Autosys web server error javax.security.auth.login.LoginException: org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use RSA key with non-approved size: 1024: RSA
Article ID: 221902
Updated On:
Products
Issue/Introduction
After upgrading from 11.x to 12.x, below error shows up in the waae_webservices_wrapper.log when AEWS URL is used with appropriate credentials:
INFO | jvm 1 | 2021/08/17 10:04:08 | 17-Aug-2021 10:04:08.133 WARNING [https-jsse-nio-9443-exec-4] org.apache.catalina.realm.JAASRealm.authenticate Login exception authenticating username [ejmadmin]
INFO | jvm 1 | 2021/08/17 10:04:08 | javax.security.auth.login.LoginException: org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use RSA key with non-approved size: 1024: RSA
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.bouncycastle.crypto.fips.FipsRSA$SignatureOperatorFactory.createSigner(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.bouncycastle.crypto.fips.FipsRSA$SignatureOperatorFactory.createSigner(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.bouncycastle.jcajce.provider.ProvRSA$AdaptiveSignatureOperatorFactory.createSigner(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.bouncycastle.jcajce.provider.ProvRSA$AdaptiveSignatureOperatorFactory.createSigner(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.bouncycastle.jcajce.provider.BaseSignature.engineInitSign(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.security.Signature$Delegate.engineInitSign(Signature.java:1329)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.security.Signature.initSign(Signature.java:621)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.itechnology.iclient.IclUtil.signData(IclUtil.java:2482)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.itechnology.iclient.IclUtil.buildMethod(IclUtil.java:905)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.itechnology.iclient.IclMethod.runBatMethod(IclMethod.java:186)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.itechnology.iclient.Iclient.runBatMethod(Iclient.java:580)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.itechnology.iclient.Iclient.runMethod(Iclient.java:496)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.eiam.poz.Network.RunMethod(Network.java:90)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.eiam.poz.PozFactory.attachPoz(PozFactory.java:326)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.eiam.SafeContext.attach(SafeContext.java:1441)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.waae.security.AEEiamLoginModule.createSafeContextUsingJAASConfig(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.waae.security.AEEiamLoginModule.createSafeContextInstance(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.waae.security.AEEiamLoginModule.getSafeContextUsingSCF(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.waae.security.AEEiamLoginModule.getSafeContextFacade(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.waae.security.AEEiamLoginModule.authenticateWithPassword(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at com.ca.waae.security.AEEiamLoginModule.login(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at sun.reflect.GeneratedMethodAccessor60.invoke(Unknown Source)
INFO | jvm 1 | 2021/08/17 10:04:08 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.lang.reflect.Method.invoke(Method.java:498)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.security.AccessController.doPrivileged(AccessController.java:770)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:418)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:332)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.authenticator.BasicAuthenticator.doAuthenticate(BasicAuthenticator.java:101)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:631)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:688)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1594)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.lang.Thread.run(Thread.java:821)
INFO | jvm 1 | 2021/08/17 10:04:08 |
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.security.AccessController.doPrivileged(AccessController.java:770)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
INFO | jvm 1 | 2021/08/17 10:04:08 | at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:418)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:332)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.authenticator.BasicAuthenticator.doAuthenticate(BasicAuthenticator.java:101)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:631)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:688)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1594)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
INFO | jvm 1 | 2021/08/17 10:04:08 | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
INFO | jvm 1 | 2021/08/17 10:04:08 | at java.lang.Thread.run(Thread.java:821)
Environment
Release : 12.0
Component :
Cause
Autosys's EEM certificate (in the Autosys tables) is using 1024 bit keys
Resolution
Use autosys_secure to regenerate EEM cert for Autosys (NOT WCC, just autosys) using the first section of the document here: https://ca-broadcomcsm.wolkenservicedesk.com/wolken/esd/knowledgebase_search?articleId=9957
Feedback
