identityserver container which runs as user loginenterprise (uid=999) in 4.6.5 is unable to write a new data protection key/cert (renews every 3 months) to the /loginvsi/settings/dataprotection folder if the folder was previously created by root user (prior to 4.6.5).
This results in a HTTP ERROR 500 response when browsing the Enterprise web console.
Customers will begin to run into this issue when their existing data protection key/cert expires and the identityserver container is restarted.
The solution is to give folder ownership of /loginvsi/settings/dataprotection to user loginenterprise (uid=999) and restart the identityserver container. You can use the following command to change the ownership of the folder.
chown -R 999:loginenterprise /loginvsi/settings/dataprotection
Comments
1 comment
We did have 500 error but we were locked out of our appliance. We had to revert to snapshot to get around that issue. The issue you are stating in this article is actually a 400 error. The changing of ownership of the folder fixed our 400 error.
This page isn’t working
If the problem continues, contact the site owner.
HTTP ERROR 400
Please sign in to leave a comment.