We just upgraded to 10.7. We are getting an error where IAM is up, but ED says that it cannot connect. Need help troubleshooting. Our entire environment is down..
Release : 10.7
Component : DevTest Identity Access Manager
iam.properties file was copied from 10.6 environment to 10.7.2 environment
iam.keystore=${IAM_HOME}../custom_certs/my.server.keystore.jks
iam.keystore.password=${VAULT::IAM::IAM_KEYSTORE_PASSWORD::1}
iam.truststore=${IAM_HOME}../custom_certs/my.server.truststore.jks
iam.truststore.password=${VAULT::IAM::IAM_TRUSTSTORE_PASSWORD::1}
The encryption on the passwords changed between 10.6 and 10.7.
As a result, we were seeing these errors in the logs
2022-06-28 10:16:13,153 WARN [org.wildfly.extension.elytron] (MSC service thread 1-7) WFLYELY00023: KeyStore file 'D:\apps\CA\DevTest10.7\IdentityAccessManager\standalone\configuration\application.keystore' does not exist. Used blank.
2022-06-28 10:16:13,153 WARN [org.wildfly.extension.elytron] (MSC service thread 1-8) WFLYELY01084: KeyStore D:\apps\CA\DevTest10.7\IdentityAccessManager\standalone\configuration\application.keystore not found, it will be auto generated on first use with a self-signed certificate for host localhost
2022-06-28 10:16:13,200 INFO [org.jboss.as.patching] (MSC service thread 1-7) WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches include: none
2022-06-28 10:16:13,231 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service org.wildfly.core.management.security.realm.iamRealm.key-manager: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.iamRealm.key-manager:
Retype the cert passwords for Keystore and Trustore in iam.properties file
and
Cleared the browser cache.