search cancel

r12 WCC, wcc_config gives Exception in thread "main" org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use RSA key with non-approved size: 1024: RSA

book

Article ID: 214385

calendar_today

Updated On:

Products

CA Workload Automation AE

Issue/Introduction

Trying to run  change_eem.sh,   customer gets an error

log4j:WARN No appenders could be found for logger (com.ca.wcc.encrypt.Cryptor).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Exception in thread "main" org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use RSA key with non-approved size: 1024: RSA
        at org.bouncycastle.crypto.fips.FipsRSA$SignatureOperatorFactory.createSigner(Unknown Source)
        at org.bouncycastle.crypto.fips.FipsRSA$SignatureOperatorFactory.createSigner(Unknown Source)
        at org.bouncycastle.jcajce.provider.ProvRSA$AdaptiveSignatureOperatorFactory.createSigner(Unknown Source)
        at org.bouncycastle.jcajce.provider.ProvRSA$AdaptiveSignatureOperatorFactory.createSigner(Unknown Source)
        at org.bouncycastle.jcajce.provider.BaseSignature.engineInitSign(Unknown Source)
        at java.security.Signature$Delegate.engineInitSign(Signature.java:1329)
        at java.security.Signature.initSign(Signature.java:621)
        at com.ca.itechnology.iclient.IclUtil.signData(IclUtil.java:2482)
        at com.ca.itechnology.iclient.IclUtil.buildMethod(IclUtil.java:905)
        at com.ca.itechnology.iclient.IclMethod.runBatMethod(IclMethod.java:186)
        at com.ca.itechnology.iclient.Iclient.runBatMethod(Iclient.java:580)
        at com.ca.itechnology.iclient.Iclient.runMethod(Iclient.java:496)
        at com.ca.eiam.poz.Network.RunMethod(Network.java:90)
        at com.ca.eiam.poz.PozFactory.attachPoz(PozFactory.java:326)
        at com.ca.eiam.SafeContext.attach(SafeContext.java:1441)
        at com.ca.uejm.access.providers.EmbIAMAccessProvider.establishSafeContext(Unknown Source)
        at com.ca.uejm.access.providers.EmbIAMAccessProvider.isExternalDirectoryUsed(Unknown Source)
        at com.ca.wcc.config.command.cli.EEMChangeCommand.validateOldEEM(EEMChangeCommand.java:520)
        at com.ca.wcc.config.command.cli.EEMChangeCommand.main(EEMChangeCommand.java:371)

 

Environment

Release : 11.3

Component : CA Workload Automation Database Agent

Resolution

1) use new/updated wcc.pem/wcc.key files copied into data/config
2) then run change_eem.sh instead of wcc_config.sh with newly