Casa fails after modifying certificates with novell-zenworks-configure or after zman server-restore

  • 7005781
  • 19-Apr-2010
  • 27-Apr-2012


Novell ZENworks 10 Configuration Management with Support Pack 3 - 10.3


After running novell-zenworks-configure to modify certificates (due to server DNS name change, expired certificates etc.) or after running zman to restore a server from backup, CASA fails to authenticate.
casa ats server log (External CASA) shows this:

2010-04-07 13:03:03,590 WARN authtoksvc.SessionToken getSecureTokenUtilObj()-
Exception caught, message = Keystore was tampered with, or password was

zenserver log (Embedded CASA) shows this:

2010-04-07 13:03:17,770 INFO [ClientAddr=] Authenticate Rpc,

client logs show this:

[DEBUG] [04/07/2010 21:14:04.480] [1520] [ZenworksWindowsService] [25] []
[CommonCasa] [] [ObtainAuthToken took exception: -939589600 System.Exception:
   at Novell.Casa.Client.Auth.Authtoken.ObtainAuthToken(String sService, String
sHost, WinLuid luid)
   at Novell.Zenworks.Zmd.Common.CasaHelper.ObtainAuthToken(String SessionID,
String RealmName, String


This is fixed in version 10.3.1 - see KB 7006265 "ZENworks Configuration Management 10.3.1 - update information and list of fixes" which can be found at http:\\\support
Workaround for prior version:
NOTE:  For Linux servers, confirm correct ownership of modified files!

Manual Workaround Steps: Path (Windows)

External CASA -

Embedded CASA -
%ZENWORKS_HOME\share\tomcat\webapps\CasaAuthTokenSvc\WEB-INF\classes\ Path (Linux)
External CASA -

Embedded CASA -

Passphrase file Path
Windows - %ZENWORKS_HOME\conf\security\passphrase.txt
Linux - /etc/opt/novell/zenworks/security/passphrase.txt

serverConfig file Path
Windows - %ZENWORKS_HOME\conf\security\serverConfig.xml
Linux - /etc/opt/novell/zenworks/security/serverConfig.xml

Open the Passphrase file and note the password in it. It is a single line file with just the password.

 Open the serverConfig file and note the Alias (contained within <Alias> ...<\Alias> tags)

Edit the files (both external and embedded) and change the following:
  - value to the password noted from passphrase file
  - value to the password noted from passphrase file
  - value to the alias noted from serverConfig file

Restart all services zenloader , zenserver , casa .