REST-endpoint error messages when actions occur in AWI
search cancel

REST-endpoint error messages when actions occur in AWI

book

Article ID: 251033

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine CA Automic One Automation

Issue/Introduction

When taking certain actions in the AWI when ssl is used by setting sslenabled=1 in the ucsrv.ini file (meaning the REST API is using ssl for communication), there are errors that look like the following.  Examples:

  • When attempting to choose a recipient in a notification object - Can't connect to any REST-endpoint, please check if at least one JCP is running and is reachable via network.
  • When attempting to select a calendar event - Can't connect to any REST-endpoint, please check if at least one JCP is running and is reachable via network.
  • When searching for objects in a Workflow designer - Items could not be retrieved
  • When attempting to delete an object from the Process Assembly - Can't connect to any REST-endpoint, please check if at least one JCP is running and is reachable via network.
  • When attempting to select your product in Telemetry configuration - Product list could not be loaded. At lease one JCP and one JWP are needed for this action.

Environment

Release : 21.0.x

Component: AWI, REST API, JCP

Cause

The AWI and REST API do not have a trusted connection.  During login, the AWI checks with the JCP if the REST API is running, but not necessarily that it has a trusted connection.  This means that when using AWI actions that requires searches of some sort that are done through the REST API, it is unable to communicate with the REST API through a trusted connection which is required when running the REST API with sslenabled=1 set

Resolution

  1. Export the certificate key pair/certificate (with the full chain if applicable, not just the header) with the alias (used in the keyalias setting in the ucsrv.ini file) from the keystore specified in the ucsrv.ini file under the keystore= setting
  2. Take a look at the REST API or JCP log file found in the automation engine's temp directory and look at the path being used for java - this will appear in a line like:
    U00045067 Java installation directory: 'C:\Program Files\Java\jre1.8.0_333'
    You'll need this path for step 3 - in the example above, it will be "C:\Program Files\Java\jre1.8.0_333"
  3. Import the certificate that was created in step 1 above into the java cacerts keystore from step 2 above - usually found in the /lib/security folder
  4. You will also need to import the certificate created in step 1 above into the java cacerts keystore that tomcat uses if you are using tomcat for the AWI, or into the java that the jetty loader AWI uses if that is used
  5. Restart the REST API process and JCP processes
  6. Restart tomcat or the Jetty loader AWI depending on which you are using

Please note that for steps 1, 3 and 4, you may need to get a security or system admin involved to find the best way to export and import certificates from a keystore

Powered by Wolken Software