search cancel

CA Identity Manager fails to start on vApp

book

Article ID: 201691

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

The CA Identiy Manager (IM) Virtual Appliance fails to start logging an exception in the application server log.

 

/opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates/caim-srv (Permission denied)

 

Full error message:

2020-10-18 09:58:52,985 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service jboss.server.controller.management.security_realm.WebSslRealm.key-manager: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.WebSslRealm.key-manager: JBAS015229: Unable to start service
 at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:154)
 at org.jboss.as.domain.management.security.FileKeyManagerService.start(FileKeyManagerService.java:119)
 at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
 at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.2.Final.jar:1.2.2.Final]
 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [rt.jar:1.8.0_212]
 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [rt.jar:1.8.0_212]
 at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_212]
Caused by: java.io.FileNotFoundException: /opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates/caim-srv (Permission denied)
 at java.io.FileInputStream.open0(Native Method) [rt.jar:1.8.0_212]
 at java.io.FileInputStream.open(FileInputStream.java:195) [rt.jar:1.8.0_212]
 at java.io.FileInputStream.<init>(FileInputStream.java:138) [rt.jar:1.8.0_212]
 at java.io.FileInputStream.<init>(FileInputStream.java:93) [rt.jar:1.8.0_212]
 at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:112)
 ... 6 more

Cause

The problem was as a result of caim-srv file permissions being changed in the following directory.

/opt/CA/VirtualAppliance/custom/wildfly-ssl-certificates


This was caused by manual intervention when a back up was manually taken and the caim-srv file had its permissions set chmod 400 

r--------

Environment

Release : 14.x

Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)

Resolution

 

Reset to default permission to chmod 644

rw-r--r-- 

and after the vApp was reboot IM works as expected.