Create Viptela Plugin message The protocol specified is incorrect
search cancel

Create Viptela Plugin message The protocol specified is incorrect

book

Article ID: 246287

calendar_today

Updated On:

Products

CA Virtual Network Assurance

Issue/Introduction

Messages:

The protocol specified is incorrect

AAAA-MM-DD HH:MM:SS,301 WARN  (default task-5)  [PLUGIN_SYSTEM] PluginConfiguration 74  An error occurred processing the provided plugin config

AAAA-MM-DD HH:MM:SS,302 WARN  (default task-5)  [PLUGIN_SYSTEM] PluginResource 240  Failed to convert json to configuration object for plugin configuration service: com.ca.em.sdn.gateway.broker.plugins.PluginConfigConversionException: Unexpected character ('4' (code 52)): was expecting double-quote to start field name
 at [Source: (String)"{"PLUGIN_CONFIG": {

  431      "DEVICE_MODEL_PATTERN_VS_OOBM_V"[truncated 787 chars]; line: 2, column: 4]
 at deployment.core-21.2.10-RELEASE.war//com.ca.em.sdn.gateway.broker.plugins.PluginConfiguration.convertJsonToPluginConfiguration(PluginConfiguration.java:76)

curl command output:

[[email protected] ~]# curl -v --user j_username:j_password -X GET https://<host>:<port>/dataservice/j_security_check

 j_username = VMANAGE_USER_NAME
j_password = VMANAGE_PASSWORD

Results:
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying 10.150.48.80...
* TCP_NODELAY set
* Connected to 10.150.48.80 (10.150.48.80) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS alert, bad certificate (554):
* SSL certificate problem: EE certificate key too weak
* Closing connection 0
curl: (60) SSL certificate problem: EE certificate key too weak
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

 

Environment

Release : 21.2

Component : Virtual Network Assurance For CA Performance Management

Cause

The RHEL 8.x have implemented strong crypto policy at the OS layer

Resolution

The VNA request “DEFAULT” in the crypto-policies when creating the plugin so you need to run this command:

update-crypto-policies --set DEFAULT

See more on site
 
Also review the certificate trust chain and make sure all certs are imported in to the CAfile: /etc/pki/tls/certs/ca-bundle.crt
 
Powered by Wolken Software