000033084 - Java and keytool errors when running puppet agent -t on the RSA Security Analytics Server

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033084
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics Server
RSA Version/Condition: 10.5.2.0
Platform: CentOS
O/S Version: EL6
 
IssueWhen issuing the command "puppet agent -t", it runs with the below errors:
 
Info: Loading facts 
Info: Retrieving pluginfacts 
Info: Retrieving plugin 
Info: Loading facts 
Info: Caching catalog for ad7de4d6-9faa-4e38-a210-2976b1289a91 
Info: Applying configuration version '1453376565' 
Notice: /Stage[main]/Ssh/Exec[fix-ssh]/returns: executed successfully 
Error: Execution of 'keytool -importkeystore -srcstoretype PKCS12 -destkeystore /opt/rsa/carlos//keystore.jks -srckeystore /tmp/carlos.20160505-16907-lmik1o-0 -alias carlos' returned 1: Error: Could not execute posix command: No such file or directory - keytool 
Error: /Stage[main]/Carlos/Java_ks[carlos]/ensure: change from absent to latest failed: Execution of 'keytool -importkeystore -srcstoretype PKCS12 -destkeystore /opt/rsa/carlos//keystore.jks -srckeystore /tmp/carlos.20160505-16907-lmik1o-0 -alias carlos' returned 1: Error: Could not execute posix command: No such file or directory - keytool 
Error: Execution of 'keytool -importcert -noprompt -alias puppetca -file /var/lib/puppet/ssl//certs/ca.pem -keystore /etc/alternatives/jre/lib/security/cacerts -trustcacerts' returned 1: Error: Could not execute posix command: No such file or directory - keytool 
Error: /Stage[main]/Carlos/Java_ks[puppetca]/ensure: change from absent to latest failed: Execution of 'keytool -importcert -noprompt -alias puppetca -file /var/lib/puppet/ssl//certs/ca.pem -keystore /etc/alternatives/jre/lib/security/cacerts -trustcacerts' returned 1: Error: Could not execute posix command: No such file or directory - keytool
CauseThis happens because the the Java alternatives are not pointing to the correct links which should be the jre-1.8.0-openjdk.x86_64/bin/java.
ResolutionTo fix this, you will have to point the Java alternatives to the correct links.
  1. Connect to the Security Analytics Server via SSH as the root user.
  2. Issue the following command:
    [root@sa reporting-engine]# alternatives --config java
    There are 2 programs which provide 'java'.
      Selection    Command
    -----------------------------------------------
     + 1           /usr/lib/jvm/jre-1.8.0-openjdk.x86_64/bin/java
    *  2           /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java

  3. Type the number of the correct Java alternatives which is "1" in this case.
  4. Issue the command below again.
    puppet agent -t

It will run now without the errors.

Attachments

    Outcomes