Attempt to regenerate self-signed certs may result in to failure reporting following error.
[dsa@hostname ~]$ dxcertgen certs
Setting root certificate and public/private keys for signing...
! Exporting certificate 'dxcertgen' from /opt/CA/Directory/dxserver/config/ssld/javakeystores/cacerts...
! alias 'dxcertgen' not found
Generating public and private key pair...
! Generating key pair for 'dxcertgen' in /opt/CA/Directory/dxserver/config/ssld/javakeystores/cacerts...
Error: keytool error: java.security.KeyStoreException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_SESSION_READ_ONLY
Error: keytoolGenerateKeyPair() failed
Error: generateKeyPair() failed
Error: setRootCertAndKeyPair() failed
Segmentation fault (core dumped)
[dsa@hostname ~]$
Release : 14.1
Component : CA Directory
This could be related to you having JAVA_HOME set for 'dsa' user.
e.g. As a 'dsa' user, execute 'env' command from system prompt and you will see something like the below in the output:
JAVA_HOME=/usr/lib/jvm/java-1.8.0
Solution would be to:
** Temporarily unset this JAVA_HOME variable for 'dsa' user account.
** Re-run 'dxcertgen certs' command
** After successful execution, you can reintroduce JAVA_HOME back in the environment.