APM IA - WebServer agent - Can't read encrypted keystore password

book

Article ID: 145185

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management (APM / Wily / Introscope) INTROSCOPE DX Application Performance Management

Issue/Introduction

Requirement to monitor web servers in non permissive mode, certificates have been imported in keystore and resolved the trust.
The truststore password was entered in the bundle.properties in plain text

After first start all is good.

After the restart the agent can't read the password (which is now encrypted by the agent itself) from bundle.properties:

     [ERROR] [IntroscopeAgent.WebserverMonitor.WebServerMonitorEngine] I/O error reading truststore file: Keystore was tampered with, or password was incorrect

After the password gets re-entered it works when the agent is started, after the next restart it is broken again.

 

Cause

The password was being re-encrypted after every restart of the APM Infrastructure Agent.
For example

1st restart

     webserver.truststore.password=ENC[TMTYQnBLvYa9T+QPJ2Fv10PLxl+V6qqraooK9/QYAs8=

 

2nd restart

     webserver.truststore.password=ENC[lopJHTanpZdlwf8NsfP0Kn+wnQtSa5xfHZUFflayyruSX/axngjSoWcMI3+6zZAB30idtUodH3E=

Environment

Release : 10.7.0

Component : APM Agents

Resolution

A fix was created and would be included in the next release, 10.7 SP4

Related defect is DE442499