RSA Authentication manager fails to boot as usual and errors "com.rsa.ims.security.keymanager.sys.SystemModificationThresholdException: System was modified beyond the allowed threshold, cannot decrypt." during RSA Authentication Manager 8.x bootup
RSA Authentication Manager services fail to start
RSA Authentication Manager Server does not allow reverting to default certificate.
The RSA Authentication Manager 8.x software knows the hardware (or virtual hardware) on which it is installed, so moving the virtual appliance from one ESX host to another (with regards to a VMware environment) will cause a problem with the Authentication Manager system fingerprint. The most common change is the MAC address of the virtual network card.
An administrator is required to use the command rsautil manage-secrets –a recover to reset the system fingerprint.
login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system user password>
Last login: Thu May 20 09:18:20 2021 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
Go to /opt/rsa/am/utils.
Use the command ./rsautil manage-secrets –a recover to restore the system fingerprint.
rsaadmin@am85:> cd /opt/rsa/am/utils
rsaadmin@am85:/opt/rsa/am/utils> ./rsautil manage-secrets -a recover
Please enter OC Administrator username: <enter Operations Console administrator name>
Please enter OC Administrator password: <enter Operations Console administrator password>
Machine fingerprint restored successfully.