Error 16: GSKKM_ERR_DATABASE_INVALID_PASSWORD when you generate or view a certificate

book

Article ID: 178115

calendar_today

Updated On:

Products

Security Information Manager

Issue/Introduction

The customer reports that they are unable to view any existing certificates or create any new certificates via the SSIM web interface.

Symptoms

When the customer tries to view or create a certificate they will get an error very similar to the one below.

Error: 16

Please refer to the GSKCapiCmd User's Guide
for the meaning of the error.

Error id: GSKKM_ERR_DATABASE_INVALID_PASSWORD
Details: /etc/symantec/ses/key.kdb

Cause

The password for the key db are created randomly and on a rare occaision the randomly generated password will contain a "-" minus sign as the first character of the password. The certficate tool is unable to handle a password of this format and will return the error message above.

Resolution

Run the following command to get your existing password...

/opt/Symantec/simserver/bin/get_stash_pwd.pl /etc/symantec/ses/key.sth

You can change the password using the following command:

gsk7cmd.ssim –keydb –changepw -db /etc/symantec/ses/key.kdb –new_pw <"some password not beginning with -"> -stash

This will prompt you for existing password. You should enter the password you get from the first command.