NetWorker: java.io.IOException: Formato de keystore inválido

Summary: Não é possível listar ou modificar os arquivos de keystore do NetWorker AUTHC ou NetWorker Web User Interface (NWUI) usando o java keytool.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

O servidor de autenticação do NetWorker (AUTHC) ou o servidor de interface do usuário da Web do NetWorker (NWUI) incluem o Java Runtime Environment (JRE). Normalmente, isso é facilitado usando o NetWorker Runtime Environment (NRE).

Linux: /opt/nre/java/latest
Windows: C:\Program Files\NRE\java\jre#.#.#_###

Nota: Não há nenhum link simbólico "mais recente" nos hosts Windows. Dependendo de qual versão do NRE está instalada, o caminho do JRE inclui a versão do JRE incluída com a versão do NRE.

Ao usar o keytool para analisar os arquivos de keystore authc/NWUI do NetWorker, um erro Java será exibido:

[root@nsr bin]# keytool -list -keystore /nsr/authc/conf/authc.keystore
 Enter keystore password:
 keytool error: java.io.IOException: Invalid keystore format

Esse erro é exibido mesmo ao executar o keytool diretamente do diretório java bin do NRE.

Arquivos de keystore do servidor do NetWorker:

Linux: 
    • /nsr/authc/conf/authc.keystore
    • /nsr/authc/conf/authc.truststore
    • /opt/nsr/authc-server/conf/authc.truststore
    • /opt/nre/java/latest/lib/security/cacerts
Windows:
    • C:\Program Files\EMC NetWorker\nsr\authc-server\conf\authc.truststore
    • C:\Program Files\EMC NetWorker\nsr\authc-server\tomcat\conf\authc.keystore
    • C:\Program Files\NRE\java\jre##.#_###\lib\security\cacerts
Arquivos do NetWorker Web User Interface (NWUI):
Linux:
    • /nsr/nwui/monitoring/app/conf/nwui.keystore
    • /opt/nre/java/latest/cacerts
Windows:
    • C:\Program Files\EMC NetWorker\nwui\monitoring\app\conf\nwui.keystore
    • C:\Program Files\NRE\java\jre#.#.#_###\lib\security\cacerts

Cause

Há outra versão do Oracle Java Runtime Environment (JRE) instalada no host. A instalação do Oracle JRE está interferindo no NRE.

Resolution

É recomendável usar o NetWorker Runtime Environment (NRE) com os aplicativos do NetWorker. O log de instalação AUTHC do servidor do NetWorker identifica qual "caminho Java" foi usado:

Linux: /opt/nsr/authc-server/logs/install.log 
[root@nsr ~]# cat /opt/nsr/authc-server/logs/install.log | grep "Java Path"
Java Path            Yes        /opt/nre/java/latest
Java Path            Yes        /opt/nre/java/latest
Java Path            Yes        /opt/nre/java/latest
Windows: %LOCALAPPDATA%\Temp\NetWorker_YYYYMMDDHHmmSS_#_AuthC.log 
JAVAHOME = C:\Program Files\NRE\java\jre1.8.0_471
Como alternativa, em um prompt de comando administrativo, execute: 
echo %NSR_JAVA_HOME%
Ou prompt administrativo do PowerShell: 
$env:NSR_JAVA_HOME
Exemplo: 
C:\Users\Administrator.NETWORKER>echo %NSR_JAVA_HOME%
C:\Program Files\NRE\java\jre1.8.0_471

PS C:\Users\Administrator.NETWORKER> $env:NSR_JAVA_HOME
C:\Program Files\NRE\java\jre1.8.0_471


Usar uma variável de linha de comando para forçar keytool uso do NRE:

Nota: Essas variáveis se aplicam somente ao shell ou prompt atual. Assim que a sessão é encerrada, eles são removidos.

