000021049 - Upgrade process hangs when upgrading from Keon Certificate Authority 6.5.1 to RSA Certificate Manager 6.6

Document created by RSA Customer Support Employee on Oct 4, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000021049
Applies ToRSA Product Set: RSA Certificate Manager, Keon Certificate Authority 6.5.1
RSA Version/Condition: 6.6, 6.8
Platform: Sun Solaris 2.9
IssueUpgrade process hangs when upgrading from Keon Certificate Authority 6.5.1 to RSA Certificate Manager 6.6
Upgrader hangs on "Generating database content (LDIF) file..." and xu_ldbmcat.out shows "Attribute name collision encountered"
When running ./UPGRADE from the folder /opt/KeonCA_6.5.1/RSA_KeonCA/Upgrader, the command hangs with the following logs:

Entering directory:
        /opt/KeonCA_6.5.1/RSA_KeonCA/Upgrader/bin
Executing `upgrader -mode gen'...
Processing Administration configuration file...
Processing Secure Directory configuration file...
Creating Upgrade Package directory structure...
Copying files to the Upgrade Package directory...
Shutting down Administration and Secure Directory...
The Secure Directory Server does not appear to be running.
cat: cannot open /opt/KeonCA_6.5.1/RSA_KeonCA/WebServer/logs/httpd.pid
./stop: usage: kill [ [ -sig ] id ... | -l ]
/opt/KeonCA_6.5.1/RSA_KeonCA/WebServer/logs/httpd.pid: No such file or directory
Generating database content (LDIF) file...

Process hangs here, no CPU utilization.
When stopping the ./UPGRADE command using CTRL-C, the following output may show up on some systems:

^CInvokeExternlCommand: Error executing the following command
["./xu_ldbmcat" -mode upgrade  -r "/opt/RCM/81004313/RSA_KeonCA/Upgrader/dist/ldif_generate.xml" -lin ./ldbmcat.out -s "/opt/RCM/81004313/RSA_KeonCA/Xudad/dist/schema.conf" -t "/opt/RCM/81004313/RSA_KeonCA/Upgrader/conf/schema.conf" -m "/opt/RCM/81004313/RSA_KeonCA/Upgrader/package/Xudad/dist/schema.conf" -lout "/opt/RCM/81004313/RSA_KeonCA/Upgrader/package/Xudad/db/upgrade.ldif" -hiAvailability]
When using RSA Certificate Manager 6.8 upgrader, the following message shows in /opt/RSA_CM/Upgrader/bin/xu_ldbmcat.out file:
Attribute name collision encountered
The objectclass xuda_domain_config already
has an attribute named extPublish_encryptBindPW.
Please provide an alternative name or
cancel the operation
Enter a value:
The objectclass xuda_ca already has an attribute named crlInvalidityDateMode.
Please provide an alternative name or cancel the operation
Enter a value:

User running Keon Sentry 3.x and upgraded to RSA Certificate Manager 6.6 over the course of several years.
ResolutionCheck and compare the schema file RSA_CM/Xudad/dist/schema.conf from the installation that is failing to another good RCM installation of same version and build.  If there are differences, copy schema.conf from good RCM installation to the current RCM being upgraded, and re-run the upgrader.  If this step does not resolve the problem, and the steps described below also do not help or do not apply, contact RSA Customer Support for further assistance.
To validate that you are experiencing this issue, go into the /Upgrader/bin/ folder and run the command (on one single line):
 
./xu_ldbmcat -mode upgrade  -r "<full path>/RSA_KeonCA/Upgrader/dist/ldif_generate.xml" -lin ./ldbmcat.out -s "<full path>RSA_KeonCA/Xudad/dist/schema.conf" -t "<full path>/RSA_KeonCA/Upgrader/conf/schema.conf" -m "<full path>/RSA_KeonCA/Upgrader/package/Xudad/dist/schema.conf" -lout "<full path>/RSA_KeonCA/Upgrader/package/Xudad/db/upgrade.ldif" -hiAvailability

You should then be prompted with the following text:

Attribute name collision encountered
The objectclass xuda_ca already
has an attribute named crlInvalidityDateMode.
Please provide an alternative name or
cancel the operation
Enter a value:

If you have this specific issue, contact RSA Customer Support and ask for the hot fix for this issue, referencing this article number.
Legacy Article IDa31356

Attachments

    Outcomes