search cancel

After Configuring Spectrum for SSL it now shows "Unable to Contact" in the CAPC data source list


Article ID: 32485


Updated On:


CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps CA Spectrum


After configuring Spectrum to use SSL, while CAPC is not configured to use SSL, the Spectrum data source shows as "Unable to Contact" in the CAPC data source list

In the PCService.log you will see an error that looks like this:

ERROR | qtp559824849-30  | 2015-01-09 12:04:09,957 |  

    | Received WebServiceException from version check for data source Spectrum Infrastructure [email protected]. SSLHandshakeException invoking PKIX path building failed: unable to find valid certification path to requested target. MESSAGE=Could not send Message..  Returning DS_COMM_FAILURE result.



Dx NetOps Performance Management any version

Dx NetOps Spectrum any version running SSL


The Spectrum SSL cert has not been imported into the CAPC keystore


To resolve this issue you must import the Spectrum SSL cert into the CAPC keystore:

After configuring Spectrum to use SSL take the Spectrum  certificate from within $SPECROOT/custom/keystore/cacerts file and move it over to the CAPC server. You can put it in the /opt/CA/jre/lib/security/ directory on the CAPC server 

For Spectrum OneClick:

  1. You should be able to run the following to export the cert: keytool -exportcert -keystore <path to keystore> -storepass <password> -alias <alias_name> -file <filename>.cer 
  2. Now take the filename.cer file and move it over to CAPC



  1. Log on to the CAPC shell
  2. cd /opt/CA/jre/lib/security/
  3. cp cacerts cacerts.orig
  4. cd /opt/CA/jre/bin/
  5. Run the following command to import the Spectrum .cer file from the above section:  
./keytool -keystore /opt/CA/jre/lib/security/cacerts -storepass <password> -alias <alias> -importcert -file <cert name>.cer​

    6. Kick off a full synch of the Spectrum data source

The Spectrum data source should now successfully synch in CAPC