search cancel

EEM lost all applications after the restart and does allow to log users from AD/internal store

book

Article ID: 201458

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager CA Service Catalog Process Automation Manager

Issue/Introduction

EEM lost all applications after the restart and does allow to log users from AD/internal store

Error in the logs:

WARN : Setting pswitch to autodetect StartTLS protocol [116]

WARN : Certificate 'config/ssld/personalities/itechpoz.pem' is outside of validity date range

WARN : Unable to get certificate from 'config/ssld/personalities/itechpoz.pem' [116]

WARN : set_cert_stuff failed [116] 

WARN : Cannot get personality [116]

WARN : Cannot create an SSL context

Cause

Customer installed its own certificate which expired

Environment

Release : 17.2

Component : SERVICE DESK MANAGER / Catalog / PAM

Resolution

Follow the steps below to re-create and replace with a self-signed certificate:

On the CA EEM Server where the certificates have to be issued, navigate to the following location:
EIAM_HOME/bin
Execute the following command:
java -jar eiam-clustersetup.jar
A confirmation message appears.
Type Y and press Enter.
Execute the following command
modifycerts
The following message appears:
Enter Certificate KeyLength [default = 1024]
Do one of the following steps:
To accept the default KeyLength, press Enter.
To specify a different KeyLength, type the desired option and press Enter


Additional Information

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-identity-and-access-management/ca-embedded-entitlements-manager/12-6/configuring/certificates-with-custom-key-length-for-ca-eem-server/how-to-generate-the-certificates.html