Policy manager 10.1 cannot launch or take long time to show the login window
search cancel

Policy manager 10.1 cannot launch or take long time to show the login window

book

Article ID: 226767

calendar_today

Updated On:

Products

CA API Gateway Enterprise Service Manager (Layer 7) API SECURITY CA API Gateway CA Mobile API Gateway CA Rapid App Security STARTER PACK-7

Issue/Introduction

Users of linux machines are now failing to connect to PolicyManager server after updated to version 10

These users previously were able to have full connectivity to version 9 of the PolicyManager using Java 8

Once the desktop client (Manaher.sh) started to use the required Java 11 the application fails to respond on time with reported launch times of up to 10 minutes.

Once the application is launched the UI becomes very unresponsive to the point of making it unusable

 

Sample user launch command


javaInstallation/jdk-11.0.12/bin/java -Xmx1024M -Xss1024k -server -Dcom.l7tech.proxy.listener.maxthreads=300 -Dsun.net.inetaddr.ttl=10 -Dnetworkaddress.cache.ttl=10 -Dfile.encoding=UTF-8 -Duser.language=en -Duser.country=US --add-opens=java.base/sun.security.jca=ALL-UNNAMED --add-opens=jdk.crypto.ec/sun.security.ec=ALL-UNNAMED -Dprism.verbose=true -jar Manager.jar

Sample User Machine Details

Linux user-machine 5.4.0-77-generic #86-Ubuntu SMP Thu Jun 17 02:35:03 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

 

    description: Notebook
    product: HP ZBook 14u G6 (4YP08AV)
    vendor: HP
    width: 64 bits
    capabilities: smbios-3.1.0 dmi-3.1.0 smp vsyscall32

  *-core
       description: Motherboard
       product: 8549
       vendor: HP
       physical id: 0
       version: KBC Version 52.5F.00
     *-memory
          description: System Memory
          physical id: 7
          slot: System board or motherboard
          size: 32GiB

     *-cpu
          description: CPU
          product: Intel(R) Core(TM) i7-8565U CPU @ 1.80GHz
          vendor: Intel Corp.
          physical id: 15
          bus info: cpu@0
          version: Intel(R) Core(TM) i7-8565U CPU @ 1.80GHz
          serial: To Be Filled By O.E.M.
          slot: U3E1
          size: 1948MHz
          capacity: 4600MHz
          width: 64 bits
          clock: 100MHz

Environment

Release :

Component :

Cause

The random number generation delays the JVM.

/dev/random is the default generator for SUN's JVM, it can potentially block the Policy Manager process because on some operating systems /dev/random waits for a certain amount of "noise" to be generated on the host machine before returning a result. 

 

To test it,

time head -n1 /dev/random

 

If the command does not return immediately, use /dev/urandom instead

Resolution

Edit the javainstallfolder/conf/security/java.security,

change,

securerandom.source=file:/dev/random

to,

securerandom.source=file:/dev/urandom

Powered by Wolken Software