When running SSlConfig, it fails and the following error is seen in the SSlConfig.log file:

DEBUG | 2024-10-04 16:59:55,505 | com.ca.im.portal.sslConfig.impl.config.configsteps.CertificateStep | Step failed
java.io.IOException: Keystore was tampered with, or password was incorrect
    at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) ~[?:?]
    at sun.security.util.KeyStoreDelegator.engineLoad(Unknown Source) ~[?:?]
    at java.security.KeyStore.load(Unknown Source) ~[?:?]
    at java.security.KeyStore.getInstance(Unknown Source) ~[?:?]
    at java.security.KeyStore.getInstance(Unknown Source) ~[?:?]
    at com.ca.im.portal.sslConfig.impl.config.configsteps.CertificateStep.trustCertificate(CertificateStep.java:424) ~[portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.config.configsteps.CertificateStep.performStep(CertificateStep.java:148) [portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.config.ConfigStep.performConfigurationStep(ConfigStep.java:58) [portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.app.SslConfiguration.performConfiguration(SslConfiguration.java:178) [portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.app.SslConfiguration.configurePerformanceCenterForSSL(SslConfiguration.java:107) [portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.app.SslConfigUtility.configureSSL(SslConfigUtility.java:334) [portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.app.SslConfigUtility.showMainMenu(SslConfigUtility.java:213) [portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.app.SslConfigUtility.run(SslConfigUtility.java:65) [portal.ssl.config.jar:?]
    at com.ca.im.portal.sslConfig.impl.SslConfig.main(SslConfig.java:64) [portal.ssl.config.jar:?]
    at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
    at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
    at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
    at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
    at com.zerog.lax.LAX.launch(Unknown Source) [lax.jar:?]
    at com.zerog.lax.LAX.main(Unknown Source) [lax.jar:?]
Caused by: java.security.UnrecoverableKeyException: Password verification failed
    ... 20 more
INFO  | 2024-10-04 16:59:55,511 | com.ca.im.portal.sslConfig.impl.utils.OutputUtils |    The step failed to run: Keystore was tampered with, or password was incorrect

Version: Any

The following could be the root cause of the error:

• Entered the password for the Java Trust-store incorrectly
• The keystore password has special characters
• rngd not installed

• The default password for the Java Trust-store is changeit. If this has been changed, you will need to enter the changed password.
• If the keystore password has special characters, try putting single quotes around the password
• Install rng-tools
  
   

What is the RNGD service in Linux?

Random number generators are one of the most important building blocks of cryptosystems. The rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).

To install, run the following as the root user:

yum install rng-tools
service rngd start

NOTE: rng-tools is not a required package for the installation. However, for systems where little UI activity happens (aka headless VMs), there is little data being generated like mouse movements, etc to generate random data for /dev/random for things like SALT generation for encryption.