10-10-2013 08:04 AM - edited 07-04-2021 01:03 AM
Hi all,
I upgraded MSE today from 7.2.110.0 to 7.5.102.101 using the release notes, after the upgrade I get the following error:
[root@ukgrelg-174-mse init.d]# /etc/init.d/msed start
Starting MSE Platform
Starting Apache HTTPD Server
Starting Health Monitor, Waiting to check the status.
Health Monitor successfully started
ERROR! Apache Service did not startup. Please refer to apache error log under framework logs.
Stopping MSE Platform
ERROR! Apache Service did not startup. Please refer to apache error log under framework logs.
..
MSE platform shutdown complete
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
apache]# tail error_log
[Thu Oct 10 15:49:44 2013] [notice] caught SIGTERM, shutting down
[Thu Oct 10 15:50:00 2013] [error] Password for slot NSS FIPS 140-2 Certificate DB is incorrect.
[Thu Oct 10 15:50:00 2013] [error] NSS initialization failed. Certificate database: /var/mse/certs/nss/.
[Thu Oct 10 15:50:00 2013] [error] SSL Library Error: -8177 The security password entered is incorrect
[Thu Oct 10 15:54:56 2013] [error] Password for slot NSS FIPS 140-2 Certificate DB is incorrect.
[Thu Oct 10 15:54:56 2013] [error] NSS initialization failed. Certificate database: /var/mse/certs/nss/.
[Thu Oct 10 15:54:56 2013] [error] SSL Library Error: -8177 The security password entered is incorrect
[Thu Oct 10 15:58:16 2013] [error] Password for slot NSS FIPS 140-2 Certificate DB is incorrect.
[Thu Oct 10 15:58:16 2013] [error] NSS initialization failed. Certificate database: /var/mse/certs/nss/.
[Thu Oct 10 15:58:16 2013] [error] SSL Library Error: -8177 The security password entered is incorrect
I've ran ]# /opt/mse/framework/bin/CertMgmt.sh and choose "9 show certificate configuration", as I expected this command displays previous certs before my upgrade. Why there are cert password mistmatches in the apache logs I'm not sure why.
10-14-2013 06:33 AM
TAC Engineer solved the problem as below
- /etc/init.d/msed stop
Remove the certificate database
– rm –rf /var/mse/certs/nss
cd /opt/mse/framework/bin/
./installNewCertificateForFIPS.sh
Restart the MSE
- /etc/init.d/msed restart
10-15-2013 01:19 AM
Nice - thanks for sharing.
02-11-2014 05:14 AM
Thanks Stephen for sharing this useful information 5+
Thanks & Regards
Vinay Sharma
Community Manager
02-27-2014 07:40 AM
This is really Useful info...Thanks Stephen !!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide