Solved: Re: wt.load.LoadFromFile

NSS · ‎May 31, 2023

windchill shell:

windchill wt.load.LoadFromFile -d "D:\PTC\Windchill_12.0\Windchill\src\loadFiles/users.xml"--javaargs="-Dcom.ptc.net.auth.user="wcadmin" -Dcom.ptc.net.auth.password="wcadmin"" -CONT_PATH \"/wt.inf.container.OrgContainer=xxx\"

Error:

The operation: "getPrincipal" failed.

Nested exception is: wt.util.WTRemoteException: Unable to invoke remote method

Nested exception is: wt.method.AuthenticationException

Resolution tried:

1. keytool -import -alias someAliasName -file C:\ptc\Windchill_12.0\HTTPServer\conf\server.crt -storetype jks -keystore c:\ptc\JDK11\lib\security\jssecacerts

2. ant -DHTTPS_ENABLED=true -f config.xml reconfigure

3. Restarted all Apache services

and tried to run the windchill wt.load.LoadFromFile"". still facing the same issue, any suggestions

HelesicPetr · ‎Jun 01, 2023

Hi @NSS

Is the certificate generated to specific server name with full domain? There are several troubles if the certificate is in chain.

Use any app to open the keyStore and check if the store really contains your certificate with correct windchill server name

PetrH

View solution in original post

avillanueva · ‎May 31, 2023

Is it your quotes around wcadmin? You also seem to have mixed slashes in your path for the load file.

HelesicPetr · ‎May 31, 2023

Hi @NSS

I would check all cases described in the article https://www.ptc.com/en/support/article/cs82453

Check if the certificate is really the one that should be used and is really in the key store.

ps: why do you use javaargs instead of -u and -p arguments ?

I would like to see a methodserver log file because the error "getPrincipal failed" show me that the principal may not exist

PetrH

NSS · ‎May 31, 2023

I have used javaargs by referring this article https://www.ptc.com/en/support/article/CS63015

avillanueva · ‎May 31, 2023

correct but you do not need quotes around username and password values.

 --javaargs="-Dcom.ptc.net.auth.user=<username> -Dcom.ptc.net.auth.password=<password>"

NSS · ‎May 31, 2023

I have tried both with and w/o quotes and also please ignore mixed slashes too as I mentioned earlier

it throws same error.

avillanueva · ‎May 31, 2023

Let's take a step back. You can leave off that block and let system prompt you for login. Also, have you tried wt.auth.Authentication to verify that login is working?

NSS · ‎May 31, 2023

wt.auth.Authentication failed.

DEBUG wt.httpgw.HTTPLogin - Failed to get input stream from connection
javax.net.ssl.SSLHandshakeException: No name matching xxx.com found.

Also, next step "wt.server.codebase" value is not getting updated in wt.properties.

HelesicPetr · ‎Jun 01, 2023

Hi @NSS

This error tells you that the ssl certificate in the key store is wrong. So you need to import correct one.

PetrH

NSS · ‎Jun 01, 2023

Hi PetrH,

ssl certificate created by me and followed the steps in the article for importing.

would you like to suggest any idea here on verify the same or any other possibilities.

HelesicPetr · ‎Jun 01, 2023

Hi @NSS

Is the certificate generated to specific server name with full domain? There are several troubles if the certificate is in chain.

Use any app to open the keyStore and check if the store really contains your certificate with correct windchill server name

PetrH