Unable to get to console after upgrading to PM 22.2.7
search cancel

Unable to get to console after upgrading to PM 22.2.7


Article ID: 264362


Updated On:


DX NetOps CA Performance Management - Usage and Administration


After upgrading NetOps console from ver. 22.2.5 to 22.2.7, we are unable to connect; getting the following error

HTTP ERROR 400 Invalid SNI
URI:/STATUS:400MESSAGE:Invalid SNISERVLET:-CAUSED BY:org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
Caused by:
org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
	at org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:266)
	at org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:207)
	at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:501)




Dx NetOps Performance Management 22.2.7


SNI check fails due the fact that the SSL cert doesn't have a SubjectAlternateName that matched Web Site Host or Web Service Host; in SsoConfig



Launch SsoConfig

a. Open a terminal session on the NetOps Portal host (as root or with the sudo command).
b. Launch SsoConfig by running the ./SsoConfig command in the <installation_directory> directory

- installation_directory
The default installation directory for NetOps Portal.  Default: /opt/CA/PerformanceCenter

c. Choose 1. DX NetOps > 3. Performance Center > 1. Remote Value

 .... and update Web Site Host and Web Service Host to a name that is listed in the SSL cert, under "SubjectAlternateName"

To check the SubjectAlternativeName you could run: /opt/CA/jre/bin/keytool -printcertreq -file <filename>.csr


Create a new keystore and new self signed cert to match what is set in SsoConfig for Web Site Host and Web Service Host



Additional Information

1) The san should contain the system hostname, as well as anyway the system will be accessed (shortname, fqdn, in your case, external name, IP)

2) The SSO Web Service Host SHOULD be the internal Portal machine always.

3) The SSO Web Site Host SHOULD be the external Portal machine name, that you want in URLs like email reports/notifications/etc.