'SSL is used but processed externally' setting in the CSA breaks the ability to run a report in Advanced Reporting


Article ID: 38035


Updated On:


Clarity PPM On Premise



We are unable to navigate to Repository page on a reverse proxy server

Steps to Reproduce:

1. Configure an Apache Reverse Proxy server to route requests to two backend PPM servers running on HTTP
2. Jaspersoft Tomcat running on HTTP
3. Configure a certificate and SSL for the Apache Reverse Proxy
4. In the CSA, configure the setting: "SSL is used but processed externally"
5. Edit the HTTP ENTRY URL for each PPM APP server in the NSA to have the URL of the load balancer:
               https://<Reverse proxy server>:<reverse proxy port>
6. Restart PPM services 
7. Open the URL (of the apache front end): https://<Reverse proxy server>:<reverse proxy port>/niku/
8. Go to "Home" > "Advanced Reporting" - It comes up without any issues 
9. Click on a report. The report window will not come up 
Expected Result: "SSL is used but processed externally" works for running reports in "Advanced Reporting"
Actual Result: "SSL is used but processed externally" breaks the ability to run reports in Advanced Reporting


Database: Oracle, OS: RHEL


Caused by CLRT-79397

Depending on the web browser used, there will be an error in F12 developer tools complaining about mixed content:
For example:
Microsoft IE will not load the page because of the error code SEC7111 described in the following page:
"HTTPS security is compromised by [name of resource]"
Secure Hypertext Transfer Protocol (HTTPS) page also has unsecured (mixed) content 
Do not include unsecured content on a HTTPS page 


Resolved in CA PPM 14.3 Generic Patch #4

Additional Information:

Reference TEC1696455 : PPM 14.3 Generic Patch available to resolve reported issues


Release: ESPCLA99000-14.3-Clarity-Extended Support Plus