I discussed about issue Oracle AccessGate API is not initialized with OAM 11g with WebGate 10g where CERTIFICATES expired . In this post I am going to cover similar issue but in OAM 11g version.
After integrating OAM 11g WebGate for OHS with OAM 11g Server version configured in SIMPLE (this issue could be with CERT as well), I was unable to access resource via OHS.
In OHS Error logs at $ORACLE_INSTANCE/diagnostics/logs/OHS/ohs1/ohs1.log
________
[2013-10-05T23:40:30.2335+01:00] [OHS] [ERROR:32] [OHS-9999] [core.c] [client_id: 127.0.0.1] [host_id: ohs_host] [host_addr: 192.168.1.12] [tid: 47414834960704] [user: oracle] [ecid: 004u0ORAPh7EkJWjLxiOOA0006uI00000L] [rid: 0] [VirtualHost: main] OBWebGate_AuthnAndAuthz: Oracle AccessGate API is not initialized.
In Oblix logs (OAM is product from Oblix that Oracle acquired in 2005) at $ORACLE_INSTANCE/diagnostics/logs/OHS/ohs1/oblog.log
________
2013/10/05@22:43:10.23081 28337 28356 ACCESS_GATE FATAL 0x00001520 /ade/aime_50561/ngamac/src/palantir/webgate2/src/apache2entry_web_gate.cpp:598 “Exception thrown during WebGate initialization” 2013/10/05@22:43:10.23095 28337 28356 ACCESS_GATE FATAL 0x0000181C /ade/aime_50561/ngamac/src/palantir/webgate2/src/apache2entry_web_gate.cpp:599 “Oracle AccessGate API is not initialized.” raw_code^204
________
If you encounter this issue, check if WebGate (configured on OHS server) can connect to OAM Server on port mentioned in primary_server_list . OAM server details are stored in WebGate configuration file (on OHS server) at $ORACLE_INSTANCE/ config/ OHS/ ohs1/ webgate/ config/ObAccessClient.xml (other files generated based on password selected for Agent and OAM server mode (SIMPLE or CERT) password.xml, cwallet.sso, aaa_cert.pem, aaa_key.pem)
Check mode of OAM Server and if this is SIMPLE or CERT then you should see files aaa_cert.pem & aaa_key.pem under folder $ORACLE_INSTANCE/ config/ OHS/ ohs1/ webgate/ config/ simple
Note: OAM can be configured in one of three modes OPEN, SIMPLE, CERT , for steps to change communication MODE in OAMclick here
Issue: In my case .pem file under folder simple were missing (other reason could be that files are there but certificate inside these files are expired)
Note: These files are generated on OAM server under
a) If WebGate instance is created using RREG then files will be generated under $OAM_ORACLE_HOME/oam/server/rreg/output
b) If WebGate instance is created/updated using OAM console then files will be generated under $DOMAIN_HOME/output/[WEBGATE_NAME]
I installed OAM 11G R2 11.1.2.2 on centos 7.
In same VM installed apache 2.4.6 and installed 11g web gate.
But when i start apache, i was getting below error
Cannot load /opt/oamapachewebgate/webgate/apache/lib/webgatessl.so into server: /opt/oamapachewebgate/webgate/apache/lib/webgatessl.so: wrong ELF class: ELFCLASS32
Now getting below error while starting apache web server.
Jan 18 16:21:40 localhost.localdomain httpd[5015]: AH00526: Syntax error on line 12 of /etc/httpd/conf/webgate.conf:
Jan 18 16:21:40 localhost.localdomain httpd[5015]: Invalid command ‘WebGateInstalldir’, perhaps misspelled or defined by a module not included in the server configuration
Jan 18 16:21:40 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE