wcc_config error: E150012 - Unexpected error occurred during processing the command

book

Article ID: 198605

calendar_today

Updated On:

Products

CA Workload Automation AE

Issue/Introduction

The CA Workload control center configuration utility wcc_config  returns the following error:

[[email protected]:/opt/CA/WorkloadCC/bin]# ./wcc_config.sh -u ejmcommander -p ejmcommander -dbapp WCC --dbplatform oracle --dbtnspath /opt/oracle/app/product/12.1.0/client_1/network/admin/ --dbtnsname WCCDB --dbuser wcc --dbpassword xxxxxx
Logging in as 'ejmcommander' - SUCCESS

E150012 - Unexpected error occurred during processing the command.

The below message appeared in the wcc_config log: /opt/CA/WorkloadCC/log/application/cli/wcc_config.log -

[ <main> [] ] ERROR 2020-09-01 16:03:05,190  com.ca.uejm.access.providers.EmbIAMAccessProvider Cannot init EEM SDK to FIPS mode. [SafeConfigurator::initItech: itech initialization failed]
com.ca.eiam.SafeException: EE_EXCEPTION Exception; eiam.config location was: /opt/CA/WorkloadCC/data/config/application/config/resources/eiam.config
[ <main> [] ] ERROR 2020-09-01 16:03:08,589  root
java.lang.NullPointerException
        at java.util.Hashtable.put(Hashtable.java:460)
        at java.util.Properties.setProperty(Properties.java:166)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.doDBChanges(ConfigurationCommand.java:1338)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.main(ConfigurationCommand.java:970)
[ <main> [] ] ERROR 2020-09-01 16:07:22,966  com.ca.uejm.access.providers.EmbIAMAccessProvider Cannot init EEM SDK to FIPS mode. [SafeConfigurator::initItech: itech initialization failed]
com.ca.eiam.SafeException: EE_EXCEPTION Exception; eiam.config location was: /opt/CA/WorkloadCC/data/config/application/config/resources/eiam.config
[ <main> [] ] ERROR 2020-09-01 16:07:30,431  root
java.lang.NullPointerException
        at java.util.Hashtable.put(Hashtable.java:460)
        at java.util.Properties.setProperty(Properties.java:166)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.doDBChanges(ConfigurationCommand.java:1338)
        at com.ca.wcc.config.command.cli.ConfigurationCommand.main(ConfigurationCommand.java:970)

Cause

The issue observed after modifying the /opt/CA/WorkloadCC/data/config/application/config/resources/eiam.config on the WCC server to address the Bouncy Castle vulnerability.

<SDK type="Java">
        <iTechSDK>
                <!-- possible values are OFF/ON. This tag is used to override the default initialization. By default it is set to OFF -->
               <FIPSMode>On</FIPSMode>
               <JCEProvider>BCFIPS</JCEProvider>   <!--Note: Default JCEProvider was set to "JsafeJCE" -->
               <Security>
                        <!-- possible values are MD5/SHA1/SHA256/SHA384/SHA512 -->
                        <digestAlgorithm>SHA1</digestAlgorithm>
                        <keyLength>2048</keyLength>
                </Security>
                <Debug>
                        <!-- possible values are severe/warning/info/config/fine/finer/finest/all/off -->
                        <logLevel>off</logLevel>
                        <!-- possible values are true/false -->
                        <logToFile>true</logToFile>
                        <!-- log file name -->
                        <logFile></logFile>
                        <!-- log file size in MB (positive integer) -->
                        <maxLogSize>1000</maxLogSize>
                </Debug>
        </iTechSDK>
</SDK>

The current issue surfaced due to no relevant security provider found in the java security configuration file.

Environment

Release : 11.4

Component : CA Workload Control Center

Resolution

  1. Shutdown CA WCC services
  2. Appended the following files to add "security.provider.10=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider
    /opt/CA/WorkloadCC/jre/lib/security/java.security 
    /opt/CA/WorkloadCC/jre_32/lib/security/java.security
  3. Start CA WCC services
  4. Rerun the wcc_config utility