk.ibm.com
profileName=Dmgr01
personalCertValidityPeriod=15
signingCertValidityPeriod=25
keyStorePassword=passw0rd
serverType=DEPLOYMENT_MANAGER
templatePath=/opt/IBM/WebSphere/AppServer/profileTemplates/BPM/BpmDmgr
adminUserName=wasadmin
adminPassword=passw0rd
enableAdminSecurity=true
cellName=bpm85Cell
nodeName=bpm85Node1
personalCertDN=cn=rhel6.uk.ibm.com\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US
profilePath=/opt/IBM/WebSphere/AppServer/profiles/Dmgr01
signingCertDN=cn=rhel6.uk.ibm.com\\,ou=Root Certificate\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US
hostName=rhel6.uk.ibm.com
profileName=Dmgr01
personalCertValidityPeriod=15
signingCertValidityPeriod=25
keyStorePassword=passw0rd
serverType=DEPLOYMENT_MANAGER
templatePath=/opt/IBM/WebSphere/AppServer/profileTemplates/BPM/BpmDmgr
it all worked nicely.
Now to do the same thing for the Node profile …..