Running AdminUI, when trying to import a simple certificate, AdminUI reports an error

Article Id: 131227

Status: Published

Updated On: 23-04-2019 07:01

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

We're running running an AdminUI, when we try to import a simple
certificate, AdminUI reports an error :

Error: System error while attempting to import: One or more
exceptions trying to commit keystore changes. Please consult the logs.

Cause:

Looking at the CDS log and the AdminUI log, we see that already a
certificate with the same subject exists :

cds.log

[Apr 23 2019 10:23:02,060] CertificateDataStore [ERROR]
CertificateDataStoreImpl.addCertificateToDB(): The certificate
already exists in the Certificate Data Store with alias
"my_test_sign". Cert Subject:
CN=mytest,O=sign,ST=myState,C=myCountry Cert Serial Number: 00

server.log

2019-04-23 10:23:02,060 [ERROR]
com.ca.fedpki.api.remote.FedPkiKeyStore [] - **ERROR**
java.security.cert.CertificateException commiting keystore change for
alias my_test_sign_new.
java.security.cert.CertificateException: Could
not add certificate 'my_test_sign_new' (check logs for reason)

Environment:

Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP
Component:

Resolution:

In the AdminUI, remove the old certificate. Then add the new
certificate.