"Unable to read keystore" error upgrading AccessManager java agents to Support Pack 2

  • 3287810
  • 24-Jan-2008
  • 26-Apr-2012


Novell Access Management 3 Java Agents
Novell Access Management 3 Support Pack 2 applied
Problem only occurs on Linux platforms - Windows platforms work fine.


When doing an upgrade to AccessManager 3 Support Pack 2 on the Linux agents, the following error is reported in
the agent health after the upgrade:

The following error occurred during the embedded service provider configuration Unable to read keystore : /opt/novell/devman/jcc/certs/esp/D1E3AF6BFDB801FD/signing.keystore

Exception message: "Unable to read keystore : /opt/novell/devman/jcc/certs/esp/D1E3AF6BFDB801FD/signing.keystore" y Line: 1468 Method: A y Line: 2354 Method: B y Line: 1996 Method: initialize y Line: 1839 Method: setKeys y Line: 2493 Method: A y Line: 2714 Method: start y Line: 2328 Method: doCommand y Line: 2230 Method: doCommand NativeMethodAccessorImpl.java Line: -2 Method: invoke0 NativeMethodAccessorImpl.java Line: 85 Method: invoke NativeMethodAccessorImpl.java Line: 58 Method: invoke DelegatingMethodAccessorImpl.java Line: -3 Method: invoke Method.java Line: -3 Method: invoke UnicastServerRef.java Line: 279 Method: dispatch Transport.java Line: 164 Method: run AccessController.java Line: -2 Method: doPrivileged1 AccessController.java Line: -3 Method: doPrivileged Transport.java Line: 160 Method: serviceCall TCPTransport.java Line: 505 Method: handleMessages TCPTransport.java Line: 837 Method: handleRequest TCPTransport.java Line: 911 Method: run Thread.java Line: 568 Method: run
(Required Action) Resolve the error and then restart the embedded service provider


1. Remove or move the certs out of the /opt/novell/devman/jcc/certs/esp/(id)/ directory on the agent server
2. From the Admin Console, go to Access Manager > Auditing > Troubleshooting > Certificates
3. Select all the certificates for the agent and Re-push the certificates
4. Start the esp for the agent.

This will work around the issue - the bug itself will be fixed in the next patch.