CA Identity Portal Connectors Won't Start in Cluster

Document ID : KB000093104
Last Modified Date : 26/04/2018
Show Technical Document Details
Issue:
We have 3 Identity Portal nodes and have made Identity Manager connectors on each. When we start the first one it starts successfully. Leaving this one started, we attempt to start the next 2 connectors on the remaining 2 nodes. These fail to start up. If we shut down the connector on node 1, connector on node 2 will start but now connectors on nodes 1 and 3 will fail. How can we resolve this?
Environment:
IDM Portal: 1.6.2 CR1 CP8(version":"83")
 
Cause:
All Identity Portal servers should share the same keystore file. 
Resolution:
  • This procedure needs to be followed for all application server types (Tomcat, JBoss, WebLogic, WebSphere).
  • This procedure should be performed immediately after the installation of CA Identity Suite is completed and before any configuration is done in the CA Identity Suite Admin Interface.

CA Identity Suite uses a symmetric encryption key to encrypt sensitive values in the configuration store. The encryption key is generated by the CA Identity Suite installer. All nodes in the CA Identity Suite cluster must use the same key.

  1. Locate the sigma keystore file "sigma.keystore" on the first node on which you installed sigma. This is usually located under: "<CA Identity Portal_HOME>\CA Identity Suite\sigma-keystore-tool\sigma.keystore".
  2. Copy that file to all the other nodes, overwriting the files on those nodes (in that same location).
  3. Restart the nodes.