Problem

-- After installing 7.4.1 SP1 onto a gateway running in FIPS mode, the nodemanager and instance fail to start with errors similar to the following:

axway@apigateway-instance-741:/Axway/apigateway/posix/bin> ./nodemanager -d
Starting in FIPS mode, checking license... valid
java.lang.ExceptionInInitializerError
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:264)
at com.vordel.jce.adapters.entrust.EntrustJCEAdapter.isAvailable(EntrustJCEAdapter.java:59)
at com.vordel.jce.JCEProvider.getAdapter(JCEProvider.java:33)
at com.vordel.jce.JCEProvider.initialize(JCEProvider.java:87)
at com.vordel.dwe.Service.<clinit>(Service.java:221)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Caused by: java.lang.SecurityException: Self-Integrity Check FAILED
at com.entrust.toolkit.security.provider.g.a(Unknown Source)
at com.entrust.toolkit.security.provider.Initializer.checkToolkitIntegrity(Unknown Source)
at com.entrust.toolkit.security.provider.Entrust.<init>(Unknown Source)
at com.entrust.toolkit.security.provider.Entrust.<clinit>(Unknown Source)
... 8 more
Caused by: java.lang.SecurityException: META-INF/MANIFEST.MF is not signed by the specified signer.
at com.entrust.toolkit.security.provider.c.a(Unknown Source)
... 12 more
service failed to start

Resolution

* FIPS mode must be temporarily disabled prior to installing SP1. Run togglefips to turn FIPS mode off, then start the nodemanager so that the FIPS JARs are moved to the correct locations. Then you can install SP1 according to the release notes. After installation, you can once again togglefips and start up to have it move the JARs.