Absent Member.. Absent Member..
Absent Member..
239 views

[ST OMU] opcagtw.vbs causes traffic congestion in customer firewall

PROBLEM:

An HP vb script is executing the following command line every time and it is causing a lot of outbound traffic.

The congestion in the firewall gets even worse during this transaction because it is being denied.

C:\Windows\System32\cscript  //Nologo "C:\Program Files\HP OpenView\bin\win64\OpC\opcagtw.vbs" -type –verbose



CAUSE:

Delay can happen during certificate validation.
After CryptoAPI starts validating the individual certificates in the presented certificate chain(s), the following checks are performed:
1.    CryptoAPI determines whether the certificate is included in the Untrusted certificate store. All certificates in the Untrusted certificate store are explicitly designated as disallowed certificates.
2.    If the certificate included a stapled OCSP response and the stapled response is time valid, use the stapled OCSP response to valid the revocation status of the certificate.
3.    If a CRL with the matching issuer name and optionally the same IDP is already in the CA store, use that version of the CRL.
4.    If a stapled response or previously downloaded CRL is not available, then CryptoAPI must attempt URL retrieval to determine the revocation status of the certificate.
5.    The URLs for OCSP and CDP are built in the following order:
a.    OCSP URLs from Group Policy
b.    OCSP URLs from the authority information access extension
c.    CRL URLs from the CDP extension
On the systems where there is no internet access, the delay can equal to URL retrieval timeout set on the system.
DNS settings and network settings can also add up to the effective total retrieval time.



SOLUTION:

The removal of the signature block for both opcagtw.vbs files stops the network traffic.



This is documented in the following KCS document: http://support.openview.hp.com/selfsolve/document/KM00956568

HP Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.
If you liked it I would appreciate KUDOs.
1 Reply
Highlighted
Honored Contributor.. Honored Contributor..
Honored Contributor..

Re: [ST OMU] opcagtw.vbs causes traffic congestion in customer firewall

Not only does it delay the time the opcagt command takes to respond and return a result. It also uses a lot of CPU resources. This issue has been apparent since HP Operations Agent 11.04.

 

I have a post-install step that is to remove the signature block from the opcagtw.vbs file (located in bin and win64 directories), as well as the opctemplatew.vbs file (located in bin and win64 directories). As that experiences a similar result.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.