CA Workload Control Center Services do not start - java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
Article ID: 207757
Updated On:
Products
Issue/Introduction
WCC services failed to start with the following exception in the CA-wcc.log -
INFO | jvm 1 | 2021/02/01 01:36:16 | 1 | SEVERE: Failed to initialize end point associated with ProtocolHandler ["https-jsse-nio-9443"]
INFO | jvm 1 | 2021/02/01 01:36:16 | 1 | java.lang.IllegalArgumentException: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
INFO | jvm 1 | 2021/02/01 01:36:16 | 1 | at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
INFO | jvm 1 | 2021/02/01 01:36:16 | 1 | at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85)
INFO | jvm 1 | 2021/02/01 01:36:16 | 1 | at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225)
INFO | jvm 1 | 2021/02/01 01:36:16 | 1 | at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:972)
Environment
WORKLOAD CONTROL CENTER
Cause
The trustStore property in the WCC's wrapper configuration is either missing or invalid.
Resolution
Log on to the WCC host server -
Open the file "$CA_WCC_INSTALL_LOCATION/tomcat/conf/wrapper.conf"
Ensure the java wrapper property "wrapper.java.additional.6=-Djavax.net.ssl.trustStore" is set to the file where the certificates reside. By default WCC is configured to store all it's certificates in the file "$CA_WCC_INSTALL_LOCATION/data/config/.keystore". The appropriate value for the property is below -
wrapper.java.additional.6=-Djavax.net.ssl.trustStore=%CA_WCC_INSTALL_LOCATION%/data/config/.keystore
Restart WCC services
Additional Information
For 11.4.x: Verify the same in the "$CA_WCC_INSTALL_LOCATION/tomcat_32/conf/wrapper.conf" as well.
Feedback
