After updating the certificates for RSA Identity Governance & Lifecycle, WildFly reports error: JBAS015299: The KeyStore /home/oracle/keystore/aveksa.keystore does not contain any keys.
Originally Published: 2018-11-14
Article Number
Applies To
RSA Product/Service Type: Appliance
RSA Version/Condition: 7.0.0 and above
Issue
On examination, the following error is found in the WildFly log file: server.log.
2018-11-12 12:13:01,200 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service jboss.server.controller.management.security_realm.AveksaRealm.key-manager: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.AveksaRealm.key-manager:
JBAS015299: The KeyStore /home/oracle/keystore/aveksa.keystore does not contain any keys.
When the /home/oracle/keystore/aveksa.keystore file is examined, the following results are returned.
# keytool -list -alias server -keystore aveksa.keystore Enter keystore password: server, Nov 7, 2018, trustedCertEntry, ...NOTE: The recommended password for the aveksa.keystore is: Av3k5a15num83r0n3
Cause
This is why WildFly reports that the file does not contain any keys.
This can occur if the "server" alias is replaced by a certificate.
Certificates are of Entry type: trustedCertEntry
Resolution
This is because the Private Key entry in the aveksa.keystore is missing and needs to be re-generated.
Step 2 from article 30130 is as follows.
keytool -genkeypair -keysize 2048 -alias server -keyalg RSA -keystore my.keystore -dname "CN=rsa-img.rsa.com" -ext san=dns:rsa-img.rsa.com,dns:rsa-imgThis creates a new keystore file, with the "server" alias that is of Entry type: PrivateKeyEntry
Notes
Related Articles
Update freezes when updating from RSA Authentication Manager 8.3 to Authentication Manager 8.3 patch 6 Number of Views RSA MFA Agent for Windows fails to authenticate with Authentication Manager due to "Error in Server certificate validation… Number of Views A more concise guide to updating Authentication Manager 8.x passwords Number of Views Logging on to security console is very slow after updating to AM 8.5 Number of Views Updating RSA SecurID Access SSL portal certificate can break Authenticate App tokencode - Authentication Manager integration Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU RSA SecurID Software Token 5.0.2 for Windows Desktop displays message after reboot due to roaming profile: No token stor…
Don't see what you're looking for?
