Endpoint detection server Aggregator service fails to start due to 'Keystore was tampered with, or password was incorrect'
search cancel

Endpoint detection server Aggregator service fails to start due to 'Keystore was tampered with, or password was incorrect'

book

Article ID: 258435

calendar_today

Updated On:

Products

Data Loss Prevention Enterprise Suite

Issue/Introduction

The Endpoint server's aggregator service fails to start and you are unable to build agent packages. 

 

In the endpoint server aggregator log we see the following error:

 

Class: com.vontu.aggregator.Aggregator
Method: main
Level: SEVERE
Message:  Aggregator failed to start.
com.vontu.util.ProtectRuntimeException: java.io.IOException: Keystore was tampered with, or password was incorrect
	at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:83)
	at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:53)
	at com.vontu.aggregator.Aggregator.initializeAggregator(Aggregator.java:310)
	at com.vontu.aggregator.Aggregator.main(Aggregator.java:228)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:792)
	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:57)
	at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
	at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:71)
	at java.security.KeyStore.load(KeyStore.java:1445)
	at com.symantec.dlp.util.keystore.KeystoreEntry.<init>(KeystoreEntry.java:59)
	at com.symantec.dlp.util.keystore.KeystoreEntry.<init>(KeystoreEntry.java:50)
	at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:78)
	... 3 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:790)
	... 10 more

In the Enforce localhost log, after trying to create an agent package we see the following error:

Level: SEVERE
Source: com.vontu.manager.spring.web.ManagerHandlerExceptionResolver
Message: Unexpected exception while processing request:
Cause:
java.lang.IllegalStateException: argument type mismatch
Controller [com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController]
Method [public org.springframework.web.servlet.ModelAndView com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController.createPackage(java.util.Locale,java.lang.String,com.vontu.manager.admin.endpoint.agentpackage.AgentPackageData,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,java.lang.String[],int[],org.springframework.validation.BindingResult,com.vontu.manager.ui.messagehandler.WebMessageHandler,org.springframework.web.servlet.mvc.support.RedirectAttributes,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse) throws com.vontu.manager.security.csrf.CsrfProtectionTokenInvalidException] with argument values:

Environment

Release : 16.0

Resolution

This is caused by a password mismatch in the database and the "DLP_Default_Truststore.jks" file.  There are two possible solutions.

 

Remove and readd the detection server to the enforce console

 

rename the DLP_Default_truststore.jks to DLP_Default_Truststore.bak and restart the DLP services.  This truststore should be recreated on service startup if its missing and should fix the errors.  The endpoint servers will also need to be restarted after the new truststore has been created.