After enabling the SSL on the OneClick web server with a self-signed certificate, the Spectrum Data Source test fails in the Performance Management Portal.
These two files in the OneClick web server are properly configured:
$SPECROOT/tomcat/conf/server.xml file
$SPECROOT/tomcat/webapps/axis2/WEB-INF/conf/axis2.xml file
You can set either HTTP, or HTTPS, or both in the axis2.xml file:
<transportReceiver name="http"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8080</parameter>
</transportReceiver>
<transportReceiver name="https"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8443</parameter>
</transportReceiver>
Use ports 80 and 443 in the Windows environment.
Release : All Supported Releases
Component : IM Reporting / Admin / Configuration
The OneClick SSL certificates and any intermediate certificates have not been imported to the following file on the Performance Management Portal host: /opt/CA/jre/lib/security/cacerts.
Here are the steps to export the OneClick SSL certificate from the OneClick web server machine:
1. On the OneClick server machine, open a bash shell (bash -login)
2. Navigate to the $SPECROOT/Java/bin/ directory
3. Run the following syntax:
$ ./keytool -export -keystore ../../custom/keystore/cacerts -alias tomcatssl -file OCServer.cer (Linux)
$ ./keytool.exe -export -keystore ../../custom/keystore/cacerts -alias tomcatssl -file OCServer.cer (Windows)
4. Enter the keystore password: (which is "changeit" without quotes)
5. The following message is displayed:
Certificate stored in file <OCServer.cer>
6. Copy the $SPECROOT/Java/bin/OCServer.cer file from the OneClick web server machine to the /opt/CA/jre/lib/security/ directory of the Performance Management Portal machine.
Here are the steps to import the OneClick SSL certificate on the Performance Management Portal machine:
7. On the Portal (Performance Management Portal) machine, navigate to the /opt/CA/jre/lib/security/ directory.
$ cd /opt/CA/jre/lib/security/
8. Make a backup/copy of the current /opt/CA/jre/lib/security/cacerts file.
$ cp cacerts cacerts.ori
9. Navigate to the /opt/CA/jre/bin/ directory.
$ cd /opt/CA/jre/bin/
10. Run the following command to import the OCServer.cer certificate into the cacerts file:
$ ./keytool -importcert -alias tomcatssl -file ../lib/security/OCServer.cer -keystore ../lib/security/cacerts
Supply the password "changeit" (without quotes)
Type yes to confirm.
11. Go to the Performance Management Portal and test the Spectrum Data Source with HTTPS.
12. Save the change.
Spectrum and Portal integration - Data source test failed, Communication with the data source failed
https://knowledge.broadcom.com/external/article?articleId=202988
axis2.xml format error ">" breaks Netops Spectrum-NetOps Portal integration
https://knowledge.broadcom.com/external/article?articleId=221146
Troubleshooting (in case you get the following error in Spectrum Data Source test):
Error Message: Data Souce Test Failed
Communication with data source failed.
1. From a browser open the following URLs to check the axis2 service:
http://<OneClick_FQDN>/axis2/services/DataSourceWS?wsdl
https://<OneClick_FQDN>:443/axis2/services/DataSourceWS?wsdl
2. From the PC host run the following curl syntaxes:
# curl -v -k http://<OneClick_FQDN>/axis2/services/DataSourceWS?wsdl
# curl -v -k https://<OneClick_FQDN>:443/axis2/services/DataSourceWS?wsdl
Expected output:
< HTTP/1.1 200
< Content-Type: text/xml
< Transfer-Encoding: chunked
< Date: Fri, 08 Apr 2022 11:30:55 GMT
< Proxy-Connection: Keep-Alive
< Connection: Keep-Alive
3. Review the PCService.log file (/opt/CA/PerformanceCenter/PC/logs):
# cat PCService.log | grep <OneClick_FQDN>
One example:
| Test DataSource: Spectrum Infrastructure Manager@<OneClick_FQDN>
| Received WebServiceException from version check for data source Spectrum Infrastructure Manager@<OneClick_FQDN>. CAUSE=java.net.SocketTimeoutException: SocketTimeoutException invoking https://<OneClick_FQDN>:443/axis2/services/DataSourceWS: connect timedout. MESSAGE=Could not send Message.. Returning DS_COMM_FAILURE result.
4. Run the following curl and nc syntaxes on DA host:
# curl -v -k http://<OneClick_FQDN>/axis2/services/DataSourceWS?wsdl
# curl -v -k https://<OneClick_FQDN>:443/axis2/services/DataSourceWS?wsdl
# nc -z -v <OneClick_FQDN> 80
# nc -z -v <OneClick_FQDN> 443
Some examples:
# curl -v -k https://<OneClick_FQDN>:443/axis2/services/DataSourceWS?wsdl
* About to connect() to example.net port 443 (#0)
* Trying 10.xx.yy.zz...
* Connection timed out
* Failed connect to <OneClick_FQDN>:443; Connection timed out
* Closing connection 0
curl: (7) Failed connect to <OneClick_FQDN>:443; Connection timed out
# nc -z -v <OneClick_FQDN> 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 10.xx.yy.zz:80.
Ncat: 0 bytes sent, 0 bytes received in 0.04 seconds.
# nc -z -v <OneClick_FQDN> 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connection timed out.
Open port 443 between DA and OneClick host on the firewall.