Skip Ribbon Commands
Skip to main content
Navigate Up
Sign In

Quick Launch

Average Rating:

facebook Twitter
Email
Print Bookmark Alert me when this article is updated

Feedback

ERROR: "The infa_truststore.jks file cannot be found" when Platform scanner fails for a TLS enabled domain in EDC
Problem Description
In Enterprise Data Catalog (EDC), Platform scanner fails for a TLS enabled domain with the following error:

2018-11-01 12:18:08,902 [ExecuteThread-{Task_Test_Infa_Resource_BDMScanner_CORE}] INFO  com.infa.products.ldm.scanners.mrsscanner.extraction.InfacmdUtil- Executing COMMAND :/app/user/hadoop/yarn/local/usercache/svcinfmqat/filecache/68/MRS_INFACMD_10.2.1.zip/InfaCmd/isp/bin/infacmd.sh DIS listApplications -da hostname:6005 -sdn Native -un administrator -pd *********** -sn DIS_SERVICE_NAME
2018-11-01 12:18:11,681 [ExecuteThread-{Task_Test_Infa_Resource_BDMScanner_CORE}] ERROR com.infa.products.ldm.scanners.mrsscanner.extraction.InfacmdUtil- Error occurred when getting all deployed applications: [ICMD_10033] Command [listApplications] failed with error [[DsCore_10060] Internal error: [[SSLUtil_0002] The status of Kerberos authentication and secure communication in the domain cannot be determined because of the following error: [SSLUtil_0001] Internal error. Secure communication failed because of the following SSL error: [SSLUtil_0004] The infa_truststore.jks file cannot be found. The truststore file must be in JKS format and must contain a certificate in PKCS12 format.. Contact Informatica Global Customer Support.]. Contact Informatica Global Customer Support.].
2018-11-01 12:18:11,681 [ExecuteThread-{Task_Test_Infa_Resource_BDMScanner_CORE}] ERROR com.infa.products.ldm.scanners.mrsscanner.MRSScannerExecutor- com.infa.products.ldm.scanners.exceptions.MRSScannerException: java.lang.Exception: [ICMD_10033] Command [listApplications] failed with error [[DsCore_10060] Internal error: [[SSLUtil_0002] The status of Kerberos authentication and secure communication in the domain cannot be determined because of the following error: [SSLUtil_0001] Internal error. Secure communication failed because of the following SSL error: [SSLUtil_0004] The infa_truststore.jks file cannot be found. The truststore file must be in JKS format and must contain a certificate in PKCS12 format.. Contact Informatica Global Customer Support.]. Contact Informatica Global Customer Support.].
Cause
​This issue occurs if INFA_TRUSTSTORE and INFA_TRUSTSTORE_PASSWORD environment variables (or JVM options) are not configured in the resource configuration.


Solution
For running Scanner for TLS-enabled Informatica Platform resource, copy infa_truststore.jks file from the DIS server machine (which you are scanning) to all the Hadoop nodes, and then add the following JVM options in the resource configuration in LDM Admin UI.

-DINFA_TRUSTSTORE=location_of_infa_truststore_on_hadoop_machine_but_not_file_name -DINFA_TRUSTSTORE_PASSWORD="encrypted_password_in_double_quotes"

Example

   -DINFA_TRUSTSTORE=/opt/Informatica/truststoreLocation -DINFA_TRUSTSTORE_PASSWORD="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

To get the encrypted password, go to INFA_HOME/server/bin directory on DIS server machine (which you are trying to scan) and run the following command:

          export LD_LIBRARY_PATH=.:$LD_LIBRARY_PATH
          ./pmpasswd UNENCRYPTED_PASSWORD

Also, ensure to add the INFA_TRUSTSTORE, INFA_TRUSTSTORE_PASSWORD in the YARN environment variables. ​
More Information
Applies To
Product: Enterprise Data Catalog
Problem Type: Configuration
User Type: Administrator
Project Phase: Configure
Product Version: Enterprise Data Catalog 10.2.1; Enterprise Data Catalog 10.2.1 Update 1
Database:
Operating System:
Other Software:

Reference
Attachments
Last Modified Date:7/1/2020 2:22 AMID:565770
People who viewed this also viewed

Feedback

Did this KB document help you?



What can we do to improve this information (2000 or fewer characters)