Symantec Access Management

Tech Tip : CA Single Sign-On : Running AdminUI, when trying to import a simple certificate, AdminUI reports an error

  • 1.  Tech Tip : CA Single Sign-On : Running AdminUI, when trying to import a simple certificate, AdminUI reports an error

    Posted 04-23-2019 10:04 AM

    Issue:

     

    We're running running an AdminUI, when we try to import a simple
    certificate, AdminUI reports an error :

     

    Error: System error while attempting to import: One or more
    exceptions trying to commit keystore changes. Please consult the logs.

     

    Cause:

     

    Looking at the CDS log and the AdminUI log, we see that already a
    certificate with the same subject exists :

     

    cds.log

     

    [Apr 23 2019 10:23:02,060] CertificateDataStore [ERROR]
    CertificateDataStoreImpl.addCertificateToDB(): The certificate
    already exists in the Certificate Data Store with alias
    "my_test_sign". Cert Subject:
    CN=mytest,O=sign,ST=myState,C=myCountry Cert Serial Number: 00

     

    server.log

     

    2019-04-23 10:23:02,060 [ERROR] 

    com.ca.fedpki.api.remote.FedPkiKeyStore [] - **ERROR**
    java.security.cert.CertificateException commiting keystore change for
    alias my_test_sign_new.
    java.security.cert.CertificateException: Could
    not add certificate 'my_test_sign_new' (check logs for reason)

    Resolution:

     

    In the AdminUI, remove the old certificate. Then add the new
    certificate.

     

    KB : KB000131227