Identity Manager startup fails with SecurityException: Toolkit not encapsulated by a jar
search cancel

Identity Manager startup fails with SecurityException: Toolkit not encapsulated by a jar

book

Article ID: 76478

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

After installing, or upgrading to, Identity Manager 14.1, the startup fails after Step 1 with the messages below:

11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) CA IAM Framework Server
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) Copyright 2000 - 2013 CA. All Rights Reserved
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) ################################################
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) # IAM Framework 400.1.0.0.369
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) ################################################
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) ################################################
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) # CA Identity Manager 14.1.0.0.347
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) ################################################
11:47:20,505 INFO [ims.Main] (ServerService Thread Pool -- 100) ---- CA IAM FW Startup Sequence Initiated. ----
11:47:20,521 INFO [ims.Main] (ServerService Thread Pool -- 100) * Startup Step 1 : Attempting to start ServiceLocator.
11:47:20,911 ERROR [ims.Main] (ServerService Thread Pool -- 100) The IAM FW Startup was not successful
11:47:20,927 ERROR [ims.Main] (ServerService Thread Pool -- 100) java.lang.SecurityException: Toolkit not encapsulated by a jar.
at com.rsa.cryptoj.f.ug.d(Unknown Source)
at com.rsa.cryptoj.f.ug.b(Unknown Source)
at com.rsa.cryptoj.f.nd.b(Unknown Source)
at com.rsa.cryptoj.f.nd.c(Unknown Source)
at com.rsa.jsafe.CryptoJ.setMode(Unknown Source)
at com.netegrity.ims.bootstrap.Main.start(Main.java:202)
at com.netegrity.webapp.SystemInitializer.contextInitialized(SystemInitializer.java:44)
at org.apache.catalina.core.StandardContext.contextListenerStart(StandardContext.java:3339)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:3780)
at org.jboss.as.web.deployment.WebDeploymentService.doStart(WebDeploymentService.java:163)
at org.jboss.as.web.deployment.WebDeploymentService.access$000(WebDeploymentService.java:61)
at org.jboss.as.web.deployment.WebDeploymentService$1.run(WebDeploymentService.java:96)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
at org.jboss.threads.JBossThread.run(JBossThread.java:122)

 

Environment

Identity Manager 14.1 (integrated with SSO/SiteMinder 12.7, 12.8)
JBoss

Cause

The failure is caused by a missing resource definition  in module.xml.
 

CryptoJFIPS.jar and its resource-root path is missing from <jboss>\modules\com\ca\iam\crypto\main

 

    <resources>

        <resource-root path="bc_001-fips-1.0.0.jar"/>

    <resource-root path="cryptojFIPS.jar"/>

</resources>

Resolution

1. Copy cryptoJFIPS.jar from \standalone\deployments\iam_im.ear\library to \modules\com\ca\iam\crypto\main\
 

2.  Edit <jboss>\modules\com\ca\iam\crypto\main\module.xml

            add <resource-root path="cryptojFIPS.jar"/> under <resources>

3. Restart IM Server.

Sample:

<?xml version="1.0" encoding="UTF-8"?><module xmlns="urn:jboss:module:1.1" name="com.ca.iam.crypto">

    <resources>

        <resource-root path="bc_001-fips-1.0.0.jar"/>

    <resource-root path="cryptojFIPS.jar"/>

</resources>

<dependencies>

      <module name="javax.api"/>

</dependencies>

</module>