search cancel

JCS not available on Linux server

book

Article ID: 201155

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

Utilizing an on premise (non vApp) Identity Manager setup, JCS is not usable. (JCS is installed on a Linux server)

The process is up however JCS is not responding.

We already tried following

https://knowledge.broadcom.com/external/article/41395/jcs-running-but-not-handling-requests.html

However, the data folder is not created / populated after JCS has been restarted.

Cause

Low entropy causing the service not to start properly

Environment

Release : 14.x

Component : IdentityMinder(Identity Manager) - Linux based JCS

Resolution

Ensure entropy level is sufficient (between 2000-3000)

cat /proc/sys/kernel/random/entropy_avail to verify current entropy and adjust as needed

Additional Information

This issue is not relevant to vApp running the latest vApp CPs. The Random Number Generator (RNGD) service used for setting up the entropy is disabled on the Virtual Appliance in those releases.

It has been observed that the RNGD service consumes excessive CPU thus impacting the other services on the Virtual Appliance. The RNGD service is now disabled and services like JCS are modified to run without the help of RNGD, using /dev/urandom.
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-suite/14-3/release-notes/Virtual-Appliance-Release-Notes/14_3-CP1-Release-Notes.html