Sailpoint URL is not accessible

fghafour · October 22, 2023, 9:48am

Suddenly Sailpoint URL is not accessible.
stderr log file
Logs file thorwing this error:
2023-10-22 12:40:55 Apache Commons Daemon procrun stderr initialized.
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name: Apache Tomcat/9.0.68
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Oct 3 2022 19:06:10 UTC
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 9.0.68.0
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Windows Server 2019
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 10.0
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: amd64
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: C:\Program Files\Java\jdk1.8.0_271\jre
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 1.8.0_271-b09
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Oracle Corporation
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: C:\sailpoint tomcat
22-Oct-2023 12:40:56.320 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: C:\sailpoint tomcat
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=C:\sailpoint tomcat
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=C:\sailpoint tomcat
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=C:\sailpoint tomcat\temp
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=C:\sailpoint tomcat\conf\logging.properties
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: exit
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: abort
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xms2048m
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xmx4096m
22-Oct-2023 12:40:56.335 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The Apache Tomcat Native library which allows using OpenSSL was not found on the java.library.path: [C:\sailpoint tomcat\bin;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;C:\Program Files\Java\jdk1.8.0_271\jre\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Windows\System32\OpenSSH;C:\Program Files\Java\jdk1.8.0_271\bin;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn;C:\Program Files\Azure Data Studio\bin;C:\Program Files (x86)\Kaspersky Lab\Endpoint Agent;C:\Program Files\WindowsPowerShell\Scripts;C:\sailpoint tomcat\bin;C:\Program Files\Java\jdk1.8.0_271;C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WindowsApps;.]
22-Oct-2023 12:40:56.975 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler [“https-jsse-nio-8443”]
22-Oct-2023 12:40:57.413 SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1051)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:556)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1045)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.startup.Catalina.load(Catalina.java:724)
at org.apache.catalina.startup.Catalina.load(Catalina.java:746)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)
Caused by: java.lang.IllegalArgumentException: Cannot obtain resource for specified location [C:\Users\iamdev\Desktop\Newfolder\Quara_IAM]: no readable file, classloader resource, or this is not a resolvable URI
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:235)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1227)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1240)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:606)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:77)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1048)
… 13 more
Caused by: java.io.IOException: Cannot obtain resource for specified location [C:\Users\iamdev\Desktop\Newfolder\Quara_IAM]: no readable file, classloader resource, or this is not a resolvable URI
at org.apache.catalina.startup.CatalinaBaseConfigurationSource.getResource(CatalinaBaseConfigurationSource.java:112)
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:199)
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:207)
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:283)
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)
… 20 more
22-Oct-2023 12:40:57.413 INFO [main] org.apache.catalina.startup.Catalina.load Server initialization in [1437] milliseconds
22-Oct-2023 12:40:57.475 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina]
22-Oct-2023 12:40:57.475 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/9.0.68]
22-Oct-2023 12:40:57.491 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [C:\sailpoint tomcat\webapps\docs]
22-Oct-2023 12:40:57.772 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [C:\sailpoint tomcat\webapps\docs] has finished in [281] ms
22-Oct-2023 12:40:57.772 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [C:\sailpoint tomcat\webapps\identityiq]
22-Oct-2023 12:41:37.585 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [C:\sailpoint tomcat\webapps\identityiq] has finished in [39,813] ms
22-Oct-2023 12:41:37.585 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [C:\sailpoint tomcat\webapps\manager]
22-Oct-2023 12:41:37.632 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [C:\sailpoint tomcat\webapps\manager] has finished in [47] ms
22-Oct-2023 12:41:37.632 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [C:\sailpoint tomcat\webapps\ROOT]
22-Oct-2023 12:41:37.679 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [C:\sailpoint tomcat\webapps\ROOT] has finished in [47] ms
22-Oct-2023 12:41:37.694 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [40272] milliseconds

Remold · October 22, 2023, 10:35am

It looks like it has been started while logged in as user iamdeb.

Tomcat is complaining about not able to open: C:\Users\iamdev\Desktop\Newfolder\Quara_IAM

Are you normally running tomcat as a Windows service?

Can you do a search in all Tomcat config files for the folder mentioned above?

— Remold

Remold · October 22, 2023, 8:57pm

To be more precise: look at the value of keystoreFile within file C:\sailpoint tomcat\conf\server.xml.

For more information loog at the documentation for the Tomcat Configuration File.

– Remold

fghafour · October 24, 2023, 11:03am

Thanks Remold for your response.

This path “C:\Users\iamdev\Desktop\Newfolder\Quara_IAM”, it is certificateKeystoreFile Location path in server.xml file of Tomcat.

Remold · October 24, 2023, 11:42am

Are you running Tomcat as user iamdev ? If not, you should place the certificate in another directory which is accessible by the user who is running Tomcat.

– Remold

Victor_Nava · October 24, 2023, 12:11pm

Next to @Remold’s comment, Which version of IIQ are you using? I strongly recommends you to upgrade your java version to JDK11 or JDK17 depending on which IIQ version are you using.

Remold · October 29, 2023, 6:59pm

@fghafour Do you have any update? Is your issue resolved?

– Remold

fghafour · November 19, 2023, 11:55am

Hi,
Thanks for your response @Remold
The issue was with user permissions. Tomcat started with user having administrative privileges and started working fine.

Remold · November 19, 2023, 6:08pm

It is not a security best practice to start the Tomcat with a user having administrator privileges. See the ’ Secure Operating System’ of the white paper ‘IdentityIQ Secure Deployment Guide’

The best option is to store the Tomcat HTTPS certificate in a directory which is accessible by the non-administrative user which is to start/run Tomcat (and not C:\Users\iamdev\Desktop\Newfolder\Quara_IAM).

For more information loo at the documentation for the Tomcat Configuration File

– Remold

system · January 18, 2024, 6:09pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Log4J Denial of Service (DoS) Vulnerability (CVE-2021-45105) update - December 18, 2021 Security Updates	0	1829	December 18, 2021
Failing load ITRoles -- Uncaught JAX-RS exception IIQ Discussion and Questions	7	5235	July 19, 2023
The system has encountered a serious error while processing your request. Report the following incident code to your system administrator : 45039687 IIQ Discussion and Questions identityiq	6	806	October 5, 2024
Error message in tomcat IIQ Discussion and Questions	2	868	July 19, 2023
SailPoint SaaS Services Response to log4j Remote Code Execution Vulnerability ISC Discussion and Questions	13	4394	July 19, 2023

Sailpoint URL is not accessible

Related topics