Error: "The certificate authority keystore is missing or corrupt" when attempting to add a Detection Server to a new Enforce Server
search cancel

Error: "The certificate authority keystore is missing or corrupt" when attempting to add a Detection Server to a new Enforce Server

book

Article ID: 371070

calendar_today

Updated On:

Products

Data Loss Prevention Core Package Data Loss Prevention Data Loss Prevention Enforce

Issue/Introduction

When attempting to add an Endpoint server to a new Enforce server, you get red banner with these errors:
"The certificate authority keystore is missing or corrupt. Please repair the keystore for success.".
"Failed to contact the server controller. Make sure Symantec DLP Detection Server Controller service is running."

Attempts to set the password for the certificate_authority_v1.jks using the Enforce console (System > Settings > General > Configure > Change Endpoint and Network Discover Communications Keystore Password) fail with the red banner saying:

"An unexpected error has occurred. This could be due to one of the following: 1) Your session timed out and you selected a link that was no longer valid, 2) You used the browser back or forward button placing the system into an inconsistent state, or 3) The system experienced a temporary problem." 

Attempts to recreate the keystore by removing it and rebooting do not resolve this issue.

Environment

New install of 16.0.2 Enforce on a RHEL 8.x system in a two-tier configuration.
Oracle 19c Enterprise.

Cause

The keystore was corrupted during the install.
The reason is unknown.

Resolution

  1. Uninstalled Enforce.
  2. Rebooted the Enforce host server.
  3. Reinstalled Enforce and chose to initialize the database during the reinstall.

 

After the reinstall of Enforce was complete, the Detection Servers were successfully added to the console.

Powered by Wolken Software