Policy manager 10.1 cannot launch or take long time to show the login window
search cancel

Policy manager 10.1 cannot launch or take long time to show the login window


Article ID: 226767


Updated On:


CA API Gateway Enterprise Service Manager (Layer 7) API SECURITY CA API Gateway CA Mobile API Gateway CA Rapid App Security STARTER PACK-7


Users of linux machines are now failing to connect to PolicyManager server after updated to version 10

These users previously were able to have full connectivity to version 9 of the PolicyManager using Java 8

Once the desktop client (Manaher.sh) started to use the required Java 11 the application fails to respond on time with reported launch times of up to 10 minutes.

Once the application is launched the UI becomes very unresponsive to the point of making it unusable


Sample user launch command

javaInstallation/jdk-11.0.12/bin/java -Xmx1024M -Xss1024k -server -Dcom.l7tech.proxy.listener.maxthreads=300 -Dsun.net.inetaddr.ttl=10 -Dnetworkaddress.cache.ttl=10 -Dfile.encoding=UTF-8 -Duser.language=en -Duser.country=US --add-opens=java.base/sun.security.jca=ALL-UNNAMED --add-opens=jdk.crypto.ec/sun.security.ec=ALL-UNNAMED -Dprism.verbose=true -jar Manager.jar

Sample User Machine Details

Linux user-machine 5.4.0-77-generic #86-Ubuntu SMP Thu Jun 17 02:35:03 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux


    description: Notebook
    product: HP ZBook 14u G6 (4YP08AV)
    vendor: HP
    width: 64 bits
    capabilities: smbios-3.1.0 dmi-3.1.0 smp vsyscall32

       description: Motherboard
       product: 8549
       vendor: HP
       physical id: 0
       version: KBC Version 52.5F.00
          description: System Memory
          physical id: 7
          slot: System board or motherboard
          size: 32GiB

          description: CPU
          product: Intel(R) Core(TM) i7-8565U CPU @ 1.80GHz
          vendor: Intel Corp.
          physical id: 15
          bus info: cpu@0
          version: Intel(R) Core(TM) i7-8565U CPU @ 1.80GHz
          serial: To Be Filled By O.E.M.
          slot: U3E1
          size: 1948MHz
          capacity: 4600MHz
          width: 64 bits
          clock: 100MHz


Release :

Component :


The random number generation delays the JVM.

/dev/random is the default generator for SUN's JVM, it can potentially block the Policy Manager process because on some operating systems /dev/random waits for a certain amount of "noise" to be generated on the host machine before returning a result. 


To test it,

time head -n1 /dev/random


If the command does not return immediately, use /dev/urandom instead


Edit the javainstallfolder/conf/security/java.security,