cancel
Showing results for 
Search instead for 
Did you mean: 

upgrade from 8.1.2 to 8.3.0.1 fails pre-check java_key_store fingerprint check

chriswilkes33
Level 3

During an attempted upgrade from NetBackup 8.1.2 on RedHat Enterprise Linux 7.9 to Netbackup 8.3.0.1, the precheck critical checks fails the check for java_key_store fingerprints with the error:

not_ok: java_key_store: [fingerprint_redacted] fingerprint does not macth any CA/tomcat certificate files. At least one Java Keystore CA fingerprint does not match the RB certificate fingerprint. This test runs when you upgrade the NetBackup master server from 8.0 to 8.1 or later Netbackup version. Check Java Keystore fingerprints (*.jks) for tomcatcreds wsl or credentials. See https://www.veritas.com/support/en_US/article.100045513 for more information.

I followed the steps in that page to recreate the certificates with no errors and still get the same error when I try to upgrade. 

1 ACCEPTED SOLUTION

Accepted Solutions

So what this came down to was the fact that I use the NB Compnent Update utility to keep the JRE updated between releases. This caused the fingerprint to be messed up. I reinstalled the original 8.1.2 and then was able to immediately upgrade to 8.3.0.1. 

Janky, but I am at least able to upgrade. If anyone has tips on how to keep the JRE updated between releases in a way that wont break future upgrades would be nice.

View solution in original post

7 REPLIES 7

Genericus
Moderator
Moderator
   VIP   

Please keep us updated, enquiring minds want to know what to watch out for during upgrade!

NetBackup 9.1.0.1 on Solaris 11, writing to Data Domain 9800 7.7.4.0
duplicating via SLP to LTO5 & LTO8 in SL8500 via ACSLS

Will do. It was a pre-update check that caught it so no harm done, but also dont want to be stuck on this version.

So is there a place I can go to get help when the community here doesn't answer?

You can always open a support ticket assuming you've got active support.  TN 100045513 has the best publicly available guidance I know of.

Charles
VCS, NBU & Appliances

Mike_Gavrilov
Moderator
Moderator
Partner    VIP    Accredited Certified

I did, I guess I am going to check with technical support. Thanks anyway

So what this came down to was the fact that I use the NB Compnent Update utility to keep the JRE updated between releases. This caused the fingerprint to be messed up. I reinstalled the original 8.1.2 and then was able to immediately upgrade to 8.3.0.1. 

Janky, but I am at least able to upgrade. If anyone has tips on how to keep the JRE updated between releases in a way that wont break future upgrades would be nice.