Article Content
Article Number | 000036952 |
Applies To | RSA Product Set: Identity Governance & Lifecycle RSA Product/Service Type: Appliance RSA Version/Condition: 7.0.0 and above |
Issue | After replacing the certificates for the RSA Identity Governance and Lifecycle application, it fails to start. On examination, the following error is found in the WildFly log file: server.log.
When the /home/oracle/keystore/aveksa.keystore file is examined, the following results are returned.
NOTE: The recommended password for the aveksa.keystore is: Av3k5a15num83r0n3 |
Cause | The "server" alias in the aveksa.keystore is not of Entry type: PrivateKeyEntry. This is why WildFly reports that the file does not contain any keys. This can occur if the "server" alias is replaced by a certificate. Certificates are of Entry type: trustedCertEntry |
Resolution | Work through all the steps from article 000030130 - How to replace the server certificate used for the RSA Identity Governance & Lifecycle appliance web administration interface This is because the Private Key entry in the aveksa.keystore is missing and needs to be re-generated. Step 2 from article 30130 is as follows.
This creates a new keystore file, with the "server" alias that is of Entry type: PrivateKeyEntry |
Notes | Please note that in this situation, no entries will be added to the aveksaServer.log, because the application is yet to start. |