Running AdminUI, when trying to import a simple certificate, AdminUI reports an error

book

Article ID: 131227

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

We're running running an AdminUI, when we try to import a simple
certificate, AdminUI reports an error :

Error: System error while attempting to import: One or more
exceptions trying to commit keystore changes. Please consult the logs.

Cause

Looking at the CDS log and the AdminUI log, we see that already a
certificate with the same subject exists :

cds.log 

  [Apr 23 2019 10:23:02,060] CertificateDataStore [ERROR] 
  CertificateDataStoreImpl.addCertificateToDB(): The certificate 
  already exists in the Certificate Data Store with alias 
  "my_test_sign". Cert Subject: 
  CN=mytest,O=sign,ST=myState,C=myCountry Cert Serial Number: 00 

server.log 

  2019-04-23 10:23:02,060 [ERROR] 
  com.ca.fedpki.api.remote.FedPkiKeyStore [] - **ERROR** 
  java.security.cert.CertificateException commiting keystore change for 
  alias my_test_sign_new. 
  java.security.cert.CertificateException: Could 
  not add certificate 'my_test_sign_new' (check logs for reason) 
 

Environment

Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP
Component:

Resolution

In the AdminUI, remove the old certificate. Then add the new
certificate.