The CA Identiy Manager (IM) Virtual Appliance fails to start logging an exception in the application server log.
/opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates/caim-srv (Permission denied)
Full error message:
2020-10-18 09:58:52,985 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service jboss.server.controller.management.security_realm.WebSslRealm.key-manager: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.WebSslRealm.key-manager: JBAS015229: Unable to start service
at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:154)
at org.jboss.as.domain.management.security.FileKeyManagerService.start(FileKeyManagerService.java:119)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [rt.jar:1.8.0_212]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [rt.jar:1.8.0_212]
at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_212]
Caused by: java.io.FileNotFoundException: /opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates/caim-srv (Permission denied)
at java.io.FileInputStream.open0(Native Method) [rt.jar:1.8.0_212]
at java.io.FileInputStream.open(FileInputStream.java:195) [rt.jar:1.8.0_212]
at java.io.FileInputStream.<init>(FileInputStream.java:138) [rt.jar:1.8.0_212]
at java.io.FileInputStream.<init>(FileInputStream.java:93) [rt.jar:1.8.0_212]
at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:112)
... 6 more
Release : 14.x
Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)
The problem was as a result of caim-srv file permissions being changed in the following directory.
/opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates
This was caused by manual intervention when a back up was manually taken and the caim-srv file had its permissions set chmod 400
r--------
Reset to default permission to chmod 644
rw-r--r--
and after the vApp was reboot IM works as expected.