CA Identity Manager fails to start on vApp

search cancel

CA Identity Manager fails to start on vApp

book

Article ID: 201691

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

The CA Identiy Manager (IM) Virtual Appliance fails to start logging an exception in the application server log.

/opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates/caim-srv (Permission denied)

Full error message:

2020-10-18 09:58:52,985 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service jboss.server.controller.management.security_realm.WebSslRealm.key-manager: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.WebSslRealm.key-manager: JBAS015229: Unable to start service
at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:154)
at org.jboss.as.domain.management.security.FileKeyManagerService.start(FileKeyManagerService.java:119)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [rt.jar:1.8.0_212]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [rt.jar:1.8.0_212]
at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_212]
Caused by: java.io.FileNotFoundException: /opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates/caim-srv (Permission denied)
at java.io.FileInputStream.open0(Native Method) [rt.jar:1.8.0_212]
at java.io.FileInputStream.open(FileInputStream.java:195) [rt.jar:1.8.0_212]
at java.io.FileInputStream.<init>(FileInputStream.java:138) [rt.jar:1.8.0_212]
at java.io.FileInputStream.<init>(FileInputStream.java:93) [rt.jar:1.8.0_212]
at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:112)
... 6 more

Environment

Release : 14.x

Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)

Cause

The problem was as a result of caim-srv file permissions being changed in the following directory.

/opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates

This was caused by manual intervention when a back up was manually taken and the caim-srv file had its permissions set chmod 400

r--------

Resolution

Reset to default permission to chmod 644

rw-r--r--

and after the vApp was reboot IM works as expected.

Feedback

thumb_up Yes

thumb_down No