UIM 20.3 - OC using http when configured for https
search cancel

UIM 20.3 - OC using http when configured for https

book

Article ID: 205228

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

OC, cabi_external probe, and cabi server are all configured for https, yet it is using http. 

Via browser developer tools it shows: 

"Mixed contents: The page at 'https://xxxxxx/operatorconsole_portlet/overview' was loaded over HTTPS, 
but requested an insecure script 'http://<cabi_external.server>/jasperserver-pro/client/visualize.js'. 
This request has been blocked; the content must be served over HTTPS."

This issue can manifest itself with the below errors when trying to open the Home or Reports tabs.  The following error message can be seen:

Data Access Error
The data required for this page is not currently available.

Environment

Release : 20.3

Component : UIM - OPERATOR CONSOLE

Resolution

Set/Enable HSTS Filter in Operator Console
For setting/enabling the secure flag for the cookie in Operator Console.
Follow these steps:

  1. Open the following file for editing:
    <OC robot>$/Nimsoft/probes/service/wasp/webapps/ROOT/WEB-INF/web.xml.
  2. Search for      <filter-name>HeaderSecurityFilter</filter-name>
    This will appear twice.  The changes should be added to the first instance.
  3. Add below init-parm parameter in bottom of filter
    <init-param>
            <param-name>hstsMaxAgeSeconds</param-name>
            <param-value>31536000</param-value>
    </init-param>
    <init-param>
            <param-name>hstsIncludeSubDomains</param-name>
            <param-value>true</param-value>
    </init-param>  
  4. Restart WASP  

Additional Information

The same can be done for AC. 

Set/Enable HSTS Filter in Admin Console
For setting/enabling the secure flag for the cookie in Admin Console.

Follow these steps:

  1. Open the following file for editing:
    <AC primary hub robot>$/Nimsoft/probes/service/wasp/webapps/ROOT/WEB-INF/web.xml.
  2. Search for      <filter-name>HeaderSecurityFilter</filter-name>
    This will appear twice.  The changes should be added to the first instance.
  3. Add below init-parm parameter in bottom of filter
    <init-param>
            <param-name>hstsMaxAgeSeconds</param-name>
            <param-value>31536000</param-value>
    </init-param>
    <init-param>
            <param-name>hstsIncludeSubDomains</param-name>
            <param-value>true</param-value>
    </init-param>  
  4. Restart WASP

Attachments

Powered by Wolken Software