The nnm.keystore file does not contain a key matching the SSL alias in the nms-local.properties file.

Document ID:KM03687706
Creation Date:31-Jul-2020
Modified Date:30-Apr-2021
- Micro Focus Products:
  network node manager 2019.11

Summary

The following problem is observed when running nnmcluster -display after updating the certificates in Application Failover Cluster. stop the daemon processes on both clusters: nnmcluster -shutdown -force check for any running daemon process with ps -ef | grep daemon and use kill to terminate them, if any.

Error

Below error is seen both for PKCS12 and JKS types of certificates:

On PKCS12 systems:

nnmcluster –display
Error: The nnm.keystore file does not contain a key matching the SSL alias in
the nms-local.properties file

On JKS systems:

nnmcluster –display
Error: The nnm.keystore file does not contain a key matching the SSL alias in
the nms-local.properties file

Cause

The problem is that when the nnmcluster CLI joins the Jgroup the image of the keystores must be the same as the ones cached by the daemons when they started up. If they are different then they can’t join the cluster.

Fix

To avoid this, do not alter the certificates while the cluster daemon is running.

Before working with the certificates, make sure to:

1. Stop the daemon processes on both clusters: nnmcluster -shutdown -force

2. Check for any running daemon process:

Linux: with ps -ef | grep daemon ; ps -ef | grep cluster and use kill to terminate them, if any.

Windows: Use Task Manager to terminate the cluster daemon process.