Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000013480 - Webserver failed to start - Lockbox fingerprint has changed

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 22, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000013480
Applies To	Error in pi_webserver.log: Jan 2, 2014 12:51:30 PM com.opensystems.privatei.util.Logger:SEVERE: exception java.lang.Exception: Error: -9 LockBox::LockBox : The lockbox stable value threshold was not met because the system fingerprint has changed. To reset the system fingerprint, open the lockbox using the passphrase. at com.emc.clb.clbBridge.clbBridgeJNI.new_LockBox(Native Method) at com.emc.clb.clbBridge.LockBox.<init>(LockBox.java:69) at com.emc.clb.LockBox.<init>(LockBox.java:230) at com.rsa.envision.security.lockbox.FileLockBox.<init>(FileLockBox.java:25) at com.rsa.envision.security.lockbox.FileLockBoxFactory.addFileLockBox(FileLockBoxFactory.java:74) at com.rsa.envision.security.lockbox.FileLockBoxFactory.getFileLockBox(FileLockBoxFactory.java:57) at com.rsa.envision.security.lockbox.InMemoryLockBox.<init>(InMemoryLockBox.java:33) at com.rsa.envision.security.lockbox.InMemoryLockBox.getInstance(InMemoryLockBox.java:60) at com.opensystems.privatei.PrivateIServer.initializeLockBox(PrivateIServer.java:372) at com.opensystems.privatei.PrivateIServer.init(PrivateIServer.java:143) RSA enVision
Issue	Webserver failed to start - Lockbox fingerprint has changed
Cause	The passphrase does not match in Lockbox, possibly due to master account password change.
Resolution	To correct, using lockbox utillity tool provided by engineering (ECE-1235) to re-create site/temp lockbox files. General notes for using lockboxutil.exe --Run this command line utility from DS1. You can run this from any folder, avoid running this from inside envision folders --The tool only fixes the site lockbox with the supplied values and does not change any passwords in the system --Both the site lockbox and dB lockbox will be re-created (overwritten if it exists) --Make sure the .../CSD/config/lockbox folder is present before running the tool. Create this manually if folder is missing --All passwords supplied while recreating sitelockbox should be same as what being used in the system. The utility does not test for the correctness of the passwords --The ASrv hostnames to be included should be fully qualified. Eg: LS1-AS1.LS1.nic ?You need to supply the hostnames for all the ASrvs present in the setup ?Enter 'n' as the ASrv hostname after supplying all the other ASrv hostnames. Example input for an LS setup with 2 ASrvs is as follows Enter list of Asrv fqdn hostnames one by one (input 'n' to mark the end) Enter Asrv fqdn hostname (Eg: LSSite-AS1.LSSite.nic): LS1-AS1.LS1.nic Enter Asrv fqdn hostname (Eg: LSSite-AS1.LSSite.nic): LS1-AS2.LS1.nic Enter Asrv fqdn hostname (Eg: LSSite-AS1.LSSite.nic): n --If sitelockbox exists then it will be overwritten after running this tool ?you can re-run the tool to overwrite existing passwords inside site lockbox with new ones --lockbox.log file for debugging will be created in the same directory from where you execute the tool
Legacy Article ID	a63570

Attachments

Outcomes

0 Comments

Recommended Content