Unable to validate WAAE server in WCC Configuration tab after upgrade to 11.3.6 SP8 CUM1
Article ID: 191443
Updated On:
Products
CA Workload Automation AE - Scheduler (AutoSys)
CA Workload Automation AE
Issue/Introduction
Applied Sp8 Cum 1 and now the WCC Configuration tab wont validate the scheduler. It times out.
This is the error message
I will attach the sp8cum1 install log
This is the error message
I will attach the sp8cum1 install log
Environment
Release : 11.3.6
Component : CA Workload Automation AE (AutoSys)
Resolution
Customer upgraded WAAE to 11.3.6 SP8 CUM1 and as result was unable to validate the AE server in the WCC Configuration panel.
Review of the web server log showed errors that were related to SSL.
DER length more than 4 bytes
Steps to resolve:
- Shutdown WAAE web server.
- Modify the server.xml file for the WAAE webserver to use JKS instead of BCKS for the webserver port
=-=-=-=-=-=-=-=-=-=-=-= ORIGINAL FILE =-=-=-=-=-=-=-=-=-=-=-=
<Connector port="9443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" acceptCount="100"
keystoreType="BCFKS"
keystoreFile="/opt/CA/WorkloadAutomationAE/autouser.SAB/webserver/conf/.keystore"
keystorePass="changeit"
maxThreads="400" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" relaxedQueryChars="|<>"
ciphers="SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" />
=-=-=-=-=-=-=-=-=-=-=-= UPDATED FILE =-=-=-=-=-=-=-=-=-=-=-=
<Connector port="9443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" acceptCount="100"
keystoreType="JKS"
keystoreFile="/opt/CA/WorkloadAutomationAE/autouser.SAB/webserver/conf/.keystore"
keystorePass="changeit"
maxThreads="400" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" relaxedQueryChars="|<>"
ciphers="SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" />
- Start the WAAE Webserver.
- Validate the server. If it validates successfully, check the Agent Inventory to ensure that data is being pulled for the agents.
- If Agent Inventory is blank, then we need to delete the WAAE server from the configuration and redefine it.
- After redefining the server, log out, and log back in to WCC.
- Navigate to Agent Inventory and you should now see the agents listed.
This addresses the issue.
Review of the web server log showed errors that were related to SSL.
DER length more than 4 bytes
Steps to resolve:
- Shutdown WAAE web server.
- Modify the server.xml file for the WAAE webserver to use JKS instead of BCKS for the webserver port
=-=-=-=-=-=-=-=-=-=-=-= ORIGINAL FILE =-=-=-=-=-=-=-=-=-=-=-=
<Connector port="9443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" acceptCount="100"
keystoreType="BCFKS"
keystoreFile="/opt/CA/WorkloadAutomationAE/autouser.SAB/webserver/conf/.keystore"
keystorePass="changeit"
maxThreads="400" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" relaxedQueryChars="|<>"
ciphers="SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" />
=-=-=-=-=-=-=-=-=-=-=-= UPDATED FILE =-=-=-=-=-=-=-=-=-=-=-=
<Connector port="9443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" acceptCount="100"
keystoreType="JKS"
keystoreFile="/opt/CA/WorkloadAutomationAE/autouser.SAB/webserver/conf/.keystore"
keystorePass="changeit"
maxThreads="400" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" relaxedQueryChars="|<>"
ciphers="SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" />
- Start the WAAE Webserver.
- Validate the server. If it validates successfully, check the Agent Inventory to ensure that data is being pulled for the agents.
- If Agent Inventory is blank, then we need to delete the WAAE server from the configuration and redefine it.
- After redefining the server, log out, and log back in to WCC.
- Navigate to Agent Inventory and you should now see the agents listed.
This addresses the issue.
Feedback
Yes
No
Powered by
