Autosys WebUI failed: Keystore was tampered with, or password was incorrect
Article ID: 233424
Updated On:
Products
Issue/Introduction
Autosys WebUI does not start after renewing the SSL certificates.
CA-wcc.log under $CA_WCC_INSTALL_LOCATION/log/CA-wcc.log contains the following exception -
INFO | jvm 1 | 2022/01/31 02:54:58 | 3 | Jan 31, 2022 2:54:58 AM org.apache.coyote.AbstractProtocol init
INFO | jvm 1 | 2022/01/31 02:54:58 | 3 | INFO: Initializing ProtocolHandler ["https-jsse-nio-8443"]
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | Jan 31, 2022 2:54:58 AM org.apache.catalina.util.LifecycleBase handleSubClassException
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | SEVERE: Failed to initialize component [Connector[HTTP/1.1-8443]]
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | org.apache.catalina.LifecycleException: Protocol handler initialization failed
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.connector.Connector.initInternal(Connector.java:1013)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.core.StandardService.initInternal(StandardService.java:533)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1057)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.startup.Catalina.load(Catalina.java:584)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.startup.Catalina.load(Catalina.java:607)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at java.lang.reflect.Method.invoke(Method.java:498)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:303)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:473)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at java.lang.reflect.Method.invoke(Method.java:498)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.tanukisoftware.wrapper.WrapperStartStopApp.run(WrapperStartStopApp.java:429)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at java.lang.Thread.run(Thread.java:821)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | Caused by: java.lang.IllegalArgumentException: Keystore was tampered with, or password was incorrect
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:217)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1154)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | at org.apache.catalina.connector.Connector.initInternal(Connector.java:1010)
INFO | jvm 1 | 2022/01/31 02:54:58 | 4 | ... 19 more
Environment
Release : 12.0
Component :
Cause
Incorrect SSL certificate Keystore related properties were configured in the Autosys WebUI (tomcat's server.xml file)
Resolution
1. Stop WebUI services (CA-wcc and CA-wcc-services)
2. Take a backup of Autosys WebUI's server.xml file ($CA_WCC_INSTALL_LOCATION/tomcat/conf/server.xml)
3. Edit Autosys WebUI's server.xml file ($CA_WCC_INSTALL_LOCATION/tomcat/conf/server.xml)
4. Verify the SSL certificate related configuration properties under tag: <Connector..../>
Certificate Name in the keyAlias -
keyAlias="tomcat"
KeystoreFile Path -
keystoreFile="/opt/CA/WorkloadAutomationAE/wcc/data/config/.keystore"
Keystore Password -
keystorePass="changeit"
5. The aforementioned values for the properties are the defaults. These have to be updated according to the SSL certificates in the keystore that is being used.
6. Save the file and Restart the WCC services.
Additional Information
https://techdocs.broadcom.com/us/en/ca-enterprise-software/intelligent-automation/autosys-workload-automation/12-0-01/administrating/ca-wcc-administration/customize-secure-access-to-ca-wcc.html
Feedback
