search cancel

wcc_config error: E150012 - Unexpected error occurred during processing the command

book

Article ID: 198605

calendar_today

Updated On:

Products

CA Workload Automation AE

Issue/Introduction

The CA Workload control center configuration utility wcc_config  returns the following error:

[[email protected]:/opt/CA/WorkloadCC/bin]# ./wcc_config.sh -u ejmcommander -p ejmcommander -dbapp WCC --dbplatform oracle --dbtnspath /opt/oracle/app/product/12.1.0/client_1/network/admin/ --dbtnsname WCCDB --dbuser wcc --dbpassword xxxxxx
Logging in as 'ejmcommander' - SUCCESS

E150012 - Unexpected error occurred during processing the command.

The below message appeared in the wcc_config log: /opt/CA/WorkloadCC/log/application/cli/wcc_config.log -

[ <main> [] ] ERROR 2020-09-01 16:03:05,190  com.ca.uejm.access.providers.EmbIAMAccessProvider Cannot init EEM SDK to FIPS mode. [SafeConfigurator::initItech: itech initialization failed]
com.ca.eiam.SafeException: EE_EXCEPTION Exception; eiam.config location was: /opt/CA/WorkloadCC/data/config/application/config/resources/eiam.config
[ <main> [] ] ERROR 2020-09-01 16:03:08,589  root
java.lang.NullPointerException
        at java.util.Hashtable.put(Hashtable.java:460)
        at java.util.Properties.setProperty(Properties.java:166)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.doDBChanges(ConfigurationCommand.java:1338)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.main(ConfigurationCommand.java:970)
[ <main> [] ] ERROR 2020-09-01 16:07:22,966  com.ca.uejm.access.providers.EmbIAMAccessProvider Cannot init EEM SDK to FIPS mode. [SafeConfigurator::initItech: itech initialization failed]
com.ca.eiam.SafeException: EE_EXCEPTION Exception; eiam.config location was: /opt/CA/WorkloadCC/data/config/application/config/resources/eiam.config
[ <main> [] ] ERROR 2020-09-01 16:07:30,431  root
java.lang.NullPointerException
        at java.util.Hashtable.put(Hashtable.java:460)
        at java.util.Properties.setProperty(Properties.java:166)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.doDBChanges(ConfigurationCommand.java:1338)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.main(ConfigurationCommand.java:970)

Environment

Release : 11.4

Component : CA Workload Control Center

Cause

The issue observed after modifying the /opt/CA/WorkloadCC/data/config/application/config/resources/eiam.config on the WCC server to address the Bouncy Castle vulnerability.

<SDK type="Java">
        <iTechSDK>
                <!-- possible values are OFF/ON. This tag is used to override the default initialization. By default it is set to OFF -->
               <FIPSMode>On</FIPSMode>
               <JCEProvider>BCFIPS</JCEProvider>   <!--Note: Default JCEProvider was set to "JsafeJCE" -->
               <Security>
                        <!-- possible values are MD5/SHA1/SHA256/SHA384/SHA512 -->
                        <digestAlgorithm>SHA1</digestAlgorithm>
                        <keyLength>2048</keyLength>
                </Security>
                <Debug>
                        <!-- possible values are severe/warning/info/config/fine/finer/finest/all/off -->
                        <logLevel>off</logLevel>
                        <!-- possible values are true/false -->
                        <logToFile>true</logToFile>
                        <!-- log file name -->
                        <logFile></logFile>
                        <!-- log file size in MB (positive integer) -->
                        <maxLogSize>1000</maxLogSize>
                </Debug>
        </iTechSDK>
</SDK>

The current issue surfaced due to no relevant security provider found in the java security configuration file.

Resolution

  1. Shutdown CA WCC services
  2. Appended the following files to add "security.provider.10=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider
    /opt/CA/WorkloadCC/jre/lib/security/java.security 
    /opt/CA/WorkloadCC/jre_32/lib/security/java.security
  3. Start CA WCC services
  4. Rerun the wcc_config utility