Highlighted
Admiral
Admiral
1203 views

Unknown SSL protocol error in connection to server.domain :7116

Jump to solution

Hi all,

After install a linux RHEL 6.7 Cell Manager 9 and a UI into antoher Windows Server, i receive the following error when i try to connect to CM:

 

Unknown SSL protocol error in connection to server.domain :7116

All services are UpP in the Cell Manager an DNS is OK in both directions. Any idea ?

 

 

-----------
Please assign Kudos
0 Likes
1 Solution

Accepted Solutions
Highlighted
Admiral
Admiral

Hi Sherman,

I don1t known why, but after remove DP from server, reboot and install again, regenerate the certified, it works.

Thanks!

-----------
Please assign Kudos

View solution in original post

0 Likes
2 Replies
Highlighted
Micro Focus Expert
Micro Focus Expert

Hello dcampregher,

Looking at your error :

GUI cannot connect to cell manager:
SSL connect error'. Detail:'Unknown SSL protocol error in connection to <CM HOSTNAME>:7116

I would recommend the following :

1. Log a SW DP case so that this can be investigated in details as this may be due to a lot of things.

 

2. DP GR patches - have you installed/updated to the latest 9.07 Build 110 for both CM and GUI client.

 

3. Check CM hostname and ensure you have name resolution / reverse lookup is consistent to all.

I have noted this is a new installed CM and so need to verify the CM hostname

omnidbutil -show_cell_name

Take note of the hostname output and then run nslokup tests

- login RHEL CM

nslookup <CM HOSTNAME>

nslookup <CM IP>

 

- login WINDOWS DP GUI CLIENT

nslookup <CM HOSTNAME>

nslookup <CM IP>

 

Check the above output - they should be same and consistent.

 

4. Make sure clocks between the Cell Manager and the client are synchronized.

This is a rare situation as I would expect both CM and DP clients (DA, MA and GUI) are on same date and time but do check if there is any date/time differences between the two systems.

 

5. Check the logs - omnigencert_2016-XX-YY_ZZ-ZZ-ZZ.log for any error entries.

 

6. Check the files standalone.xml and webservice.properties, and check password entries is same.

Using example below - take note that the "same" password for both files is q/h3exmoyzqda

# pwd
/etc/opt/omni/server/AppServer

# ls -la standalone.xml
-rw-r--r-- 1 hpdp hpdp 22604 Jul 2 2014 standalone.xml


# grep -i password standalone.xml
<password>sa</password>
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="password" value="-7275fbd7244b630b98d09ee4cb542765"/>
<module-option name="password-stacking" value="useFirstPass"/>
<jsse keystore-password="q/h3exmoyzqda" keystore-url="/etc/opt/omni/server/certificates/server/server.keystore" truststore-password="q/h3exmoyzqda" truststore-url="/etc/opt/omni/server/certificates/server/server.truststore"/>
<jsse keystore-password="q/h3exmoyzqda" keystore-url="/etc/opt/omni/server/certificates/server/server.keystore" truststore-password="q/h3exmoyzqda" truststore-url="/etc/opt/omni/server/certificates/server/server.truststore"/>
<ssl name="ssl" password="q/h3exmoyzqda" certificate-key-file="/etc/opt/omni/server/certificates/server/server.keystore" protocol="TLS" verify-client="want" ca-certificate-file="/etc/opt/omni/server/certificates/server/ca.truststore" ca-certificate-password="q/h3exmoyzqda"/>

 

 


# pwd
/etc/opt/omni/client/components

# ls -la webservice.properties
-rw-r--r-- 1 root sys 340 Jul 2 2014 webservice.properties

# cat webservice.properties
# global property file for all components
jce-serviceregistry.URL = https://anchor.rc.aus.hp.com:7116/jce-serviceregistry/restws
keystorePath=/etc/opt/omni/server/certificates/client/client.keystore
truststorePath=/etc/opt/omni/server/certificates/client/client.truststore
keystorePassword=q/h3exmoyzqda
truststorePassword=q/h3exmoyzqda

 

7. Recreate DP certificate using omnigencert.pl 

This is one of the fix if the above shows the password is different. This is why I would recommend that you log a SW DP case.

 

8. Recreate the error with DP DEBUG trace to see what/where is the error.

 

 

Very sorry for the long one - hope this helps.

That error may be due to a lot of things and so will really need to be investigated. The above are what you can check so as to isolate things further.

 

Rgds,

Sherman

HPE DP SUPPORT

 

Sherman Senin
Customer Support Engineer, APJ
Data Protector
Micro Focus
0 Likes
Highlighted
Admiral
Admiral

Hi Sherman,

I don1t known why, but after remove DP from server, reboot and install again, regenerate the certified, it works.

Thanks!

-----------
Please assign Kudos

View solution in original post

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.