Linux:

keytool=/opt/nre/java/latest/bin/keytool

Exemplo:

[root@nsr ~]# keytool=/opt/nre/java/latest/bin/keytool

Execute todos os comandos keytool usando a variável:

[root@nsr ~]# $keytool
Key and Certificate Management Tool

Commands:

 -certreq            Generates a certificate request
 -changealias        Changes an entry's alias
 -delete             Deletes an entry
 -exportcert         Exports certificate
 -genkeypair         Generates a key pair
 -genseckey          Generates a secret key
 -gencert            Generates certificate from a certificate request
 -importcert         Imports a certificate or a certificate chain
 -importpass         Imports a password
 -importkeystore     Imports one or all entries from another keystore
 -keypasswd          Changes the key password of an entry
 -list               Lists entries in a keystore
 -printcert          Prints the content of a certificate
 -printcertreq       Prints the content of a certificate request
 -printcrl           Prints the content of a CRL file
 -storepasswd        Changes the store password of a keystore

Use "keytool -command_name -help" for usage of command_name

Windows:

Use o comando NSR_JAVA_HOME para executar comandos do NRE bin Diretório.

Exemplo de prompt de comando:

"%NSR_JAVA_HOME%\bin\keytool.exe" OPTIONS

Exemplo do PowerShell:

& "$env:NSR_JAVA_HOME\bin\keytool.exe" OPTIONS
Exemplos: 
C:\Users\Administrator.NETWORKER>"%NSR_JAVA_HOME%\bin\keytool.exe"
Key and Certificate Management Tool

Commands:

 -certreq            Generates a certificate request
 -changealias        Changes an entry's alias
 -delete             Deletes an entry
 -exportcert         Exports certificate
 -genkeypair         Generates a key pair
 -genseckey          Generates a secret key
 -gencert            Generates certificate from a certificate request
 -importcert         Imports a certificate or a certificate chain
 -importpass         Imports a password
 -importkeystore     Imports one or all entries from another keystore
 -keypasswd          Changes the key password of an entry
 -list               Lists entries in a keystore
 -printcert          Prints the content of a certificate
 -printcertreq       Prints the content of a certificate request
 -printcrl           Prints the content of a CRL file
 -storepasswd        Changes the store password of a keystore

Use "keytool -command_name -help" for usage of command_name
.............................................................................................................................................................................
PS C:\Users\Administrator.NETWORKER> & "$env:NSR_JAVA_HOME\bin\keytool.exe"
Key and Certificate Management Tool

Commands:

 -certreq            Generates a certificate request
 -changealias        Changes an entry's alias
 -delete             Deletes an entry
 -exportcert         Exports certificate
 -genkeypair         Generates a key pair
 -genseckey          Generates a secret key
 -gencert            Generates certificate from a certificate request
 -importcert         Imports a certificate or a certificate chain
 -importpass         Imports a password
 -importkeystore     Imports one or all entries from another keystore
 -keypasswd          Changes the key password of an entry
 -list               Lists entries in a keystore
 -printcert          Prints the content of a certificate
 -printcertreq       Prints the content of a certificate request
 -printcrl           Prints the content of a CRL file
 -storepasswd        Changes the store password of a keystore

Use "keytool -command_name -help" for usage of command_name

 

Se o NetWorker usar o NetWorker Runtime Environment (NRE) e outro Oracle Java Runtime Environment (JRE) estiver instalado, remova o pacote Oracle JRE.

Linux:

ADVERTÊNCIA: Se o servidor for um NetWorker Virtual Edition (NVE), não remova o pacote JRE do Oracle.
  1. Verifique se há outra instalação do JRE, os seguintes comandos podem ser usados: no entanto, consulte o administrador do sistema Linux:
rpm -qa --last | grep jre
find / -name java -type f
/opt/nre/java/jreX é o ambiente de execução do NetWorker; No entanto, outros pacotes podem aparecer: 
/etc/alternatives
/usr/bin/java
/usr/lib/jreX
  1. Se outro pacote do JRE estiver instalado, consulte o administrador do sistema Linux se ele puder ser removido.
rpm -e package_name

Windows: 

  1. Abra o Painel de Controle do Windows -> Programas e Recursos.
  2. Analise a lista para conhecer um pacote do Oracle Java Runtime Environment (excluindo o NetWorker Runtime Environment).
  3. Se o Oracle Java Runtime Environment estiver instalado, consulte o administrador do sistema Windows se ele puder ser removido.
  4. Desinstale o Oracle Java Runtime Environment do sistema.
  5. Abra uma nova sessão do prompt de comando para executar comandos keytool depois que o Oracle JRE for removido.

Additional Information

Affected Products

NetWorker

Products

NetWorker Family
Article Properties
Article Number: 000297934
Article Type: Solution
Last Modified: 05 Mar 2026
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.