After upgrading CA Performance Center(CAPC) running SSL to 2.7 GA, CAPC is inaccessible
Article ID: 36515
Updated On:
Products
Issue/Introduction
Symptoms:
After upgrading CA Performance Center(CAPC) running SSL to 2.7 GA, CAPC is inaccessible
After upgrading PC and SSO services are setup to run on 8181 and 8381.
The /opt/CA/PerformanceCenter/InstallLogs/Performance_Center_Install_<timestamp>.log for CAPC
has the following errors:
Looking up jetty keystore name (default 'keystore')
Checking if '/opt/CA/PerformanceCenter/PC/start.d' exists
Found jetty 8 configuration
Parsing '/opt/CA/PerformanceCenter/PC/etc/jetty-ssl.xml'
Exception while parsing jetty keystore name: www.eclipse.org
Found keystore name: 'keystore'
Setting keystore name 'keystore' to variable JETTY_SSL_KEYSTORE_NAME
Setting truststore name 'keystore' to variable JETTY_SSL_TRUSTSTORE_NAME
Setting ssl enabled = 'false' to variable JETTY_SSL_ENABLED
Environment:
Linux
Upgrading to PM 2.7
SSL configured
CAPC does not have access to the internet
Cause:
Problem Ticket: DE50760
The r2.7 GA kit does not correctly parse the jetty-ssl.xml file, so it determines that SSL
is not enabled and configures the system for HTTP.
The CAPC machine does not have external access to load files from the internet. The XML
parser attempts to load the URL in the jetty-ssl.xml file to validate the xml and fails.
Workaround:
If you have upgraded and are in the misconfigured state, manually configure SSL based on the
2.7 online documentation.
PC:
SSO:
To verify if you may run into this issue and need to use the workaround above run:
cd /tmp
wget http://www.eclipse.org/jetty/configure.dtd
This will attempt to download the http://www.eclipse.org/jetty/configure.dtd file.
If this fails, you will need to re-apply the SSL configuration steps after upgrading as described in the 2.7 documentation referenced above.
Resolution:
This is currently scheduled to be fixed in the 2.7 February Maintenance Release.
Environment
Component:
Feedback
