Article Content
Article Number | 000029249 |
Applies To | RSA Product Set: RSA Identity Governance & Lifecycle RSA Version/Condition: 6.9.1, 7.0.x, 7.1.x |
Issue | The AFX Server in RSA Identity Governance & Lifecycle is in a Not running State in the user interface (AFX > Servers). When logged into the application server as the afx user, the afx status command shows the startup timed out and the AFX Server never fully starts.
When starting AFX, the following errors are logged to the AFX log files: $AFX_HOME/esb/logs/mule_ee.log:
$AFX_HOME/esb/logs/esb.AFX-INIT.log:
|
Cause | This issue occurs because the truststore password that is in use for the JDK truststore (cacerts) does not match the Default Truststore Password defined for the AFX Server. |
Resolution | The default JDK truststore (cacerts) password is changeit. If the default password has not been changed, then that is the password that must be used for the Default Truststore Password under AFX > Servers > {AFX Server name} > Edit. If the default JDK truststore password has been changed, then the modified password must be used in the Default Truststore Password definition for the AFX Server. To resolve this issue, follow the steps below.
If the cacerts password is changeit, then this command will list the contents of the keystore. If the cacerts password is not changeit, the following error will occur:
If the password is not changeit, someone at your site has changed the password and you will need to determine what that password is. To confirm that you have the correct password, run the keytool -list command again with the correct password and verify that the truststore contents are listed.
|
Notes | In 7.0.0 and 6.9.1 the AFX logs are located in: $AFX_HOME/mule/logs and the log files are called:
|