Solutions

Unable to parse product versions for comparison error after restarting AM/OpenAM (All versions)

Last updated Nov 22, 2019

The purpose of this article is to provide assistance if you encounter "Unable to parse product versions for comparison" error in a non-upgrade scenario. Typically this occurs after restarting the web application container (for example, Apache Tomcat™) in which AM/OpenAM runs.


Symptoms

The AM/OpenAM server does not start after restarting the web application container or you cannot log in to the console.

An error similar to the following is shown in the web application container log (for example, catalina.out for Tomcat) when this happens:

amUpgrade:09/10/2019 03:48:28:285 PM BST: Thread[http-nio-8180-exec-4,5,main]: TransactionId[023449de-60cf-49fd-fa18-965a4853b1b97-1]
ERROR: Unable to parse product versions for comparison; Current: null war: ForgeRock Access Management 6.5.1 Build 24e379e3e1 (2019-April-05 09:02)
org.forgerock.openam.upgrade.UpgradeException: Unable to parse product versions for comparison. Current: null war: ForgeRock Access Management 6.5.1 Build 24e379e3e1 (2019-April-05 09:02)

You may also see the following in the web application container log just before the "Unable to parse product versions for comparison" error:

amSetupServlet:09/10/2019 03:47:01:588 PM BST: Thread[localhost-startStop-1,5,main]: TransactionId[023449de-60cf-49fd-fa18-965a4853b1b97-0]
ERROR: AMSetupServlet.checkConfigProperties
java.io.IOException: Can't open boot keystore
   at com.sun.identity.setup.BootstrapData.readBootJson(BootstrapData.java:165)
   at com.sun.identity.setup.BootstrapData.<init>(BootstrapData.java:132)
   at com.sun.identity.setup.AMSetupServlet.checkConfigProperties(AMSetupServlet.java:332)
   at com.sun.identity.setup.AMSetupServlet.init(AMSetupServlet.java:215)
...
Caused by: java.security.KeyStoreException: Exception trying to fetch key with alias dsameUserPwd
   at org.forgerock.openam.utils.AMKeyProvider.getSecret(AMKeyProvider.java:564)
   at com.sun.identity.setup.BootstrapData.readBootJson(BootstrapData.java:162)
   ... 19 more

Recent Changes

Restarted the web application container in which AM/OpenAM runs.

Modified the keystore. 

Imported a certificate into the truststore used by AM/OpenAM.

Enabled SSL for existing AM/OpenAM installation. 

Causes

AM cannot connect to the configuration store. This can happen for a number of reasons, including (but not limited to):

  • Certificate files are missing, corrupt or contain out-of-date information.
  • SSL is not configured properly and is failing. 
  • AM/OpenAM URL has not been updated in the boot.json file to reflect the scheme change from HTTP to HTTPS after enabling SSL for an existing installation. 
  • The configuration store is not up and running.
Note

There are two other known causes for this error that can occur when you try to upgrade AM/OpenAM to a later version:

Solution

This issue can be resolved by restoring the connection to the configuration store as follows depending on your cause:

See Also

AM/OpenAM (All versions) upgrade fails when com.iplanet.am.version is empty or corrupted

LDAP connection fails with No subject alternative DNS name matching error in AM 5.1.x, 6.x and DS 5.5.1, 5.5.2, 6.x

How do I import a certificate into the truststore used by AM/OpenAM (All versions) for SSL?

Attempting to access AM/OpenAM (All versions) fails with ConfigurationException: Configuration store is not available

Setup and Maintenance Guide › Setting Up Keys and Keystores

Related Training

N/A

Related Issue Tracker IDs

OPENAM-14771 (Multi Server deployment documentation is unclear if using the default keystore.jceks)

OPENAM-12598 (Replacing the keystore.jceks file from a previous deployment without the storepass file will result in a version parsing error - which could be more descriptive)



Copyright and TrademarksCopyright © 2019 ForgeRock, all rights reserved.

Recommended Books

Loading...