WCC failed to start with an Unexpected error: java.security.InvalidAlgorithmParameterException
Article ID: 255394
Updated On: 09-12-2023
Products
Autosys Workload Automation
Issue/Introduction
The Autosys WebUI portal failed to launch after configuring the SSL certificates.
The WCC log file (%CA_WCC_INSTALL_LOCATION\CA-wcc.log) has the following exception(s) captured -
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | @asi <ForkJoinPool-9-worker-1> [] ERROR #SchedulerAgentsDAO # Exception writing Agents to database : Internal error parsing response from Scheduler Test
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | com.ca.workload.services.exceptions.WlaInternalServerErrorException: Internal error parsing response from Scheduler Test
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at com.ca.workload.services.cam.adapters.AEAdapter.getAgents(AEAdapter.java:159)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at com.ca.workload.services.cam.dao.SchedulerAgentsDAOImpl.retrieveSchedulerAgentsFromScheduler(SchedulerAgentsDAOImpl.java:107)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at com.ca.workload.services.cam.tasks.RefreshAgents.compute(RefreshAgents.java:54)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.util.concurrent.RecursiveAction.exec(RecursiveAction.java:189)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:289)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.util.concurrent.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1056)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1692)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:157)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | Caused by: com.ca.workload.services.exceptions.WlaHTTPSProtocolException: HTTP 400 Bad Request
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at com.ca.workload.services.config.CAMResponseLoader.getResponse(CAMResponseLoader.java:194)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at com.ca.workload.services.cam.adapters.AEAdapter.getAgents(AEAdapter.java:146)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | ... 7 more
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1903)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1886)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1402)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:347)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.internal.HttpUrlConnector._apply(HttpUrlConnector.java:399)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:285)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:252)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:684)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:681)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:444)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:681)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:411)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:311)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at com.ca.workload.services.config.CAMResponseLoader.getResponse(CAMResponseLoader.java:158)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | ... 8 more
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:91)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.validator.Validator.getInstance(Validator.java:181)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:312)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:171)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:184)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:105)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at com.ca.workload.services.config.CAMResponseLoader$TempTrustManager.checkServerTrusted(CAMResponseLoader.java:277)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1091)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | ... 28 more
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:89)
INFO | jvm 1 | 2022/12/02 10:39:43 | 501 | ... 42 more
INFO | jvm 1 | 2022/12/02 10:40:05 | 521 | Dec 02, 2022 10:40:05 AM org.owasp.csrfguard.log.JavaLogger log
INFO | jvm 1 | 2022/12/02 10:40:05 | 521 | INFO: CsrfGuard analyzing request /wcc/quickview/pages/main.jsf
Environment
Release : 11.3.6
Cause
The trustAnchors exception is a truststore exception and may appear due to -
Missing or invalid truststore location
Incorrect truststore password
Resolution
If the truststore/keystore certificate key name (default: tomcat) password (default: changeit) are non-default, you would repeatedly see this message in the log file %CA_WCC_INSTALL_LOCTION%\CA-wcc.log
Add an additional java environment-variable in the wrapper.conf file as following:
wrapper.java.additional.<number>=-Djavax.net.ssl.trustStorePassword=<keystorepassword>
wrapper.java.additional.15=-Djavax.net.ssl.trustStorePassword=P@55w0rD
Example:
To use ‘P@55w0rD’ as the new password for keystore:
Verify the trustStore location provided under existing wrapper.java.additional property.
wrapper.java.additional.<number>=-D"javax.net.ssl.trustStore=%CA_WCC_INSTALL_LOCATION%/data/config/.keystore"
Restart the WCC services
Feedback
Yes
No
Powered by
