Collected GenericController/GE logs from /opt/CA/CAMM/GE_*/logs/*log directory. They show these messages:
Nov 15, 2024 12:03:51 PM com.torokina.tim.communication.protocol.security.TimSecureSslContextFactory getKeyStoreDetails
WARNING: KeyStore config file does not exists at::/opt/CA/CAMM/GE_root/Keystore_Details.xml
Nov 15, 2024 12:03:51 PM com.torokina.tim.communication.protocol.security.TimSecureSslContextFactory
INFO: Initializing SSLContext with default context
Nov 15, 2024 12:03:51 PM com.torokina.tim.runner.daemon.TimAppDaemon startApp
SEVERE: No content data
Nov 15, 2024 12:03:52 PM com.torokina.tim.runner.daemon.TimAppDaemon$TimAppDaemonHandler exceptionCaught
SEVERE: Execption occurs on daemon handler
javax.net.ssl.SSLHandshakeException: Received fatal alert: unsupported_certificate
All supported DX NetOps Mediation Manager releases on Red Hat release 9.x
This is due to an SSL issue with the keystore from the java code. By default DX NetOps MM components communicate over SSL, and this cannot be disabled.
The current certs provided in the keystore use a weak signature algorithm.
The most current OS's, like the Red Hat 9.x release in use here, no longer support weak signature algorithms.
Engineering provided the following workaround. It has us configure a stronger signature algorithm for the self-signed certificates generated in the keystore file for DX NetOps MM components and their communication over SSL.
Points #1 and #2 will help to generate a keystore with a self-signed certificate.
Point #3 will help to configure the same to communicate DX NetOps MM components over SSL.
Follow the steps in page Enable HTTPS for Non-SNMP Monitoring
Note: If you are running multiple LC's and MC's then the above steps has to be followed for all CAMM hosts.