000032612 - AFX Server fails to start with java.lang.StackOverflowError errors in the log files after changing the application server hostname in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Feb 17, 2020Last modified by RSA Customer Support Employee on Aug 24, 2020
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000032612
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle 
RSA Version/Condition: 6.9.1, 7.x
 
IssueAfter running modifyhostname.sh on an RSA Identity Governance & Lifecycle hard/soft appliance, the AFX Server fails to start and the following message is displayed on the console:

All remote collector agents and AFX servers will need to have their client certificates
re-created within RSA IGL and then be downloaded and re-deployed.


  The following errors are logged to the AFX log files:
 
In the $AFX_HOME/esb/logs/esb.AFX-INIT.log:

 


2020-08-21 14:29:55.072 [INFO] com.aveksa.afx.server.init.SubmitInitializationRequestComponent:71 -
Error occurred during initialization java.lang.StackOverflowError
2020-08-21 14:29:55.072 [ERROR] com.aveksa.afx.server.init.SubmitInitializationRequestComponent:196 -
Error while attempting to execute initialization request!
2020-08-21 14:29:55.073 [ERROR] com.aveksa.afx.server.init.ServerInitializationComponent:79 -
Server initialization failed! Please correct the issue and restart AFX.
org.mule.api.MessagingException: null (java.lang.StackOverflowError).
Message payload is of type: PostMethod
at
...
Caused by: java.lang.StackOverflowError
at com.rsa.cryptoj.o.ax.<init>(SourceFile)
at com.rsa.cryptoj.o.ad.<init>(SourceFile)
at com.rsa.cryptoj.o.ac.a(SourceFile)
at com.rsa.cryptoj.o.aw.c(SourceFile)
at com.rsa.cryptoj.o.av.c(SourceFile)
at com.rsa.cryptoj.o.c.b(SourceFile)
at com.rsa.cryptoj.o.c.a(SourceFile)
at com.rsa.cryptoj.o.ak.c(SourceFile)
at com.rsa.cryptoj.o.c.b(SourceFile)
at com.rsa.cryptoj.o.c.a(SourceFile)
at com.rsa.cryptoj.o.a.a(SourceFile)
at com.rsa.cryptoj.o.a.a(SourceFile)
at com.rsa.cryptoj.o.a.a(SourceFile)

 

In the $AFX_HOME/esb/logs/esb.AFX-MAIN.log:

 


2020-08-21 14:29:56.081 [ERROR] org.mule.module.launcher.application.DefaultMuleApplication:361 -
null java.lang.IllegalArgumentException:
Could not resolve placeholder 'afx.server.activemq.password'

in string value "${afx.server.activemq.password}"
...
2020-08-21 14:29:56.083 [INFO] org.mule.module.launcher.application.DefaultMuleApplication:193 -
App '15_AFX-MAIN' never started, nothing to dispose of

 

In the $AFX_HOME/esb/logs/mule_ee.log:

 


