The Endpoint server's aggregator service fails to start and you are unable to build agent packages.
In the endpoint server aggregator log we see the following error:
Class: com.vontu.aggregator.Aggregator
Method: main
Level: SEVERE
Message: Aggregator failed to start.
com.vontu.util.ProtectRuntimeException: java.io.IOException: Keystore was tampered with, or password was incorrect
at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:83)
at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:53)
at com.vontu.aggregator.Aggregator.initializeAggregator(Aggregator.java:310)
at com.vontu.aggregator.Aggregator.main(Aggregator.java:228)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:792)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:57)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:71)
at java.security.KeyStore.load(KeyStore.java:1445)
at com.symantec.dlp.util.keystore.KeystoreEntry.<init>(KeystoreEntry.java:59)
at com.symantec.dlp.util.keystore.KeystoreEntry.<init>(KeystoreEntry.java:50)
at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:78)
... 3 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:790)
... 10 more
In the Enforce localhost log, after trying to create an agent package we see the following error:
Level: SEVERE
Source: com.vontu.manager.spring.web.ManagerHandlerExceptionResolver
Message: Unexpected exception while processing request:
Cause:
java.lang.IllegalStateException: argument type mismatch
Controller [com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController]
Method [public org.springframework.web.servlet.ModelAndView com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController.createPackage(java.util.Locale,java.lang.String,com.vontu.manager.admin.endpoint.agentpackage.AgentPackageData,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,java.lang.String[],int[],org.springframework.validation.BindingResult,com.vontu.manager.ui.messagehandler.WebMessageHandler,org.springframework.web.servlet.mvc.support.RedirectAttributes,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse) throws com.vontu.manager.security.csrf.CsrfProtectionTokenInvalidException] with argument values:
Release : 16.0
This is caused by a password mismatch in the database and the "DLP_Default_Truststore.jks" file. There are two possible solutions.
Remove and readd the detection server to the enforce console
rename the DLP_Default_truststore.jks to DLP_Default_Truststore.bak and restart the DLP services. This truststore should be recreated on service startup if its missing and should fix the errors. The endpoint servers will also need to be restarted after the new truststore has been created.