This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console

Article Number

000029178

Applies To

RSA Product Set:  SecurID
RSA Product/Service Type:  RSA Authentication Manager
RSA Version/Condition:  8.1 

Issue

The RSA RADIUS Server  service failed to start in the RSA Authentication Manager 8.1 Operations Console.  The following error was reported in the /opt/rsa/am/server/logs/radiusoc.log log file.
  
####<Dec 8, 2014 1:31:47 PM EST> <Error> <Security> <app81p> <radiusoc> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> 
<<WLS Kernel>> <> <> <1418005907269> <BEA-090870> <The realm "rsa" failed to be loaded: weblogic.security.service.SecurityServiceException: 
com.bea.common.engine.ServiceInitializationException: 
weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file 
/opt/rsa/am/appserver/weblogic/server/lib/XACMLAuthorizerInit.ldift..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: 
A failure occurred attempting to load 
LDIF for provider Authorizer from file /opt/rsa/am/appserver/weblogic/server/lib/XACMLAuthorizerInit.ldift.

        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:466)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:870)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1034)
        at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:879)
        at weblogic.security.SecurityService.start(SecurityService.java:148)
        at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: 
A failure occurred attempting to load LDIF for provider Authorizer from file /opt/rsa/am/appserver/weblogic/server/lib/XACMLAuthorizerInit.ldift.
        at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
        at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
        at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
        at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
        at weblogic.security.service.CSSWLSDelegateImpl.getService(CSSWLSDelegateImpl.java:155)
        at com.bea.security.css.CSS.getService(CSS.java:123)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:458)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:871)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1034)
        at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:879)
        at weblogic.security.SecurityService.start(SecurityService.java:148)
        at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file 
/opt/rsa/am/appserver/weblogic/server/lib/XACMLAuthorizerInit.ldift.
        at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadFullLDIFTemplate(BootStrapServiceImpl.java:910)
        at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadLDIFTemplate(BootStrapServiceImpl.java:688)
        at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadLDIFXACMLAuthorizerTemplate(BootStrapServiceImpl.java:178)
        at com.bea.common.store.bootstrap.internal.BootStrapServiceImpl.loadLDIFXACMLAuthorizerTemplate(BootStrapServiceImpl.java:162)
        at com.bea.common.security.internal.service.BootStrapServiceImpl.loadLDIFXACMLAuthorizerTemplate(BootStrapServiceImpl.java:109)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
        at com.sun.proxy.$Proxy7.loadLDIFXACMLAuthorizerTemplate(Unknown Source)
        at com.bea.security.providers.xacml.store.AuthorizationPolicyStore.init(AuthorizationPolicyStore.java:81)
        at com.bea.security.providers.xacml.store.DefaultPolicyStoreConfigurator.newPolicyStore(DefaultPolicyStoreConfigurator.java:22)
        at weblogic.security.providers.xacml.authorization.PolicyDecisionPointFactory.getStore(PolicyDecisionPointFactory.java:265)
        at weblogic.security.providers.xacml.authorization.PolicyDecisionPointFactory.getAuthorization(PolicyDecisionPointFactory.java:69)
        at weblogic.security.providers.xacml.authorization.XACMLAuthorizationProviderImpl.initialize(XACMLAuthorizationProviderImpl.java:127)
        at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:60)
        at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
        at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
        at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
        at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
        at weblogic.security.service.CSSWLSDelegateImpl.getService(CSSWLSDelegateImpl.java:155)
        at com.bea.security.css.CSS.getService(CSS.java:123)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:458)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:871)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1034)
        at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:879)
        at weblogic.security.SecurityService.start(SecurityService.java:148)
Note that app81p is the short name of the Authentication Manager instance where this error was found.
 

Cause

An administrator was following the instructions from page 164 of the RSA Authentication Manager 8.1 Administrator’s Guide to replace the console certificate via the Operations Console and the alias name used matched the short name of the Authentication Manager.

Resolution

Please contact RSA Customer Support to seek assistance in removing the SSL server certificate(s) and/or Signer Certificate(s) from the appropriate certificate keystores used by the Authentication Manager software.

Refer to article number 000029178 after opening a support request with RSA Customer Support with your license information from the RSA Authentication Manager. The serial number for the license can be found in the Security Console under Setup > Licenses > Status.  Click View Installed Licenses then click License ID to display the serial number.

Workaround

Please do not use the Authentication Manager instance short name as the alias when replacing the console certificate.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 11:08 PM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.