search cancel

After adding a self-signed HTTPS cert, Operator Console is not loading for some users

book

Article ID: 215066

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

After successfully, adding self-signed HTTPS certs, some users are experiencing this problem.
They can log in, but pages with CABI dashboards don't load.  The spinning graphic is displayed.  In some cases, a timeout is reached and 'Data Access Error, Dashboard failed to load' is displayed.

Cause

After adding the self-signed HTTPS certs, the browsers used in tested had both certs (OC and CABI) added as exceptions.  When a new user logs into OC, they add the OC cert as an exception.  Then after successfully logging in, each of the CABI dashboards and reports fails to load because the cert for the CABI server has not been added as an exception.

Environment

Release : 20.33,20.4 (All OC components)
                20.3.3/20.4 (for OC Dashboards and Reports components)

Component : UIM OPERATOR CONSOLE - DASHBOARDS/DESIGNER

Resolution

This issue is related to OC / CABI servers configured with self signed certificates.  This is due to a limitation on how browsers handle self-signed certificates.

Option 1

  1. Open the CABI page directly on the browser this user will use.
  2. You will see a security message related to certificate but are able to accept the certificate.
  3. Add exception and save the certificate
  4. After this on logging to UMP you should be able to load the CABI summary dashboard page 

     This is a one time procedure and each user will need to do this on their browser.

Option 2

      In scenarios where above steps do not resolve the issue and browsers report 'NET::ERR_CERT_AUTHORITY_INVALID Error', the solution is to deploy CA Auth Signed certificates

Additional Information

This is mentioned in the CABI Installation documentation in the Troubleshooting section:

  • If HTTPS for CABI is configured with a self-signed certificate or invalid certificate, then Operator Console may not load CABI page successfully.
    • As a temporary resolution, you may open the CABI URL (https://<cabirobot_IP>:<port>/cabijs and https://<cabirobot_hostname>:<port>/cabijs) and accept the exception and then open the Operator Console. Or add the certificate as a trusted certificate in the system cert store or browser cert store as appropriate.