1. The Identity Service is throwing an error.
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tokenSupport': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Failed to load per-partition Certificates (KeyPair) at startup!
2. Creation of admin user failed, can verify the same by executing the below command:
/opt/symantec/icdx/id_epmp_dx-<version>/idusers.sh list (This command should return empty response)
3. idusers.sh tool throw error while creating admin user
sudo -E -u icdx /opt/symantec/icdx/id_epmp_dx-<version>/idusers.sh admin admin
Exception in thread "main" java.lang.reflect.InvocationTargetException
---
Caused by: java.security.NoSuchAlgorithmException: PBKDF2WithHmacSHA256 SecretKeyFactory not available
at javax.crypto.SecretKeyFactory.<init>(SecretKeyFactory.java:122)
1. Stop launcher_dx service If it's in running state : systemctl stop launcher_dx
2. Edit the java.security file
vi /etc/java/java-<version>/java-<version>/lib/security/java.security
Comment out security.useSystemPropertiesFile=true
add security.disableSystemPropertiesFile=true
# Determines whether this properties file will be appended to
# using the system properties file stored at
# /etc/crypto-policies/back-ends/java.config
#
# security.useSystemPropertiesFile=true
security.disableSystemPropertiesFile=true
3. Edit the idusers.sh file (opt/symantec/icdx/id_epmp_dx-<version>/idusers.sh)
vi /opt/symantec/icdx/id_epmp_dx-<version>/idusers.sh
Add -Djava.security.disableSystemPropertiesFile=true
Ex:java -Djava.security.disableSystemPropertiesFile=true -Dlogback.configurationFile=logback-idusers.xml -Dloader.main=com.symantec.platform.identity.builtin.BuiltinMain -jar lib/id_epmp_i-1.4.79.jar "$@"
4. Create admin user by executing the following command :
sudo -E -u icdx /opt/symantec/icdx/id_epmp_dx-<version>/idusers.sh admin admin
*this example creates the user 'admin' with a password of 'admin' (create whatever you would like)
Ex:[root@localhost ~]#sudo -E -u icdx /opt/symantec/icdx/id_epmp_dx-1.6.128-45/idusers.sh admin admin
Created user admin
5. Start launcher_dx service: systemctl start launcher_dx
Verify Identity service logs, it should start without any error/exception
Ex:
2024-05-24 12:20:55,678 [main] INFOc.s.platform.identity.IdentityServiceMain - Identity Service startup completed; using local port 8035
2024-05-24 12:20:55,678 [main] INFOlifecycle - Identity Service startup completed; using local port 8035
2024-05-24 12:20:55,700 [main] INFOc.s.platform.identity.IdentityServiceMain - Started IdentityServiceMain in 12.132 seconds (JVM running for 13.99)
6. Reboot the vm
7.Login to the ICDx UI and confirm you can add collectors and forwarders.