Forum Discussion

chriswilkes33's avatar
4 years ago

upgrade from 8.1.2 to 8.3.0.1 fails pre-check java_key_store fingerprint check

During an attempted upgrade from NetBackup 8.1.2 on RedHat Enterprise Linux 7.9 to Netbackup 8.3.0.1, the precheck critical checks fails the check for java_key_store fingerprints with the error:

not_ok: java_key_store: [fingerprint_redacted] fingerprint does not macth any CA/tomcat certificate files. At least one Java Keystore CA fingerprint does not match the RB certificate fingerprint. This test runs when you upgrade the NetBackup master server from 8.0 to 8.1 or later Netbackup version. Check Java Keystore fingerprints (*.jks) for tomcatcreds wsl or credentials. See https://www.veritas.com/support/en_US/article.100045513 for more information.

I followed the steps in that page to recreate the certificates with no errors and still get the same error when I try to upgrade. 

  • chriswilkes33's avatar
    chriswilkes33
    4 years ago

    So what this came down to was the fact that I use the NB Compnent Update utility to keep the JRE updated between releases. This caused the fingerprint to be messed up. I reinstalled the original 8.1.2 and then was able to immediately upgrade to 8.3.0.1. 

    Janky, but I am at least able to upgrade. If anyone has tips on how to keep the JRE updated between releases in a way that wont break future upgrades would be nice.

  • Please keep us updated, enquiring minds want to know what to watch out for during upgrade!

    • chriswilkes33's avatar
      chriswilkes33
      Level 3

      Will do. It was a pre-update check that caught it so no harm done, but also dont want to be stuck on this version.

      • chriswilkes33's avatar
        chriswilkes33
        Level 3

        So is there a place I can go to get help when the community here doesn't answer?

    • chriswilkes33's avatar
      chriswilkes33
      Level 3

      I did, I guess I am going to check with technical support. Thanks anyway

      • chriswilkes33's avatar
        chriswilkes33
        Level 3

        So what this came down to was the fact that I use the NB Compnent Update utility to keep the JRE updated between releases. This caused the fingerprint to be messed up. I reinstalled the original 8.1.2 and then was able to immediately upgrade to 8.3.0.1. 

        Janky, but I am at least able to upgrade. If anyone has tips on how to keep the JRE updated between releases in a way that wont break future upgrades would be nice.