NAC and NES Custom Certificate problems after 6.7.0.b398

book

Article ID: 210802

calendar_today

Updated On:

Products

CA Release Automation - Release Operations Center (Nolio)

Issue/Introduction

After applying 6.7.0.b398, the Nolio Management and Execution Server(s) are not using the custom certificates previously configured. 

Cause

The 6.7.0.b398 cumulative patch includes a fix for an expired certificate - as outlined in the Release Notes found here: Release Notes for 6.7.3

As a part of the fix it replaces the server.xml file.

Environment

Release : 6.7

Component : CA RELEASE AUTOMATION CORE

Resolution

Update the conf/server.xml to reflect your desired values for: keystoreFile, sslEnabledProtocols, keyAlias and keystorePass.

The information in the "Additional Information" section can help you find previous values. 

These entries need to be updated on the NAC and NES. After the entries have been updated you will need to stop and start Nolio Services.

Additional Information

When applying patches, a backup of some files get created in the folder: /path/to/ReleaseAutomationServer/patchBackup

On the NAC, a copy of the server.xml file is available. 

The server.xml does not get backed up when the patch is applied to the NES. 

If the server was upgraded from 6.6 to 6.7 then you will be able to find a copy of the server.xml in a backup that gets created during the upgrade. 

Example of upgrade backup filename: /path/to/ReleaseAutomationServer/config_backup_<epochTimestamp>.zip

If you want to extract this file then you should create a temporary directory, copy the .zip file to the temporary directory, extract the zip find in the temporary directory. Otherwise, the .zip file may try to extract its contents where it resides and might try to overwrite the newer files with older files.