Data Aggregator communication test failed - Unable to Contact
search cancel

Data Aggregator communication test failed - Unable to Contact

book

Article ID: 279699

calendar_today

Updated On:

Products

Network Observability CA Performance Management

Issue/Introduction

The Data Aggregator communication test fails and the status is Unable to Contact.

Already applied the steps from KB Data Aggregator and NetOps portal sync failure following upgrade to 22.2 but the problem remains.

The PropValue displayed in the following MySQL query from Portal matches the SsoEncryptionDecryptionKey displayed in DA rest:

mysql> select PropValue,Priority from netqosportal.performance_center_properties where PropName = 'SsoEncryptionDecryptionKey';
mysql> select PropValue,Priority from em.performance_center_properties where PropName = 'SsoEncryptionDecryptionKey';

curl -u admin -v -s -k -X GET http://<Data_Aggregator_IP>:8581/rest/dataaggregator

Search for <SsoEncryptionDecryptionKey><EncryptionKey></SsoEncryptionDecryptionKey>

 

Errors found in the log files:

In the /CA/PerformanceCenter/sso/logs/SSOService.log file:
 
WARN  | qtp1499254226-28         | 2024-02-22 16:09:27,933 | com.ca.im.portal.api.security.Encryption                         
      | Couldn't complete encryption/decryption due to: Error closing stream: 
WARN  | qtp1499254226-28         | 2024-02-22 16:09:27,933 | com.ca.im.portal.common.web.util.AuthInterceptor                 
    | SsoToken is expired or could not be decrypted in request http://<FQHN>:8381/sso/webservices/sar/sar/<Event_Manager_IP> from <Data_Aggregator_IP>
 
In the /CA/PerformanceCenter/EM/logs/EMService.log file:
 
ERROR | pool-6-thread-6          | 2024-02-22 16:09:29,387 | com.ca.im.portal.em.ds.EventProducerPoller                       
      | PollEventProducers
javax.xml.ws.WebServiceException: Could not send Message.
Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with http://<Data_Aggregator_IP>:8581/DataSourceWS
 
WARN  | qtp414228420-25          | 2024-02-22 16:10:53,259 | com.ca.im.portal.api.security.Encryption                         
      | Couldn't complete encryption/decryption due to: Error closing stream: 
WARN  | qtp414228420-25          | 2024-02-22 16:10:53,259 | com.ca.im.portal.common.web.util.AuthInterceptor                 
    | SsoToken is expired or could not be decrypted in request http://<Event_Manager_IP>:8281/EventManager/EventManagerWS.asmx from <Data_Aggregator_IP>
 
In the /CA/PerformanceCenter/DM/logs/DMService.log file:
 
ERROR | pool-4-thread-4          | 2024-02-22 15:54:24,783 | com.ca.im.portal.api.services.datasource.DataSourcePoll          
    | Received WebServiceException from version check for data source Data Aggregator@<Data_Aggregator_IP>.  CAUSE=org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with http://<Data_Aggregator_IP>:8581/DataSourceWS. MESSAGE=Could not send Message..  Returning DS_COMM_FAILURE result.
 
In the /opt/CA/IMDataAggregator/apache-karaf-4.4.3/data/log/karaf.log file:
 
WARN  | EventPush        | 2024-02-22T16:09:08,275 | PhaseInterceptorChain | ache.cxf.common.logging.LogUtils  465 | org.apache.cxf.cxf-core |       | Interceptor for {http://netqos.com/nqevents/EventManager}IEventManagerWSService#{http://netqos.com/nqevents/EventManager}Push has thrown exception, unwinding now
Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: (POST http://<Event_Manager_IP>:8281/EventManager/EventManagerWS.asmx) 401' when communicating with http://<Event_Manager_IP>:8281/EventManager/EventManagerWS.asmx

Environment

DX NetOps Performance Management: 23.3.x / 24.3.x

Cause

Wrong SsoEncryptionDecryptionKey on the DA host.

Resolution

The DA SsoEncryptionDecryptionKey should match the Encryption Decryption Key from SsoConfig.

a) Launch the /opt/CA/PerformanceCenter/SsoConfig on Portal host.

SSO Configuration:
1. DX NetOps
Choose an option > 1

b) Select 1 (DX NetOps)

SSO Configuration/DX NetOps:

  1. LDAP Authentication
  2. SAML2 Authentication
  3. Performance Center
  4. Single Sign-On
  5. Test LDAP
  6. Export SAML2 Service Provider Metadata
  7. Enable FIPS
  8. Performance Center Local Password Authentication
  9. Enable or Disable a user account.

Choose an option > 4

c) Select 4 (Single Sign-On)

SSO Configuration/DX NetOps/Single Sign-On:

Anonymous User Enabled: Disabled
Anonymous User ID: 2
Localhost User Sign-In Page Enabled: Disabled
Localhost User Enabled: Disabled
Localhost User ID: 1
Cookie Timeout Minutes: 20
Encryption Decryption Key: <encryption/decryption_key>
Encryption Algorithm: AES
Failed Sleep Seconds: 3
Remember Me Enabled: Enabled
Remember Me Timeout Days: 15
Scheme: http
Port: 8381
Virtual Directory: sso
Scheme for Data Sources: http
Port for Data Sources: 8381

d) Take note of the Encryption Decryption Key value.

e) Then use the Encryption Decryption Key value to update the SsoEncryptionDecryptionKey value on the DA host:

curl -v -u admin -X PUT -H 'Content-Type: application/xml' -d'<DataAggregatorInfo version="1.0.0"><SsoEncryptionDecryptionKey><Encryption Decryption Key></SsoEncryptionDecryptionKey></DataAggregatorInfo>' http://<Data_Aggregator_IP>:8581/rest/dataaggregator/<DA_ID>

Where <DA_ID> is the value found in the curl -u admin -v -s -k -X GET http://<Data_Aggregator_IP>:8581/rest/dataaggregator

<ID>8</ID>

Powered by Wolken Software