AIQUM 集群采集失败，出现 trustanchor 错误

最后更新
另存为PDF

Views:

Visibility:: Public

Votes:: 0

Category:: active-iq-unified-manager

Specialty:: om

Last Updated:

适用于

Active IQ Unified Manager (AIQUM) 9.16 和 9.18
OVA 和 Linux 平台

问题

AIQUM webUI 可用，集群设置页面显示集群绿色，但集群的采集不起作用。
AIQUM 采集服务无法连接，出现 trustanchor 错误。
au.log 显示：
- 2026-03-25 07:53:45,281 INFO [main] c.o.s.a.f.m.CommunicationManager (CommunicationManager.java:420) - Could not communicate with the server; will retry in 10000ms
  
  2026-03-25 07:53:55,281 INFO [main] c.o.s.a.f.m.CommunicationManager (CommunicationManager.java:441) - Attempting to verify server at: https://localhost:443
  
  2026-03-25 07:53:55,286 WARN [main] c.o.s.a.f.m.CommunicationManager (CommunicationManager.java:454) - server unreachable for https://localhost:443 java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
  
  at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) ~[?:?]
  
  at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120) ~[?:?]
  
  at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104) ~[?:?]
  
  at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:99) ~[?:?]
  
  at sun.security.validator.Validator.getInstance(Validator.java:181) ~[?:?]
  
  at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:300) ~[?:?]
  
  at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:176) ~[?:?]
  
  at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:189) ~[?:?]
  
  at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[?:?]
  
  at sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341) ~[?:?]
  
  at sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232) ~[?:?]
  
  at sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175) ~[?:?]
  
  at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[?:?]
  
  at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443) ~[?:?]
  
  at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421) ~[?:?]
  
  at sun.security.ssl.TransportContext.dispatch(TransportContext.java:189) ~[?:?]
  
  at sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) ~[?:?]
  
  at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1511) ~[?:?]
  
  at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1421) ~[?:?]
  
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:456) ~[?:?]
  
  ... 13 more
  
  Wrapped by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
  
  at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:102) ~[?:?]
root@aiqum: file /opt/netapp/essentials/jboss/server/onaro/cert/server.truststore
- - 输出显示 "data" 或其他内容，而不是 "Java Keystore"