"Failed to generate agent installer package. Try again later." seen in the Enforce Console while creating an agent installer package
search cancel

"Failed to generate agent installer package. Try again later." seen in the Enforce Console while creating an agent installer package

book

Article ID: 163329

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

You are receiving an error stating "Failed to generate agent installer package. Try again later." in the Enforce Console while creating an agent installer package and the following error is logged:

Thread: 94 SEVERE [com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController] Unable to generate agent install package: Error generating agent installer package

Cause:
com.vontu.enforce.domainlayer.endpoint.packaging.AgentPackageException: Error generating agent installer package
com.vontu.enforce.domainlayer.certificate.CertificateException: com.vontu.communication.transport.exception.CertificateException: Failed to generated client keysException on execution of command 
com.vontu.communication.transport.exception.CertificateException: Failed to generated client keysException on execution of command 
com.vontu.communication.transport.exception.CertificateException: Exception on execution of command 
java.io.IOException: Cannot run program "D:\SymantecDLP\jre\bin\keytool": CreateProcess error=193, %1 is not a valid Win32 application
java.io.IOException: CreateProcess error=193, %1 is not a valid Win32 application

Cause

The keytool.exe file under java directory is not accessible to DLP service user on enforce

For version 15.8 and above, the JRE path is "<Install_Dir>:\Program Files\AdoptOpenJRE\JRE<version>\bin".

Resolution

Please follow below mentioned instructions:

      1. Verify if keytool.exe under location <Install_Dir>:\Program Files\AdoptOpen\JRE<version>\bin is blocked with security tool.
      2. Verify if DLP service user has full access to keytool.exe if not follow below steps.
        • Right clicj keytool.exe > properties > security.
        • Add the DLP service user if not already added and provide full control.
      3. Possibly keytool.exe is corrupt and may need to be replaced from a working machine or new enforce package of same version can be downloaded from Broadcom support portal. Follow below steps:
        • Stop all Symantec DLP Enforce Services as outlined in TECH220062
        • Take a backup of Keytool.exe (located in <Install_Dir>:\Program Files\AdoptOpen\JRE<version>\bin by default)
        • Copy Keytool.exe from your lab (or another location) and replace the failing one on the Enforce server, where package generation is failing, in the same directory (<Install_Dir>:\Program Files\AdoptOpenJRE\JRE\bin by default)
          • Ensure this is for the same version of DLP.  *This tool is version specific*
        • Restart Symantec DLP Enforce Services as outlined in TECH220062
        • Attempt package generation again
Powered by Wolken Software