Server status shows as unknown for Endpoint Prevent server
search cancel

Server status shows as unknown for Endpoint Prevent server

book

Article ID: 242514

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

In the last 30 days, it does not show information on Endpoint Incidents, it shows a No Data to Display alert.

Endpoint Detection Server appears to be under an unknown state/status.

 

Cause

DetectionServerControllerService log shows failed attempt to create a keytool command umpon receiving a confirmed connection.  You can also see this in MonitorController0.log on Enforce.

com.vontu.communication.dataflow.TransportManager connectionUp
INFO: Connection up for address: detectionserver
com.vontu.monitor.controller.activemonitor.ActiveMonitorSubsystem$UpdateMonitorVersion run
SEVERE: UpdateMonitorVersion caught exception.
com.vontu.util.ProtectRuntimeException: com.vontu.enforce.domainlayer.certificate.CertificateException: com.vontu.communication.transport.exception.CertificateException: Error generating server keystore Exception on execution of command 
 at com.vontu.monitor.controller.informationmonitor.mapper.MonitorChannelKeystoreUpdater.generateKeyAndTrustStoreAndAddData(MonitorChannelKeystoreUpdater.java:165)
 at com.vontu.monitor.controller.informationmonitor.mapper.MonitorChannelKeystoreUpdater.updateKeyAndTrustStoreData(MonitorChannelKeystoreUpdater.java:110)
 at com.vontu.monitor.controller.informationmonitor.mapper.MonitorChannelKeystoreUpdater.getMonitorChannelKeystoreConfig(MonitorChannelKeystoreUpdater.java:77)
 at com.vontu.monitor.controller.informationmonitor.mapper.EndpointChannelMapper.convert(EndpointChannelMapper.java:61)
 at com.vontu.monitor.controller.informationmonitor.mapper.EndpointChannelMapper.convert(EndpointChannelMapper.java:32)
 at com.vontu.monitor.controller.informationmonitor.mapper.InformationMonitorMapper.convertAndAdd(InformationMonitorMapper.java:107)
 at com.vontu.monitor.controller.informationmonitor.mapper.InformationMonitorMapper.convert(InformationMonitorMapper.java:97)
 at com.vontu.monitor.controller.informationmonitor.mapper.InformationMonitorMapper.convert(InformationMonitorMapper.java:37)
 at com.vontu.util.collection.ConvertingIterator.next(ConvertingIterator.java:45)
 at com.vontu.monitor.communication.configset.dataflow.ReconcilingConfigStore.sendLoadInstruction(ReconcilingConfigStore.java:124)
 at com.vontu.monitor.communication.configset.dataflow.ReconcilingConfigStore.load(ReconcilingConfigStore.java:116)
 at com.vontu.monitor.controller.informationmonitor.InformationMonitorSubsystem.monitorAdded(InformationMonitorSubsystem.java:111)
 at com.vontu.monitor.controller.activemonitor.ValidatingMonitorConfigsObserverAdapter.itemAdded(ValidatingMonitorConfigsObserverAdapter.java:54)
 at com.vontu.monitor.controller.activemonitor.ValidatingMonitorConfigsObserverAdapter.itemAdded(ValidatingMonitorConfigsObserverAdapter.java:31)
 at com.vontu.monitor.communication.configset.BasicConfigSourceObserver.handleConfigSourceUpdate(BasicConfigSourceObserver.java:41)
 at com.vontu.monitor.communication.configset.BasicConfigSourceObserver.configSourceChanged(BasicConfigSourceObserver.java:33)
 at com.vontu.monitor.controller.OrderedConfigSourceObserver.applyChange(OrderedConfigSourceObserver.java:81)
 at com.vontu.monitor.controller.OrderedConfigSourceObserver.configSourceChanged(OrderedConfigSourceObserver.java:72)
 at com.vontu.monitor.communication.configset.local.LocalConfigStore.notifyOfChange(LocalConfigStore.java:156)
 at com.vontu.monitor.communication.configset.local.LocalConfigStore.put(LocalConfigStore.java:86)
 at com.vontu.monitor.controller.activemonitor.ActiveMonitorSet.updateMonitorVersion(ActiveMonitorSet.java:103)
 at com.vontu.monitor.controller.activemonitor.ActiveMonitorSubsystem$UpdateMonitorVersion.run(ActiveMonitorSubsystem.java:163)
 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
 at java.lang.Thread.run(Thread.java:748)
Caused by: com.vontu.enforce.domainlayer.certificate.CertificateException: com.vontu.communication.transport.exception.CertificateException: Error generating server keystore Exception on execution of command 
 at com.vontu.enforce.domainlayer.certificate.CertificateService.addKeystoreForServer(CertificateService.java:535)
 at com.vontu.enforce.domainlayer.certificate.CertificateService.addKeyAndTrustStoreForServer(CertificateService.java:431)
 at com.vontu.enforce.domainlayer.certificate.CertificateService$$FastClassBySpringCGLIB$$d55a2a27.invoke(<generated>)
 at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
 at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746)
 at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
 at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:294)
 at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
 at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185)
 at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)
 at com.vontu.enforce.domainlayer.certificate.CertificateService$$EnhancerBySpringCGLIB$$9573c28d.addKeyAndTrustStoreForServer(<generated>)
 at com.vontu.monitor.controller.informationmonitor.mapper.MonitorChannelKeystoreUpdater.generateKeyAndTrustStoreAndAddData(MonitorChannelKeystoreUpdater.java:147)
 ... 24 more
Caused by: com.vontu.communication.transport.exception.CertificateException: Error generating server keystore Exception on execution of command 
 at com.vontu.communication.transport.CertificateGenerator.generateServerKeystore(CertificateGenerator.java:176)
 at com.vontu.enforce.domainlayer.certificate.CertificateService.addKeystoreForServer(CertificateService.java:501)
 ... 35 more
Caused by: com.vontu.communication.transport.exception.CertificateException: Exception on execution of command 
 at com.vontu.communication.transport.keytool.KeytoolCommand.runKeytool(KeytoolCommand.java:65)
 at com.vontu.communication.transport.keytool.KeyPairGenerator.generateKeyPair(KeyPairGenerator.java:118)
 at com.vontu.communication.transport.keytool.KeyPairGenerator.generateKeyPair(KeyPairGenerator.java:44)
 at com.vontu.communication.transport.CertificateGenerator.generateServerKeystore(CertificateGenerator.java:125)
 ... 36 more
Caused by: java.io.IOException: Cannot run program "C:\Program Files\Symantec\DataLossPrevention\ServerJRE\1.8.0_202\bin\keytool": CreateProcess error=193, %1 is not a valid Win32 application
 at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
 at com.vontu.communication.transport.keytool.KeytoolCommand.runKeytool(KeytoolCommand.java:51)
 ... 39 more
Caused by: java.io.IOException: CreateProcess error=193, %1 is not a valid Win32 application
 at java.lang.ProcessImpl.create(Native Method)
 at java.lang.ProcessImpl.<init>(ProcessImpl.java:386)
 at java.lang.ProcessImpl.start(ProcessImpl.java:137)
 at java.lang.ProcessBuilder.start(ProcessBuilder.java:1029)
 ... 40 more

Resolution

A keytool file was found within the java_home\bin directory. This file was 0 bytes.

An additional keytool file was found, with an extension, that had more than 0 bytes.

The solution was to remove the 0 byte keytool file from the java_home\bin directory and restart DLP services.

Powered by Wolken Software