proxyui ssl keystore error

book

Article ID: 195307

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) SITEMINDER

Issue/Introduction


This issue is related SSL configuration on Access Gateway in production environment when apply a keystore password with special characters like % and $.

The error is:
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-9543"]
java.io.IOException: Keystore was tampered with, or password was incorrect

where 9543 is SSL port.




However if we apply a keystore password without special characters with only number and letters SSL configuration works well.

Cause

the special charactors may also be interpreted as escape characters. 

Environment

CA Access Gateway: 12.6 12.8 SP4. 

Resolution

When you run the ./GenerateSSLConfig.sh -keystorepass,  putting the password in quotes like so resolves the issue. 

EXAMPLE:

On Redhat:  ./GenerateSSLConfig.sh -keystorepass 'myPA$$wo%d'

On windows:  .\GenerateSSLConfig.Bat -keystorepass 'myPA$$wo%d'

Attachments

1594930589025__Vault error when keystore password contains special characters - Red Hat Customer Portal.pdf get_app