Unable to create agent install packages in a non-production environment after cloning the production database.
Despite the error message, you can use keytool.exe without a password to view the details of the certificate_authority_v1.jks file.
Source: com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController
Message: Unable to generate an agent install package. The certificate authority keystore is missing or corrupt. Please repair the keystore before creating an agent package.
This error could manifest after installing Enforce on a non-production server and then attaching a cloned copy of a database from another environment.
The password stored in the cloned Oracle database is for the original copy of the certificate authority keystore file (certificate_authority_v1.jks) located on the production server.
The AgentPackageController retrieves an encrypted password from the Oracle database when generating a keypair using the certificate_authority_v1.jks file.
However, the password stored in the database is for the original file on the production Enforce server and the file on the non-production Enforce server has a different password so the operation fails.
The keystore file's password is randomly-generated at install and is non-recoverable.
There are multiple ways to resolve this situation.
If you have access to the original keystore file from the production server, then copy the original keystore file to the non-production server:
Another possible solution is to update the password for the certificate_authority_v1.jks using the Enforce console: