configure-lightwave-server fails with java.security.KeyStoreException
berndtj opened this issue · 5 comments
Below is the error. I'm not sure how to get past:
root@ip-172-20-40-102 [ /opt ]# configure-lightwave-server --domain kops.bjung.net --password '*****' --hostname 34.210.152.203
Deploying in standalone mode...
-----Begin installing components-----
VMware Authentication Framework
Begin installing component: vmware-authentication-framework
140540224489112:error:0906D06C:lib(9):func(109):reason(108):pem_lib.c:701:Expecting: CERTIFICATE
Installed vmware-authentication-framework succesfully.
Installation completed successfully.
-----Checking Authentication service-----
Authentication Service checked successfully.
-----Checking Directory service-----
Directory Service checked successfully.
-----Checking Certificate service-----
Certificate Service checked successfully.
-----Begin installing components-----
VMware Identity Manager
VMware Secure Token Service
Lightwave UI
Begin installing component: vmware-identity-manager
Installed vmware-identity-manager succesfully.
Begin installing component: vmware-secure-token-service
java.security.KeyStoreException: VKS not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at com.vmware.identity.configure.STSHealthChecker.getVksKeyStore(STSHealthChecker.java:131)
at com.vmware.identity.configure.STSHealthChecker.checkHealth(STSHealthChecker.java:83)
at com.vmware.identity.configure.SecureTokenServerInstaller.install(SecureTokenServerInstaller.java:99)
at com.vmware.identity.configure.VMIdentityController.setupInstance(VMIdentityController.java:226)
at com.vmware.identity.configure.VMIdentityController.setupInstanceStandalone(VMIdentityController.java:52)
at com.vmware.identity.configure.VMIdentityStandaloneInstaller.main(VMIdentityStandaloneInstaller.java:74)
Caused by: java.security.NoSuchAlgorithmException: VKS KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 6 more
VKS not found
vmware-secure-token-service installation failed.
Installation failed.
Errorcode: -1com.vmware.identity.configure.DomainControllerNativeException: java.security.KeyStoreException: VKS not found
at com.vmware.identity.configure.VMIdentityController.setupInstance(VMIdentityController.java:236)
at com.vmware.identity.configure.VMIdentityController.setupInstanceStandalone(VMIdentityController.java:52)
at com.vmware.identity.configure.VMIdentityStandaloneInstaller.main(VMIdentityStandaloneInstaller.java:74)
Caused by: java.security.KeyStoreException: VKS not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at com.vmware.identity.configure.STSHealthChecker.getVksKeyStore(STSHealthChecker.java:131)
at com.vmware.identity.configure.STSHealthChecker.checkHealth(STSHealthChecker.java:83)
at com.vmware.identity.configure.SecureTokenServerInstaller.install(SecureTokenServerInstaller.java:99)
at com.vmware.identity.configure.VMIdentityController.setupInstance(VMIdentityController.java:226)
... 2 more
Caused by: java.security.NoSuchAlgorithmException: VKS KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 6 more
PSC Installation failed.
This is an artifact of incompatible JAVA version issue. Its tracked under : #22
I am seeing something similar.. Also downgraded to the recommended java/jre/apache-commons version as recommended in the above thread/bug.. Any help appreciated
Deploying in standalone mode...
-----Begin installing components-----
VMware Authentication Framework
Begin installing component: vmware-authentication-framework
vmware-authentication-framework installation failed.
Installation failed.
Errorcode: 1com.vmware.identity.configure.DomainControllerNativeException
at com.vmware.pscsetup.interop.DeployUtilsAdapterErrorHandler.handleErrorCode(DeployUtilsAdapterErrorHandler.java:110)
at com.vmware.pscsetup.interop.DeployUtilsAdapter.setupInstance(DeployUtilsAdapter.java:108)
at com.vmware.pscsetup.interop.DeployUtilsAdapter.configureStandalone(DeployUtilsAdapter.java:48)
at com.vmware.pscsetup.AuthenticationFrameworkInstaller.install(AuthenticationFrameworkInstaller.java:28)
at com.vmware.pscsetup.PlatformServicesController.setupInstance(PlatformServicesController.java:83)
at com.vmware.pscsetup.PlatformServicesController.setupInstanceStandalone(PlatformServicesController.java:34)
at com.vmware.pscsetup.PlatformServicesControllerDeploy.main(PlatformServicesControllerDeploy.java:41)
-----Checking Authentication service-----
Authentication Service checked successfully.
