000019448 - Errors encountered when running ./sdconnect start for the first time in RSA ACE/Server 5.2

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019448
Applies ToRSA ACE/Server 5.2
UNIX
IssueErrors encountered when running ./sdconnect start for the first time in RSA ACE/Server 5.2
Error: "2380:error:0D0A0007:asn1 encoding routines:D2I_X509_ALGOR:expecting an asn1 sequence:x_algor.c:47:address=1047697 offset=0"
Error: "2380:error:0D09F004:asn1 encoding routines:D2I_X509:nested asn1 error:x_x509.c:66:address=1047336 offset=361"
Error: "2380:error:140AC80D:SSL routines:SSL_CTX_USE_CERTIFICATE_ASN1:ASN1 lib:ssl_rsa.c:1020:"
Error: "Unable to load certificate"
Error: "Dec 17 10:03:23 scrapdogg ACESERVER: [ID 505037 user.info] (1) AUTHENTICATION : Admin Server SSL server side initialization failed  in admin_server initialization failed, check certificates with (Error 20020)."
The output of sdconnect start is as follows:

 Copyright 1994 - 2003 by RSA Security Inc.
                         RSA ACE/Server 5.2
 
                       ---ALL RIGHTS RESERVED---
Message: Starting server database broker and page writers.
10:03:20 BROKER  0: Multi-user session begin. (333)
10:03:20 BROKER  0: This server accepts secure clients only
10:03:20 BROKER  0: Started for sdserv using TCP, pid 2346. (5644)
10:03:20 APW     1: Started. (2518)
10:03:20 BIW     2: Started. (2518)
Message: Starting log database broker and page writers.
10:03:20 BROKER  0: Multi-user session begin. (333)
10:03:20 BROKER  0: This server accepts secure clients only
10:03:20 BROKER  0: Started for sdlog using TCP, pid 2354. (5644)
10:03:20 APW     1: Started. (2518)
10:03:20 BIW     2: Started. (2518)
Message: Starting Automated Audit Log Maintenance.
Message: Starting Administration Daemon.
Message: Error Starting the sdadmind server
Message: Starting Job Executor Daemon.
Message: Starting Web Admin Daemon.
Unable to load certificate
2380:error:0D0A0007:asn1 encoding routines:D2I_X509_ALGOR:expecting an asn1 sequence:x_algor.c:47:address=1047697 offset=0
2380:error:0D09F004:asn1 encoding routines:D2I_X509:nested asn1 error:x_x509.c:66:address=1047336 offset=361
2380:error:140AC80D:SSL routines:SSL_CTX_USE_CERTIFICATE_ASN1:ASN1 lib:ssl_rsa.c:1020:
Message: Starting Replication.
Message: Database broker start operation completed
The system log shows the following errors when running ./sdconnect start:

Dec 17 10:03:23 scrapdogg ACESERVER: [ID 505037 user.info] (1) AUTHENTICATION : Admin Server SSL server side initialization failed  in admin_server initialization failed, check certificates with (Error 20020).
Dec 17 10:03:25 scrapdogg JSED: [ID 477914 user.info] (2) MESSAGE : Job executor STARTED.
Dec 17 10:03:29 scrapdogg ACESERVER: [ID 978520 user.info] (5) ACESYNCHD : Replica successfully bound to port 5505 (172.168.1.102)  CrossRealm ACM_OK 0. [acesyncd.c.1115.1]
Dec 17 10:03:29 scrapdogg ACESERVER: [ID 821012 user.info] (5) ACESYNCHD : RSA ACE/Server syncsrvc service started.
Dec 17 10:03:29 scrapdogg ACESERVER: [ID 622954 user.info] (5) ACESYNCHD : Acesyncd Primary Started  (172.168.1.102)  CrossRealm ACM_OK 0. [acesyncd.c.1213.2]
Dec 17 10:03:56 scrapdogg named[167]: [ID 295310 daemon.notice] check_root: 1 root servers after query to root server < min
CauseThe server.cer and server.key files are corrupted
ResolutionTo correct this issue, replace the /ace/data/server.cer and server.key files with an uncorrupted key pair. Locate these files on your license diskette and replace them in the /ace/data directory on your ACE/Server.

If you do not have a copy of the license diskette, contact RSA Security Customer Support at 1-800-995-5095 and request that a new set of license files be sent to you.
Legacy Article IDa19812

Attachments

    Outcomes