After upgrading to 22.2.7 we get ERR_CONNECTION_REFUSED in a web browser when connecting to the Portal.
Also, if you launch /opt/CA/PerformanceCenter/SsoConfig
You will see the following exception
SSO Configuration/DX NetOps/Performance Center:
Apr 13, 2023 4:37:37 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
WARNING: Interceptor for {http://netqos.com/SingleSignOnWS}SingleSignOnWSSoapService#{http://netqos.com/SingleSignOnWS}GetPropertyLevel has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.
...SNIP...
Caused by: java.net.ConnectException: ConnectException invoking https://portalHostname:8182/pc/center/webservice/sso?WSDL: Connection refused (Connection refused)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
<truncated>
Cannot connect the to DX NetOps SSO Web Service.
Check if DX NetOps is running and retry.
The installation was successful, had no errors, and all services are running.
DX NetOps Performance Management upgrading to the 22.2.7 release from any version
You will hit this issue if you have configured HTTPS and have installed it in a non-default directory.
Defect
There are two paths for this depending on if you have a backup of your keystores (jetty and cacerts) or not:
1. No backups:
Unfortunately, in this scenario, the only solution will be to revert to HTTP and then set up HTTPS fresh.
a. Revert to HTTP using SslConfig:
Revert NetOps Portal to Using HTTP
b. Set up NetOps Portal to use HTTPS using SslConfig
Enable HTTPS for NetOps Portal
c. If necessary, convert the self-signed certificate to a CA-signed certificate using a CSR
Set Up a CA-Signed Certificate for NetOps Portal Converted from a Self-Signed Certificate
2. Have a backup of ../jre/lib/security/cacerts & ../PerformanceCenter/jetty/etc/keystore
a. Revert to HTTP using SslConfig:
Revert NetOps Portal to Using HTTP
b. Set up NetOps Portal to use self-signed certs (temporarily) using SslConfig. You MUST use the same password for the Jetty and cacerts keystores that is already used
Enable HTTPS for NetOps Portal
c. Stop services
systemctl stop caperf*
d. Restore the backed-up keystores:
cp <backup_dir>/cacerts <install_dir>/CA/jre/lib/security/cacerts
cp <backup_dir>/keystore <install_dir>/PerformanceCenter/jetty/etc/keystore
e. Restart services
systemctl start caperfcenter_sso caperfcenter_eventmanager caperfcenter_devicemanager
systemctl start caperfcenter_console
The engineering team will be addressing this issue in DE563615