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Failed to deploy artifact '10_AFX-INIT', see below       +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
org.mule.module.launcher.DeploymentInitException: StackOverflowError:
at org.mule.module.launcher.application.DefaultMuleApplication.init(DefaultMuleApplication.java:196)
at org.mule.module.launcher.artifact.ArtifactWrapper$2.execute(ArtifactWrapper.java:62)
at org.mule.module.launcher.artifact.ArtifactWrapper.executeWithinArtifactClassLoader(ArtifactWrapper.java:129)
at org.mule.module.launcher.artifact.ArtifactWrapper.init(ArtifactWrapper.java:57)
at org.mule.module.launcher.DefaultArtifactDeployer.deploy(DefaultArtifactDeployer.java:25)
at org.mule.module.launcher.DefaultArchiveDeployer.guardedDeploy(DefaultArchiveDeployer.java:310)
at org.mule.module.launcher.DefaultArchiveDeployer.deployArtifact(DefaultArchiveDeployer.java:330)
at org.mule.module.launcher.DefaultArchiveDeployer.deployExplodedApp(DefaultArchiveDeployer.java:297)
at org.mule.module.launcher.DefaultArchiveDeployer.deployExplodedArtifact(DefaultArchiveDeployer.java:108)
at org.mule.module.launcher.DeploymentDirectoryWatcher.deployExplodedApps(DeploymentDirectoryWatcher.java:289)
at org.mule.module.launcher.DeploymentDirectoryWatcher.start(DeploymentDirectoryWatcher.java:146)
at org.mule.module.launcher.MuleDeploymentService.start(MuleDeploymentService.java:99)
at org.mule.module.launcher.MuleContainer.start(MuleContainer.java:152)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.mule.module.reboot.MuleContainerWrapper.start(MuleContainerWrapper.java:52)
at org.tanukisoftware.wrapper.WrapperManager$11.run(WrapperManager.java:4048)
Caused by: org.mule.api.config.ConfigurationException:
Error creating bean with name 'serverInitialization'
defined in URL [file:/home/oracle/AFX/esb/apps/10_AFX-INIT/mule-config.xml]:
Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException:
Could not instantiate bean class [com.aveksa.afx.server.init.ServerInitializationComponent]:
Constructor threw exception; nested exception is org.mule.api.lifecycle.InitialisationException:
Server initialization failed! Please correct the issue and restart AFX.
(org.mule.api.lifecycle.InitialisationException) (org.mule.api.config.ConfigurationException)
....
Caused by: org.mule.api.MessagingException: null (java.lang.StackOverflowError).
Message payload is of type: PostMethod
at org.mule.execution.ExceptionToMessagingExceptionExecutionInterceptor.execute
(ExceptionToMessagingExceptionExecutionInterceptor.java:32)
at org.mule.execution.MessageProcessorNotificationExecutionInterceptor.execute
(MessageProcessorNotificationExecutionInterceptor.java:58)
at org.mule.execution.MessageProcessorExecutionTemplate.execute
(MessageProcessorExecutionTemplate.java:44)
at org.mule.processor.chain.SimpleMessageProcessorChain.doProcess
(SimpleMessageProcessorChain.java:43)
at org.mule.processor.chain.AbstractMessageProcessorChain.process
(AbstractMessageProcessorChain.java:67)
...
Caused by: java.lang.StackOverflowError
at com.rsa.cryptoj.o.aw.c(SourceFile)
at com.rsa.cryptoj.o.av.c(SourceFile)
at com.rsa.cryptoj.o.c.b(SourceFile)
at com.rsa.cryptoj.o.c.a(SourceFile)
at com.rsa.cryptoj.o.ak.c(SourceFile)
at com.rsa.cryptoj.o.c.b(SourceFile)
at com.rsa.cryptoj.o.c.a(SourceFile)
at com.rsa.cryptoj.o.a.a(SourceFile)
at com.rsa.cryptoj.o.a.a(SourceFile)
at com.rsa.cryptoj.o.a.a(SourceFile)


 
CauseThe console message is explaining that the AFX and remote collection agent client certificates need to be regenerated and redeployed.

When the hostname is changed using the modifyhostname.sh script, the script generates a new server.keystore that uses a newly generated certificate authority (CA) and hostname certificate. When the server.keystore is updated, the AFX and remote collection agent client certificates also need to be updated.
 
ResolutionTo resolve this issue:
  • Download and redeploy the server certificate.
  • Regenerate, download, and redeploy the client certificates for each AFX agent and remote collection agent.
For steps on regenerating and redeploying server and client certificates, see RSA Knowledge Base Article 000038314 -- How to Update the Root (Server) and Client Certificates in RSA Identity Governance & Lifecycle starting at step 3 under Update the server certificate - Click the Download button and save the server.keystore to a location on your computer.

NOTE: The server certificate does not need to be regenerated because the modifyhostname.sh procedure has already done that. However, regenerating the server certificate will cause no harm as long as you do that before all other steps. That is, regenerating the server certificate must be the first step in the process as it is written in the above-referenced RSA Knowledge Base Article.
 

Attachments

    Outcomes