Application Server Agent 12.0 SP2 for Websphere doesn't start after installing fixpack 21 for Websphere 8.5
search cancel

Application Server Agent 12.0 SP2 for Websphere doesn't start after installing fixpack 21 for Websphere 8.5

book

Article ID: 242348

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder)

Issue/Introduction

Post installation of fixpack 21 of WebSphere 8.5 customer is getting below error during the ASA (ver 12.0 SP2) startup:

[5/10/22 15:42:38:799 CEST] 00000001 TrustAssociat E   SECJ0384E: Trust Association Init Error. The Trust Association interceptor implementation com.netegrity.siteminder.websphere.auth.SmTrustAssociationInterceptor initialization failed. The error status/exception is java.lang.ExceptionInInitializerError

    at java.lang.J9VMInternals.ensureError(J9VMInternals.java:145)

        at java.lang.J9VMInternals.recordInitializationFailure(J9VMInternals.java:134)

        at com.ca.siteminder.sdk.agentapi.ff.a(DashoA10*..)

        at netegrity.siteminder.javaagent.di.a(DashoA10*..)

        at netegrity.siteminder.javaagent.di.a(DashoA10*..)

        at com.netegrity.siteminder.agentcommon.framework.eq.a(DashoA10*..)

        at com.netegrity.siteminder.agentcommon.framework.cw.c(DashoA10*..)

        at com.netegrity.siteminder.agentcommon.framework.cw.a(DashoA10*..)

        at com.netegrity.siteminder.agentcommon.framework.g.a(DashoA10*..)

        at com.netegrity.siteminder.asaframework.common.d.<init>(DashoA10*..)

        at com.netegrity.siteminder.websphere.auth.SmTrustAssociationInterceptor.initialize(DashoA10*..)

        at com.ibm.ws.security.web.TrustAssociationManager.loadInterceptor(TrustAssociationManager.java:497)

        at com.ibm.ws.security.web.TrustAssociationManager.initialize(TrustAssociationManager.java:386)

        at com.ibm.ws.security.web.TrustAssociationManager.<init>(TrustAssociationManager.java:142)

        at com.ibm.ws.security.web.TrustAssociationManager.getInstance(TrustAssociationManager.java:115)

        at com.ibm.ws.security.core.distSecurityComponentImpl.initializeSSOTAI(distSecurityComponentImpl.java:1084)

        at com.ibm.ws.security.core.distSecurityComponentImpl.initialize(distSecurityComponentImpl.java:400)

        at com.ibm.ws.security.core.SecurityComponentImpl.initialize(SecurityComponentImpl.java:94)

        at com.ibm.ws.runtime.component.ContainerHelper.initWsComponent(ContainerHelper.java:1193)

        at com.ibm.ws.runtime.component.ContainerHelper.initializeComponent(ContainerHelper.java:1100)

        at com.ibm.ws.runtime.component.ContainerHelper.initializeComponents(ContainerHelper.java:902)

        at com.ibm.ws.runtime.component.ContainerImpl.initializeComponents(ContainerImpl.java:776)

        at com.ibm.ws.runtime.component.ContainerImpl.initializeComponents(ContainerImpl.java:750)

        at com.ibm.ws.runtime.component.ServerImpl.initialize(ServerImpl.java:370)

        at com.ibm.ws.runtime.WsServerImpl.bootServerContainer(WsServerImpl.java:307)

        at com.ibm.ws.runtime.WsServerImpl.start(WsServerImpl.java:238)

        at com.ibm.ws.runtime.WsServerImpl.main(WsServerImpl.java:711)

        at com.ibm.ws.runtime.WsServer.main(WsServer.java:59)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)

        at java.lang.reflect.Method.invoke(Method.java:508)

        at com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:234)

        at com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:96)

        at com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:77)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)

        at java.lang.reflect.Method.invoke(Method.java:508)

        at org.eclipse.equinox.internal.app.EclipseAppContainer.callMethodWithException(EclipseAppContainer.java:587)

        at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:198)

        at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:110)

        at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:79)

        at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:369)

        at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:179)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)

        at java.lang.reflect.Method.invoke(Method.java:508)

        at org.eclipse.core.launcher.Main.invokeFramework(Main.java:340)

        at org.eclipse.core.launcher.Main.basicRun(Main.java:282)

        at org.eclipse.core.launcher.Main.run(Main.java:981)

        at com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLauncher.java:425)

        at com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:178)

Caused by: java.lang.SecurityException: JCE cannot authenticate the provider JsafeJCE

        at javax.crypto.Cipher.getInstance(Unknown Source)

        at com.ca.siteminder.sdk.agentapi.crypto.ew.f(DashoA10*..)

        at com.ca.siteminder.sdk.agentapi.crypto.ey.<init>(DashoA10*..)

        at com.ca.siteminder.sdk.agentapi.crypto.ew.a(DashoA10*..)
        at com.ca.siteminder.sdk.agentapi.connection.fp.<clinit>(DashoA10*..)
        ... 52 more
Caused by: java.util.jar.JarException: file:/opt/IBM/WebSphere/AppServer/java/jre/lib/ext/sm_cryptoj.jar is not signed by a trusted signer.
        at javax.crypto.a.a(Unknown Source)
        at javax.crypto.a.a(Unknown Source)
        at javax.crypto.a.a(Unknown Source)
        at javax.crypto.b.b(Unknown Source)
        at javax.crypto.b.a(Unknown Source)
        ... 57 more
. If you receive this error message in association with a trust association interceptor that you are not using, you can ignore this message.
[5/10/22 15:42:38:805 CEST] 00000001 distSecurityC I   SECJ0240I: Security service initialization completed successfully
 
the JRE version is:
java version "1.8.0_311"
Java(TM) SE Runtime Environment (build 8.0.7.0 - pxa6480sr7-20211025_01(SR7))
IBM J9 VM (build 2.9, JRE 1.8.0 Linux amd64-64-Bit Compressed References 20211022_15212 (JIT enabled, AOT enabled)
OpenJ9   - 6abb372
OMR      - b898db9
IBM      - 2f2c48b)
JCL - 20210930_01 based on Oracle jdk8u311-b11

Environment

Release : 12 SP2

Component : Application Server Agents for WebSphere  

Resolution

This is known issue and an announcement has been published either to roll back the updates or upgrade the ASA agent to R12.8.  

https://community.broadcom.com/HigherLogic/System/DownloadDocumentFile.ashx?DocumentFileKey=fa2b34bb-b160-b145-b0b4-a71a2d674ca3&forceDialog=0

Please refer the PSM's for your reference R12.8 ASA PSM for compatibility of WAS versions.

Customer either has to rollback the changes made to make it working as earlier or they have to upgrade the ASA agent to R12.8 version to fix this issue.

Powered by Wolken Software