Hitachi Ops Center​

 View Only

 I have Installed Ops center and Ops center Administrator, I tried to add ops center administrator to the Ops center Automator the error pops up " KNAE02137-E Connection test failed. (detail information: java.lang.RuntimeException: Unexpected error: java.s

  • Hitachi Ops Center
  • Hitachi Ops Center
Mandeep Singh's profile image
Mandeep Singh posted 03-03-2020 14:11

I have created implemented OVA files for Ops center and Ops Center Administrator. while i try to add Ops center Administrator to Ops center Automator the error pops up "KNAE02137-E Connection test failed. (detail information: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty)"


#HitachiOpsCenter
storage gespag's profile image
storage gespag

Hi Mandeep,

 

I had a similar issue but with self installation. The setupcommonservice command in the install.sh script of the Ops Center Administrator uses the IP Address for the Connection. In our case the TLS certificates don't have the IP in the SSL certs Common Name, and then the connection is not trusted. We used the setupcommonservice command with different attributes than the installer to join the Administrator to the Common Service.

./setupcommonservice --csUri https://commonservice.fqdn.domain/portal --csUsername adminuser --csPassword ******** --applicationHostAddress administrator.fqdn.domain --applicationPort 443 --applicationName Administrator --applicationDescription 'Description'

Best Regards

Gerhard Sulzberger

Albert Tan's profile image
Albert Tan

Hi Mandeep, is your problem resolve with the answer above?

 

Albert

Ramanuja Dore's profile image
Ramanuja Dore

here is the quick setup that you need to , to make sure connection between automator and administrator works

1. Login to Administrator

2. Create file vi /tmp/openssl.conf - copy the following:

Fill in IP and common name respectively

 

[req]

default_bits = 4096

default_keyfile = openssl.key

distinguished_name = req_distinguished_name

req_extensions = req_ext

x509_extensions = v3_ca

[req_distinguished_name]

countryName = US

countryName_default = US

stateOrProvinceName = Oklahoma

stateOrProvinceName_default = Oklahoma

localityName =Norman

localityName_default = Norman

organizationName = localhost

organizationName_default = localhost

organizationalUnitName = COE

organizationalUnitName_default = COE

commonName = administrator

commonName_default = localhost

commonName_max = 64

[req_ext]

subjectAltName = @alt_names

[v3_ca]

subjectAltName = @alt_names

[alt_names]

IP = xx.xx.xx.xx

DNS.1 = administrator

DNS.2 = xxxxxxxxxx

DNS.3 = xx.xx.xx.xx

# cd /tmp/

# openssl req -x509 -newkey rsa:4096 -nodes -keyout server.key -out server.crt -config openssl.conf

Creates 2 files server.key and server.crt :

Need to copy those keys into Administrator (VAM) under security (https://xx.xx.xx.xx/vam/#/) - Advanced - Certificate Settings 

Cut and paste the certificates under vam

 

copy the cert file into your main opcenter box, and install it using keytool :

Example :

/opt/hitachi/Base64/uCPSB/jdk/jre/bin/keytool -import -noprompt -storepass changeit -keystore /opt/hitachi/Base64/uCPSB/jdk/jre/lib/security/cacerts -alias OpsCenter -file /tmp/has.crt 

 

Stop and start the services .. this should work