Product/components used and version/fix level:
webMethods Softwareag 10.15 Universal Messaging and 10.15 Integration Server
Universal messaging fix: 10.15 fix 14
Integration Server fix: 10.15 fix 8
Detailed explanation of the problem:
The universal messaging 10.15 is not secured.While I am trying to secure it using default keystore.jks and platform_truststore.jks provided in IS 10.15 path /opt/softwareag/common/conf. I am getting proper response with a password with keytool command for keystore and truststore file.But when I pass the same password in the 10.15 UM servercommon.conf file ,I endup getting below error for keystore:
Java.io.exception keystore was tampered with or password was incorrect.
Which then produces below error:
Could not start nhps://0.0.0.0:port keystore was tampered with or password incorrect.
Pls note that port details are correctly configured.
Please note that my password is absolutely correct,as confirmed when i fetch the keystore from kubernetes pod it responds with the password I have configured.
I do not have enterprise manager.Can that be an issue.I am performing all the activities using servercommon.conf file from CLI.
Please help me resolve this error.
Thanks in advance!!
Error messages / full error message screenshot / log file:
Question related to a free trial, or to a production (customer) instance?
If you can connect enterprise manager or use UM Tools it maybe be best to configure the interface directly as the start up script for interfaces is only for the initial startup and after that you need to use tooling to update configuration.
By default the interface would configure mTLS/Two Way SSL which means you need keystores and trust stores configured.
If you wish to use UM Tools, I suggest looking at using the ‘ListInterfaces’ and ‘ModifyInterface’ tools, to see some doc on the tools see UM Tools
Hi Joshua,
Firstly I thank you for your response.
I have now secured universal messaging using enterprise manager UI by entering nhps port details and keystore details.
Further I am trying to change the default keystore truststore to customized for my environment to make it safer.
I have followed the below document to make customized keystore:
Changing the default softwareag runtime keystore and truststore
Available on SAG documentation.
Using the newly created keystore I am successfully able to secure integration server https port but when I try to secure UM using it I get below error:
Java.security.UnrecoverableKeyException , unable to recover key from keystore.jks .
Kindly help!!
No problems,
It sounds like the password is incorrect somehow, perhaps double check the passwords for the keystore and alias are correct and that EM did update them.
If that doesnt work it may be best to raise a Support incident so our support team can step through the process with you.
Regards
Joshua