CA WA System Agent service will not stay up. Error: Exception in thread "MainThread" cybermation.agent.CybAgentDriver$CybAgentInstantiationError: java.lang.IllegalStateException: Unable to read raw key


Article ID: 36938


Updated On:


CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) CA Workload Automation Agent CA Workload Automation Agents DSERIES- SERVER CA Workload Automation DE - System Agent (dSeries)


CA Workload Automation System Agent service fails to start. The nohup.stderr in agent installation directory and defaultlog_agent.log file in agent's log directory reveal the following Java exception:

main.MainThread.CybTcpipControllerPlugin.initialize[:274] - Receiver/Transmitter initializing...


main.MainThread.CybTcpipControllerPlugin.initialize[:312] - Unable to read raw key material




                                                                               at cybermation.commplugins.tcpip.protocol.CybAgentKeyObtainer.initialize(






                                                                             Caused by: cryptkey.txt (No such file or directory)


                                                                               at Source)


                                                                               at<init>(Unknown Source)


                                                                               at<init>(Unknown Source)







By default, the encryption key is stored in the cryptkey.txt file, which is located in the agent installation directory. The aforementioned java exception happens when, either the cryptkey.txt file is missing in the agent installation directory or the security.cyrptkey parameter in the agentparm.txt file is set to an invalid path for the cryptkey.txt file.


CA Workload Automation Agent on Windows, UNIX/Linux systems.


  1. If you are using the default agent encryption key (specified during the installation) and the cryptkey.txt file is missing in the agent installation directory, then you may copy it from another working CA WA Agent host.


  1. If you are using a non-default agent encryption key, and the cryptkey.txt file is missing, then you may generate the cryptkey.txt file using the keygen utility that is provided with the agent. Please refer to the following URL on keygen utility usage:

Set the Encryption on the Agent Using the Keygen Utility

  1. When a non-default agent encryption key is used, remember to update the agent's key in the Scheduling Manager. In case of CA Workload Automation DE, the Agent Definition "Encryption key used from server to agent" needs to be updated in Topology. If the Manager is CA Workload Automation AE, then key_to_agent: and encryption_type: JIL attributes needs to be updated in the machine definition.