fix weblogic error: Received fatal alert certificate_unknown
the problem: starting up weblogic and you get — Received fatal alert certificate_unknown
com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
you might also be receiving
javax.net.ssl.SSLHandshakeException: General SSLEngine problem ... weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:254) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256) at weblogic.work.ExecuteThread.run(ExecuteThread.java:221) Caused By: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Algorithm constraints check failed: MD5withRSA
the cause: release notes for Java SE Update 40 show that the Default Key Length has been increased. Starting from 7u40, the use of x.509 certificates with RSA keys less than 1024 bits in length is restricted.
fix it so you can startup weblogic without issues – perform ONE of the following:
Create a new Demo Key with the larger key size (strength of 2048)
Obtain your own certificate, by submiting a new request to your CA, increasing its certificate strength (i.e. >1024).
Remove the key length restriction (not recommended but the fastest solution)
I did this just so I could startup without errors for the time being until #3 could be done
edit $JAVA_HOME/jre/lib/security/java.security
it looks like thisjdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024change 1024 to 512
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 512
Upgrade to WLS 12.1.2
