Upgrading AdoptOpenJDK causes Access Gateway (SPS) to not start
search cancel

Upgrading AdoptOpenJDK causes Access Gateway (SPS) to not start

book

Article ID: 264451

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

Customer has upgraded the JDK used by Access Gateway (Secure Proxy Server) from JDK 8 to JDK 11 (AdoptOpenJDK).  The appropriate update was made to the SmSpsProxyEngine.properties file, however, Tomcat will not start properly when the Access Gateway services are started.  The Windows services show that the Access Gateway services are started but there are no log files created except the nohup.log which shows the following entry:

-Djava.endorsed.dirs=D:\CA\secure-proxy\Tomcat\endorsed is not supported. Endorsed standards and standalone APIs
in modular form will be supported via the concept of upgradeable modules.
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.

The Event Viewer has no warnings/errors that point to the cause.

Environment

Release : 12.8.07

Windows and Linux

Cause

Access Gateway install using 1.7 or 1.8 and on updating the JDK 11 / JDK 17 versions are not endorsed, Hence Access Gateway services (Tomcat component) doesn't start.

 

 

Resolution

There are two workarounds available.

1. Reinstalling the Access Gateway pointing to JDK 11 or JDK 17 will create new SmSpsProxyEngine.properties file for windows and proxyserver.sh new file will be created for linux resolved the issue.

2.

-> For windows Access gateway comment out Tomcat endosed in the file SmSpsProxyEngine.properties

-> For Linux Access Gateway Update the below parameters in the proxyserver.sh

SM_PROXY_CP=${TOMCAT_HOME}/bin/proxybootstrap.jar:${TOMCAT_HOME}/properties:${NETE_SPS_ROOT}/resources:${TOMCAT_HOME}/bin/bootstrap.jar:${TOMCAT_HOME}/endorsed/
jakarta.xml.bind-api.jar:${TOMCAT_HOME}/endorsed/jsr105-api-1.0.1.jar:${TOMCAT_HOME}/endorsed/jakarta.xml.ws-api-2.3.2.jar:${TOMCAT_HOME}/endorsed/stax-ex.jar:$
{TOMCAT_HOME}/endorsed/jakarta.activation-api.jar:${TOMCAT_HOME}/lib/smi18n.jar:${NETE_SPS_ROOT}/agentframework/java/bc-fips-1.0.2.3.jar

 

SPS_TOMCAT_OPTS="-Dcatalina.base=${TOMCAT_HOME} -Dcatalina.home=${TOMCAT_HOME} -Djava.io.tmpdir=${TOMCAT_HOME}/temp -DHTTPClient.log.mask=0 -DHTTPClient.Modules
=HTTPClient.RetryModule|org.tigris.noodle.NoodleCookieModule|HTTPClient.DefaultModule -Dlogger.properties=${TOMCAT_HOME}/properties/logger.properties  $STS_AGEN
T_LOG_CONFIG_FILE -Dfile.encoding=UTF8 -DIWACONFIGHOME=$IWACONFIGHOME_STS"

 

Powered by Wolken Software