启动WEBLOGIC报：JPS-01055 Could Not Create Credential Store Instance error

郑全

PSS - Unable start Admin Server getting JPS-01055 Could Not Create Credential Store Instance error (Doc ID 2290255.1)       

In this Document
Symptoms
Cause
Solution
References

APPLIES TO:
Oracle Platform Security for Java - Version 12.2.1.2.0 and later
Information in this document applies to any platform.
SYMPTOMS
On : 12.2.1.2.0 version, Java Platform Security

When attempting to start WLS, the following error occurs.

####<Jun 26, 2017, 11:29:51,142 AM EDT> <Critical> <WebLogicServer> <DOMAIN_NAME> <AdminServer> <main> <<WLS Kernel>> <> <ENCRYPTED_VALUE> <ENCRYPTED_VALUE> <[severity-value: 4] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > <BEA-000362> <Server failed. Reason:

There are 1 nested errors:

oracle.security.jps.JpsException: JPS-01055: Could not create credential store instance. Reason oracle.security.jps.service.credstore.CredStoreException: JPS-01013: The credential store DN cn=CredentialStore,cn=opssSecurityStore,cn=JPSContext,cn=opssRoot is missing in the store; the target DN must be pre-configured.
at oracle.security.jps.internal.config.OpssCommonStartup.start(OpssCommonStartup.java:215)
at oracle.security.jps.wls.JpsWlsStartup.start(JpsWlsStartup.java:104)
at oracle.security.jps.JpsStartup.start(JpsStartup.java:210)
at oracle.security.jps.wls.JpsDefaultService.start(JpsDefaultService.java:74)
at weblogic.server.AbstractServerService.postConstruct(AbstractServerService.java:76)
at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.glassfish.hk2.utilities.reflection.ReflectionHelper.invoke(ReflectionHelper.java:1262)
at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:332)
at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:374)
at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:471)
at org.glassfish.hk2.runlevel.internal.AsyncRunLevelContext.findOrCreate(AsyncRunLevelContext.java:232)
at org.glassfish.hk2.runlevel.RunLevelContext.findOrCreate(RunLevelContext.java:85)
at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2020)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:114)
.............
Caused by: oracle.security.jps.service.credstore.CredStoreException: JPS-01055: Could not create credential store instance. Reason oracle.security.jps.service.credstore.CredStoreException: JPS-01013: The credential store DN cn=CredentialStore,cn=opssSecurityStore,cn=JPSContext,cn=opssRoot is missing in the store; the target DN must be pre-configured.
at oracle.security.jps.internal.credstore.ldap.LdapCredentialStore.init(LdapCredentialStore.java:185)
at oracle.security.jps.internal.credstore.ldap.LdapCredentialStore.start(LdapCredentialStore.java:979)
at oracle.security.opss.internal.runtime.ServiceContextImpl.start(ServiceContextImpl.java:220)
at oracle.security.opss.internal.runtime.ServiceContextManagerImpl.createDefaultContext(ServiceContextManagerImpl.java:325)
at oracle.security.opss.internal.runtime.ServiceContextManagerImpl.initialize(ServiceContextManagerImpl.java:242)
at oracle.security.jps.internal.config.OpssCommonStartup$1.run(OpssCommonStartup.java:156)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.config.OpssCommonStartup.start(OpssCommonStartup.java:140)
... 67 more
Caused by: oracle.security.jps.service.credstore.CredStoreException: JPS-01013: The credential store DN cn=CredentialStore,cn=opssSecurityStore,cn=JPSContext,cn=<OPSS_ROOT_CONTAINER> is missing in the store; the target DN must be pre-configured.
at oracle.security.jps.internal.credstore.ldap.CsfStoreManager.completeInit(CsfStoreManager.java:177)
at oracle.security.jps.internal.credstore.rdbms.CsfDbmsManager.<init>(CsfDbmsManager.java:91)
at oracle.security.jps.internal.credstore.rdbms.CsfDbmsManager.createInstance(CsfDbmsManager.java:72)
at oracle.security.jps.internal.credstore.ldap.CsfStoreManager.getInstance(CsfStoreManager.java:119)
at oracle.security.jps.internal.credstore.ldap.LdapCredentialStore.init(LdapCredentialStore.java:182)
... 74 more

>
####<Jun 26, 2017, 11:29:51,829 AM EDT> <Notice> <WebLogicServer> <DOMAIN_NAME> <AdminServer> <main> <<WLS Kernel>> <> <ENCRYPTED_VALUE> <ENCRYPTED_VALUE> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > <BEA-000365> <Server state changed to FAILED.>
####<Jun 26, 2017, 11:29:51,861 AM EDT> <Error> <WebLogicServer> <DOMAIN_NAME> <AdminServer> <main> <<WLS Kernel>> <> <ENCRYPTED_VALUE> <ENCRYPTED_VALUE> <[severity-value: 8] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > <BEA-000383> <A critical service failed. The server will shut itself down.>
####<Jun 26, 2017, 11:29:51,876 AM EDT> <Notice> <WebLogicServer> <DOMAIN_NAME> <AdminServer> <main> <<WLS Kernel>> <> <ENCRYPTED_VALUE> <ENCRYPTED_VALUE> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN.>

Due to this issue, unable start WLS


CAUSE
Based on the document

OPSS : JPS-01055: Could Not Create Credential Store Instance. Reason oracle.security.jps.JpsException JPS-01013 - The Credential Store DN cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot Is Missing In The Store; The Target DN Must Be Pre-configured (Doc ID 2066916.1)

The issue is caused by OPSS schema database corruption, the new OPSS schema needs to be created and then reassociated with domain.

If there is a OPSS DB backup, Restore OPSS DB back in order to start Weblogic Admin Server, later create a new OPSS schema make sure using different name and do reassociation.

It should not create a new OPSS schema with the same name as an existing reassociated OPSS schema, Weblogic Admin Server won't start with the new same name.

After reassociation with the new OPSS DB schema, the Weblogic Admin Server should be able to start up, pointing to new OPSS DB schema

If there is no database backup to restore OPSS schema to start up the Weblogic Admin Server, then re-installation is needed.



SOLUTION
Restore OPSS DB back to the original working one to bring up the WLS. Then create a new OPSS schema with different name and do reassociation. After that, the WLS should be able to start up.

If there is no database backup to restore OPSS schema to bring up the WLS, then complete reinstallation is needed.