Endpoint detection server Aggregator service fails to start due to 'Keystore was tampered with, or password was incorrect'
Article ID: 258435
Updated On:
Products
Data Loss Prevention Enterprise Suite
Data Loss Prevention Enforce
Data Loss Prevention Endpoint Prevent
Data Loss Prevention Endpoint Suite
Data Loss Prevention
Issue/Introduction
The Endpoint server's aggregator service fails to start, and you are unable to build agent packages.
In the endpoint server aggregator log we see the following error:
Class: com.vontu.aggregator.Aggregator
Method: main
Level: SEVERE
Message: Aggregator failed to start.
com.vontu.util.ProtectRuntimeException: java.io.IOException: Keystore was tampered with, or password was incorrect
at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:83)
at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:53)
at com.vontu.aggregator.Aggregator.initializeAggregator(Aggregator.java:310)
at com.vontu.aggregator.Aggregator.main(Aggregator.java:228)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:792)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:57)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:71)
at java.security.KeyStore.load(KeyStore.java:1445)
at com.symantec.dlp.util.keystore.KeystoreEntry.<init>(KeystoreEntry.java:59)
at com.symantec.dlp.util.keystore.KeystoreEntry.<init>(KeystoreEntry.java:50)
at com.vontu.aggregator.EndpointCommLayerSettingsFromEnforceBasicSettings.<init>(EndpointCommLayerSettingsFromEnforceBasicSettings.java:78)
... 3 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:790)
... 10 moreIn the Enforce localhost log, after trying to create an agent package we see the following error:
Level: SEVERE
Source: com.vontu.manager.spring.web.ManagerHandlerExceptionResolver
Message: Unexpected exception while processing request:
Cause:
java.lang.IllegalStateException: argument type mismatch
Controller [com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController]
Method [public org.springframework.web.servlet.ModelAndView com.vontu.manager.admin.endpoint.agentpackage.AgentPackageController.createPackage(java.util.Locale,java.lang.String,com.vontu.manager.admin.endpoint.agentpackage.AgentPackageData,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,org.springframework.web.multipart.MultipartFile,java.lang.String[],int[],org.springframework.validation.BindingResult,com.vontu.manager.ui.messagehandler.WebMessageHandler,org.springframework.web.servlet.mvc.support.RedirectAttributes,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse) throws com.vontu.manager.security.csrf.CsrfProtectionTokenInvalidException] with argument values:Environment
Release: 16.0
Resolution
This is caused by a password mismatch in the database and the "DLP_Default_Truststore.jks" file. There are two possible solutions.
- Remove and re-add the detection server to the Enforce console.
OR
- On the Enforce server, rename the DLP_Default_truststore.jks to DLP_Default_Truststore.bak and restart the Detection Server Controller Service. This trust store would be recreated on service startup if it's missing and should fix the errors.
Trust store locations
Windows:
X:\ProgramData\Symantec\DataLossPrevention\EnforceServer\16.0.00000\keystore
Linux:
/var/Symantec/DataLossPrevention/EnforceServer/16.0.00000/keystore
Feedback
Yes
No
Powered by
