Provisioning Server service does not start - error code 21

Document ID : KB000006423
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

After rebooting Provisioning Server machine or restart all DSAs and Provisioning Server, the Provisioning Server service does not start.

From Service window we have the error message:

"error code 21"

Environment:
Identity Manager 12.x
Cause:

Checking the im_ps.log file we have the messages:

[14:21:06.078:00000B38] reading config file D:\Program Files (x86)\CA\Identity Manager\Provisioning Server\data\tls\server\fips.conf

TLS: can't connect.

[14:21:09.218:00000B38] backend_startup: bi_db_open 0 failed!

[14:21:09.265:00000B38] slapd stopped.

[14:21:09.265:00000B38] connections_destroy: nothing to destroy.

 

Checking the <hostname>-impd-main.dxc file under DX_HOME\config\ssld\personalities

The "Not After" line we saw that it was expired.

i.e Not After : Feb 22 19:28:51 2017 GMT

 

Resolution:

As the certificate are expired we must re-create all DSAs certificates.

 

1. Backup your DX_HOME\config\ssld folder

2. Stop all Connector Servers C++ and Java

3. Stop all DSAs running "dxserver stop all"

4. From DX_HOME\config\bin run the command 

       dxcertgen -d <Number_of_Days> certs

       i.e dxcertgen -d 3650 certs       it will generate new certificates valid for 10 years

5. Start all DSAs running "dxserver start all"

6. Start both Connector Servers C++ and Java

7. Start Provisioning Server service