search cancel

Unable to import Certificate on AdminUI

book

Article ID: 229835

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

2021-11-19 12:57:55,295 [ERROR] com.ca.federation.adminui.backingbean.keystore.KeyStoreImportBean [] - **ERROR** during UI operation: System error trying to complete import:One or more exceptions trying to commit keystore changes. Please consult the logs.

Environment

Release : 12.8sp1

Component : SITEMINDER -POLICY SERVER

Cause

Customer noticed error in their Policy Store (IBM Directory Server 6.4) in the ibmsldap.log
where the length of the XPSPROPERTY is over assigned.

 

 

Resolution

 

2021-11-30 13:52:33,426 [ERROR] com.ca.siteminder.rpc.rpc.ClientDispatcher [] - fault ServerException([sm-xpsxps-01080] : Error occurred during "Add" for "xpsNumber=1003961883,ou=XPS,ou=policysvr4,ou=siteminder,ou=netegrity,dc=siteminder", text: Object class violation : ) object.create 'Certificate'

2021-11-30 13:52:33,428 [ERROR] com.ca.fedpki.api.remote.FedPkiKeyStore [] - **ERROR** java.io.IOException commiting keystore change for alias sit-intlagsps.us.

java.io.IOException: Exception occurred while adding a certificate to the Certificate Data Store. Exception Message: Failed creating object of class Certificate.

 

At the same time we saw an error in ibmsldap.log pointing the length of the XPSPROPERTY is over assigned.

 

2021-11-30T13:52:33.415294-5:00 GLPRDB069E Attribute XPSPROPERTY has a maximum value length of 240. Current attribute value is of length 2011.

 

By increasing the value to a higher number “4000”, resolved the issue.