-----Checking Directory service-----
Directory Service checked successfully.
-----Checking Certificate service-----
Certificate Service checked successfully.
-----Begin installing components-----
VMware Identity Manager
VMware Secure Token Service
Lightwave UI
Begin installing component: vmware-identity-manager
Installed vmware-identity-manager succesfully.
Begin installing component: vmware-secure-token-service
java.security.KeyStoreException: VKS not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at com.vmware.identity.configure.STSHealthChecker.getVksKeyStore(STSHealthChecker.java:131)
at com.vmware.identity.configure.STSHealthChecker.checkHealth(STSHealthChecker.java:83)
at com.vmware.identity.configure.SecureTokenServerInstaller.install(SecureTokenServerInstaller.java:99)
at com.vmware.identity.configure.VMIdentityController.setupInstance(VMIdentityController.java:226)
at com.vmware.identity.configure.VMIdentityController.setupInstanceStandalone(VMIdentityController.java:52)
at com.vmware.identity.configure.VMIdentityStandaloneInstaller.main(VMIdentityStandaloneInstaller.java:74)
Caused by: java.security.NoSuchAlgorithmException: VKS KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 6 more
VKS not found
vmware-secure-token-service installation failed.
Installation failed.
Errorcode: -1com.vmware.identity.configure.DomainControllerNativeException: java.security.KeyStoreException: VKS not found
at com.vmware.identity.configure.VMIdentityController.setupInstance(VMIdentityController.java:236)
at com.vmware.identity.configure.VMIdentityController.setupInstanceStandalone(VMIdentityController.java:52)
at com.vmware.identity.configure.VMIdentityStandaloneInstaller.main(VMIdentityStandaloneInstaller.java:74)
Caused by: java.security.KeyStoreException: VKS not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at com.vmware.identity.configure.STSHealthChecker.getVksKeyStore(STSHealthChecker.java:131)
at com.vmware.identity.configure.STSHealthChecker.checkHealth(STSHealthChecker.java:83)
at com.vmware.identity.configure.SecureTokenServerInstaller.install(SecureTokenServerInstaller.java:99)
at com.vmware.identity.configure.VMIdentityController.setupInstance(VMIdentityController.java:226)
... 2 more
Caused by: java.security.NoSuchAlgorithmException: VKS KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 6 more
PSC Installation failed.
I tried the same with the downgraded JAVA/JRE/commons-deamon - Here is my system state now...
tdnf list openjre
openjre.x86_64 1.8.0.112-1.ph1 @System
tdnf list openjdk
openjdk.x86_64 1.8.0.112-1.ph1 @System
tdnf list commons-daemon open-jre open-jdk
commons-daemon.x86_64 1.0.15-8.ph1 @System
Please use apache-tomcat-8.5.23-1. patch at https://github.com/vmware/photon/tree/1.0/SPECS/apache-tomcat
Thanks for the reply.. upgraded my tomcat as recommended.. Here is the output of tdnf post upgrade..
tdnf list apache-tomcat
apache-tomcat.noarch 8.5.23-1.ph1 @System
The above same error still persists..
If I am not wrong the issue seems to be from this code snippet & not related to the patch ? ..
File :
https://github.com/vmware/lightwave/blob/42f75b34d84791c352edd9d24d8abb13c5057c59/vmidentity/install/src/main/java/com/vmware/identity/configure/STSHealthChecker.java
Code : snippet
/**
* Get VKS keystore by calling VECS
*/
public KeyStore getVksKeyStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
KeyStore ks = KeyStore.getInstance(VKS_KEYSTORE_INSTANCE);
ks.load(new VecsLoadStoreParameter(VKS_KEYSTORE_NAME));
return ks;
}
Sorry to lead you down a different path. Could you please follow the disucussion here: #22