BPM 9.30 and APM 9.30 new authentication mechanism

In APM 9.30 and higher a new authentication mechanism was added, the goal is to avoid having duplicate BPM hosts.

BPM has a private and public key located in (\config\auth\), when it is register to APM for the first time it would send this encryption to APM so the next configuration request would require this key to be successful.

This only works on APM and BPM 9.3x version. Previews version would not use it.

You would know if you are having issue with this authentication if you see the following entries on the BPM server:

workspace\logs\Bpm_bsm_comm.log:

…[registerAgent] Failed to register the agent. hostName=diaghs8 The thrown message is: (java.lang.Exception) Failed to register BPM Agent. Agent Name: diaghs8  - Invalid digital signature.

To disable this new authentication you can do it from APM:

Admin -> Platform -> Infrastructure Settings -> Foundations -> EUM Administration -> Disable BPM Authentication

To recreate the keys:

  1. Stop BPM.
  2. Remove the private and public keys
  3. Restart BPM.

This would affect all the instances that you have since it would use new keys.

To reset the keys on APM side to accept a new one like if it ware a new registration go to:

http://localhost:29000/mbean?objectname=Topaz:service=EUM Administration Service - removePublicKey

Reply to this post if you have questions.

Regards,

Héctor Solano M.

San Jose
hpe.com