Smarts NCM: HTTP connections to port 8881 fail in NCM 9.x
search cancel

Smarts NCM: HTTP connections to port 8881 fail in NCM 9.x

book

Article ID: 331293

calendar_today

Updated On:

Products

VMware Smart Assurance

Issue/Introduction

Symptoms:


NCM API calling code can no longer connect to the NCM API.

NCM API calling code that uses an HTTP connection on port 8881 to access the NCM API successfully under NCM 4.x can no longer connect to the API in NCM versions 9.x or newer.

Environment

VMware Smart Assurance - NCM

Cause

NCM versions 9.x or newer redirect all connections on port 8881 (HTTP - unsecure) to port 8880 (HTTPS - secured via SSL). This effectively deprecates all HTTP connections to the NCM API in favor of HTTPS connections. 

In the EMC NCM Application Programming Interface (API) Programmer's Guide (NCM 9.2 version referece: Page 28, Step 3) a Perl script connection example is shown as follows:

3. SOAP: Lite needs to know the web service s target URL, and default namespace.

$soap_proxy = 'https://'.$soap_user.':'.$soap_pw.'@'.
$soap_host.':8880/ws/api/<voyence-api-version>/services/ApiService'
;
$soap_uri = 'https://api.common.configmgr.powerup.com'.

In the example cited above, port 8880 is now specified due to the redirection of port 8881 traffic to port 8880 in NCM version 9.x or newer. This is the most common reason for connection errors when API calling code that is functional with NCM 4.x attempt to connect to the 9.x version or newer NCM API (ex., when attempting to access WSDL on port 8881).

 

Resolution

Implement HTTPS (SSL) client-side connection functionality in the API calling code.

The methods of establishing an SSL connection from a client script or program vary by security options desired and language employed. For example, if the calling code is written in Java, the calling code may have to employ its own keystore, which may require the NCM SSL certificate to be imported into the API calling code's keystore (see Knowledge Base article 000169663 - Smarts NCM or Voyence Control: How to use a non-EMC SSL keystore to establish a secure connection to the NCM API). A selected language may also be capable of negotiating an SSL connection without requiring the client to validate the server certificate.

Settings, support requirements, and compatability of all external, API calling code lies outside of normal contractual support boundaries for the NCM product. Please refer to documentation, help and support links and contacts for the publisher of the external language for further assistance with establishing a client-side SSL connection if needed.