11-02-2020 08:59 AM
During an attempted upgrade from NetBackup 8.1.2 on RedHat Enterprise Linux 7.9 to Netbackup 8.3.0.1, the precheck critical checks fails the check for java_key_store fingerprints with the error:
not_ok: java_key_store: [fingerprint_redacted] fingerprint does not macth any CA/tomcat certificate files. At least one Java Keystore CA fingerprint does not match the RB certificate fingerprint. This test runs when you upgrade the NetBackup master server from 8.0 to 8.1 or later Netbackup version. Check Java Keystore fingerprints (*.jks) for tomcatcreds wsl or credentials. See https://www.veritas.com/support/en_US/article.100045513 for more information.
I followed the steps in that page to recreate the certificates with no errors and still get the same error when I try to upgrade.
Solved! Go to Solution.
12-10-2020 12:55 PM
So what this came down to was the fact that I use the NB Compnent Update utility to keep the JRE updated between releases. This caused the fingerprint to be messed up. I reinstalled the original 8.1.2 and then was able to immediately upgrade to 8.3.0.1.
Janky, but I am at least able to upgrade. If anyone has tips on how to keep the JRE updated between releases in a way that wont break future upgrades would be nice.
11-02-2020 11:21 AM - edited 11-02-2020 11:21 AM
11-02-2020 11:45 AM
Will do. It was a pre-update check that caught it so no harm done, but also dont want to be stuck on this version.
11-06-2020 11:57 AM
So is there a place I can go to get help when the community here doesn't answer?
11-06-2020 12:54 PM
You can always open a support ticket assuming you've got active support. TN 100045513 has the best publicly available guidance I know of.
11-17-2020 05:35 AM
Did you check this article https://www.veritas.com/support/en_US/article.100045515 ?
12-07-2020 12:02 PM
I did, I guess I am going to check with technical support. Thanks anyway
12-10-2020 12:55 PM
So what this came down to was the fact that I use the NB Compnent Update utility to keep the JRE updated between releases. This caused the fingerprint to be messed up. I reinstalled the original 8.1.2 and then was able to immediately upgrade to 8.3.0.1.
Janky, but I am at least able to upgrade. If anyone has tips on how to keep the JRE updated between releases in a way that wont break future upgrades would be nice.