Login Enterprise 4.6.5 - HTTP ERROR 500

identityserver container which runs as user loginenterprise (uid=999) in 4.6.5 is unable to write a new data protection key/cert (renews every 3 months) to the /loginvsi/settings/dataprotection folder if the folder was previously created by root user (prior to 4.6.5).

mceclip0.png

This results in a HTTP ERROR 500 response when browsing the Enterprise web console.

mceclip1.png

Customers will begin to run into this issue when their existing data protection key/cert expires and the identityserver container is restarted.

mceclip2.png

mceclip3.png

The solution is to give folder ownership of /loginvsi/settings/dataprotection to user loginenterprise (uid=999) and restart the identityserver container. You can use the following command to change the ownership of the folder.

chown -R 999:loginenterprise /loginvsi/settings/dataprotection