Updated SSL certificate and am now getting 'Startup Error An error occurred during system startup'

Matthew Jones shared this question 5 months ago
Completed

I've updated our SSL certificate and i'm now getting 'Startup Error

An error occurred during system startup. Please have your system administrator check the database connection settings. More information is available in the system logs.'

I can't see an obvious issue in the logs. Has anyone had problems after updating the SSL certificate? We're running on version 8.5, but no other changes have been made and the sytem was running fine until the change of SSL server.

Replies (12)

photo
1

Hi Matthew,

Please could you submit a set of logs from Yellowfin. They're found in the yellowfin/appserver/logs folder.

We do have a troubleshooting article for SSL problems - https://community.yellowfinbi.com/knowledge-base/article/tips-for-troubleshooting-ssl-issues

As it mentions, there may be a problem with the configuration of the server.xml or web.xml if you're running into start up issues. Did the name of the certificate change? Was the new certificate imported into the Java trust store?

Kind regards,

Chris

photo
1

Thanks for the reply Chris. Attached is the catalina log file. Which others do you need to see?

photo
1

Here is the yellowfin log.


Our issue started yesterday after 8pm 24/6/2024 (UK), after our SSL certificate was swapped out for a new one. The name did change, but was updated in the server.xml

photo
1

Hi Matthew,

This appears to be a Tomcat error rather than a Yellowfin error and it sounds like you might be running into a bug :

https://stackoverflow.com/questions/40512983/tomcat-8-ssl-session-id-not-available

There is a mentioned fix in the Stackoverflow article

  • Add an explicit SSLHostConfig element and include disableSessionTickets="true" to disable session tickets
  • Set sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation" on the Connector to use JSSE for TLS rather than OpenSSL

Let me know if that helps at all.

Kind regards,

Chris

photo
1

I did see that article and tried adding the disableSessionTickets="true" to the connection, but the error persists, so i wonder if this isn't actually the issue. Have you looked at the logs and you can see no other issues? If this was the problem, i don't see why it would have worked fine with the previous SSL certificate and only just started to be a problem now.

Thanks for your help so far.

photo
1

Hi Matthew,

Looking at the Yellowfin.log file, it contains entries from the 24th, rather than the 25th in the catalina.log.

In there, I'm seeing errors connecting to the database:

YF:2024-06-24 22:12:21: INFO (DBConnectionManager:init) - DBConnectionManager shutting down
YF:2024-06-24 22:12:21: INFO (DBConnectionManager:init) - DBConnectionManager completed shutdown
YF:2024-06-24 22:12:21: INFO (hofStartup:initServlet) - === hofStartup Starting Up ===
YF:2024-06-24 22:12:21:ERROR (DBAction:A) - Error occurred when connecting to the database: java.lang.NullPointerException
java.lang.NullPointerException
at com.hof.pool.DBConnectionManager.A(DBConnectionManager.java:461)
at com.hof.pool.DBConnectionManager.getConnection(DBConnectionManager.java:296)
at com.hof.util.DBAction.<init>(DBAction.java:334)
at com.hof.util.DBAction.<init>(DBAction.java:447)
at com.hof.util.DBAction.<init>(DBAction.java:389)
at com.hof.process.BuildDataProcess.A(BuildDataProcess.java:58)
at com.hof.process.BuildDataProcess.getBuildData(BuildDataProcess.java:78)
at com.hof.servlet.hofStartup.init(hofStartup.java:63)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1183)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1099)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:989)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4931)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5241)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:630)
at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1842)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
YF:2024-06-24 22:12:21:ERROR (BuildDataProcess:init) - Error: com.hof.util.ActionErrorsException: DBAction constructor exception
YF:2024-06-24 22:12:21:ERROR (BuildDataProcess:init) - Error: java.lang.NullPointerException
YF:2024-06-24 22:12:21:ERROR (DBAction:<init>) - Error occurred when connecting to the database: java.lang.NullPointerException
java.lang.NullPointerException
at com.hof.pool.DBConnectionManager.A(DBConnectionManager.java:461)
at com.hof.pool.DBConnectionManager.getConnection(DBConnectionManager.java:296)
at com.hof.util.DBAction.<init>(DBAction.java:334)
at com.hof.util.DBAction.<init>(DBAction.java:447)
at com.hof.util.DBAction.<init>(DBAction.java:402)
at com.hof.util.RefCodeList$_C.<init>(RefCodeList.java:164)
at com.hof.util.RefCodeList$_C.<init>(RefCodeList.java:137)
at com.hof.util.RefCodeList.initialise(RefCodeList.java:689)
at com.hof.servlet.hofStartup.init(hofStartup.java:111)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1183)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1099)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:989)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4931)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5241)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:630)
at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1842)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

It seems like it's not entirely related to the SSL problems. Yellowfin should still be able to start when the SSL settings aren't configured correctly, you just wouldn't be able to connect to the URL. Are you able to connect to the Yellowfin database from the Yellowfin host with a database management program like DBViz, SQL Workbench, etc.?

You may need to look at rolling back the server to before the certificate was added, check everything starts and then add the new certificate again.

Kind regards,

Chris

photo
1

Hi Matthew,

Hope you're having a good week.

Just wanted to check-in and see how it's all going. Is there anything you are needing from me to help get this resolved?

Kind regards,

Chris

photo
1

I'm still struggling to get things up and running, I've tried restoring back to before the SSL certificate update, but i'm still getting the same problem. I'm trying to troubleshoot the DB connection, but i can't see what the issue is.

photo
1

Hi Matthew,

Are you able to connect to the database from a different database application present on the same server? If we can isolate it to Yellowfin that at least tells us it's not a general networking or environmental problem.

In the yellowfin.log file, are you still seeing that null pointer error?

Kind regards,

Chris

photo
1

Hi Matthew,

Hope you're having a good week.

Just wanted to check-in and see how it's all going. Is there anything you are needing from me to help get this resolved?

Kind regards,

Chris

photo
1

Hi Matthew,


I hope things are going well with you.


Just wanted to let you know I'll be closing this request due to inactivity. However, if you ever wanted to re-visit this or have anything else I can help you with, please let me know.


Kind regards,

Chris

photo
1

It seems the updated SSL certificate might not be properly configured or compatible with your database connection settings. Double-check the SSL settings in your server configuration, ensure the Pokerogue certificate chain is complete, and verify if the database requires specific SSL parameters. It could also help to clear the cache or restart the server to apply the new settings.

Leave a Comment
 
Attach a file