Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Martyn Oram Valued Contributor.
Valued Contributor.
130 views

sat install - generating crypto

Hello. I am trying to install a second gateway on an existing satellite (new realm, same facility). HPSA 10.60.

For some reason, the install is skipping the crypto generation, which seems to be causing me problems.

I un-tar'd the OPSWgw-70.0.74535.0-installer-RedHat-Linux-7SERVER-X86_64.tgz file, and then copied the /var/opt/opsware/crypto/gateway/token.p12 to the "crypto" directory, and then I started the install.

during the install, I see that crypto generation gets skipped:

=====================================================

Are you finished editing this properties file? [y/n]y

Sanity check properties file...

Skipping crypto generation

============================================================

Starting Opsware Gateway

============================================================

Starting opswgw:

At this point it hangs, and the logs show this error:

2019-07-16T13:45:06,144.544Z ERROR 139708968650496 - ogssl.cpp:1012 Error opening crypto file /var/opt/opsware/crypto/opswgw-usplsvulx2021-osp2/opswgw.p12 error=2

and sure enough, that directory does not exist. 

My question, why is it skipping the crypto generation? We have done this many times in previous versions of hpsa, and it always shows that is generating crypto. So, what would cause it to skip this step?

Thanks

0 Likes
1 Reply
Martyn Oram Valued Contributor.
Valued Contributor.

Re: sat install - generating crypto

Also, once I try to manually copy the missing opswgw.p12 file, and restart everything, I see this in the parent gateway log:

2019-07-16T14:30:49,801.594Z INFO 140322210277120 - ogtunnel.cpp:1048 Attempting Tunnel/SSL negotiation with peer=205.239.19.3@45202 using /var/opt/opsware/crypto/opswgw-usplsvulx2021/opswgw.p1 2
2019-07-16T14:30:49,820.166Z ERROR 140322210277120 - ogtunnel.cpp:1173 Tunnel Accept Failed: realm hash in peer cert did not match peer properties DB
2019-07-16T14:30:49,820.362Z ERROR 140322210277120 - ogme.cpp:2549 tunnelAcceptHandshake: tunnel error rv=-10 peer=205.239.19.3@2001

and I see this in the child gateway log:

2019-07-16T14:30:49,774.963Z INFO 139998795908864 - ogtunnel.cpp:720 Attempting Tunnel/SSL negotiation with peer=205.239.19.3@2001 lport=45202 using /var/opt/opsware/crypto/opswgw-usplsvulx2021-osp2/opswgw.p12
2019-07-16T14:30:49,819.813Z INFO 139998795908864 - ogssl.cpp:1892 Negotiated SSL connection with client presenting embryo/opswgw:6e169e4cca1a4506:417075fecbb23cb0:0:000000100001:5d28a921, using cipher ECDHE-RSA-AES128-GCM-SHA256 at 128 bits.
2019-07-16T14:30:49,820.330Z ERROR 139998795908864 - ogtunnel.cpp:815 Tunnel Connection Failed: recv remote propdb failed rv=-3 errno=0 [205.239.19.3@2001]
2019-07-16T14:30:49,820.605Z WARN 139998795908864 - ogme.cpp:2645 tunnelConnect: connect handshake failed for fd=17

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.