After enabling HTTPS in Portal and Data Aggregator (DA), data is no longer appearing in Dashboards
search cancel

After enabling HTTPS in Portal and Data Aggregator (DA), data is no longer appearing in Dashboards

book

Article ID: 381744

calendar_today

Updated On:

Products

Network Observability CA Performance Management

Issue/Introduction

After enabling HTTPS in Portal and DA using self-signed certificates, data is no longer appearing in Dashboards.

The DA can also appear simultaneously as available in the NetOps Portal -> Administration -> Data Sources page but show as "Synchronization Failed" in the System Status page.

Environment

DX NetOps CAPM all currently supported releases

Cause

Checking in /opt/CA/PerformanceCenter/DM/logs/DMService.log, we see the following errors:

ERROR | RIB/Engine        | 2024-11-12 07:36:37,816 | com.ca.im.rib.engine.sources.VersionFilter

   | Error occurred while validating RIB source version - will retry version check shortly

     Source: {Data Aggregator@192.168.0.1 @ https://192.168.0.1:8582/rib}

org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://192.168.0.1:8582/rib/version": Certificate for <192.168.0.1> doesn't match any of the subject alternative names: [da-server1.com, da-server2.com, da-server3]; nested exception is javax.net.ssl.SSLPeerUnverifiedException: Certificate for <192.168.0.1> doesn't match any of the subject alternative names: [da-server1.com, da-server2.com, da-server3]

    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:791) ~[spring-web-5.3.28.jar:5.3.28]

...
...
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <192.168.0.1> doesn't match any of the subject alternative names: [da-server1.com, da-server2.com, da-server3]

    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient-4.5.13.jar:4.5.13]

...

 

So the cause of the issue is that in the DA setup in Portal -> Administration -> Data Sources page, the host is set with the IP address (in the example above - 192.168.0.1), instead of the Fully Qualified Domain Name (FQDN) used in the self-signed certificate. 

Resolution

Change the setting for the DA in the Data Sources setup to the FQDN for the DA host.

You can use either the hostname or nslookup <IP_ADDRESS> to show the FQDN of the DA.  In the example above, this is - da-server2.com,

After you save, the DA should become fully available with data showing again in the dashboards.

Powered by Wolken Software