Applications Manager Plugin not accessible after enabling SSL in OpManager

Applications Manager Plugin not accessible after enabling SSL in OpManager

Try accessing the Applications Manager Plugin separately using HTTPS protocol in a separate browser in incognito mode.
To do that, you will need the hostname and port number of Applications Manager. To find the same, click here.

If Applications Manager Plugin is not at all accessible using the HTTPS port, follow the instructions given below:
  1. If SSL is enabled in OpManager i.e. to use HTTPS instead of HTTP, APM Plugin will automatically refer to OpManager's keystore.
  2. Ensure that Applications Manager's server.xml file under <Applications Manager Home>\working\apache\tomcat\conf directory has the keystoreFile value as the absolute file path of OpManager's keystore.
    Note: If SSL is enabled in OpManager,  OpManager's Keystore and Truststore path will be read from system_properties.conf file located under the <OpManager_Home>/conf directory.
    Example:
    javax.net.ssl.trustStore=conf/itom.truststore where itom.truststore is present under the <OpManager_Home>/conf directory.
    javax.net.ssl.keyStore=conf/itom.keystore where itom.keystore is present under the <OpManager_Home>/conf directory.
  3. If connector tag specific to SSL Configuration in server.xml file has keystoreType key, verify its value. (i.e.) the File type given in the keystoreFile should belong to the value of the keystoreType.
    Note: Based on the KeyStore file's type, the value for KeyStore type may vary:
    For eg. keystoreFile="C:\Endeca\MDEXEngine\workspace\etc\eneCert.p12"   keystoreType="PKCS12"
  4. If you want to use your own Keystore, follow the steps given:
    Connect to the Applications Manager's database and execute the below query:
    UPDATE AM_GLOBALCONFIG SET VALUE = 'true' WHERE NAME = 'Plugin_CustomiseSSLConfiguration';
    Using your own Keystore:
         * Paste your Keystore file's absolute path as value for keystorePath in Applications Manager's server.xml under <Applications Manager Home>\working\apache\tomcat\conf\backup directory.
         * Enter your keystore password as value for keystorePass in server.xml under <Applications Manager Home>\working\apache\tomcat\conf\backup directory

    Importing certificate to Applications Manager Plugin's default Keystore
    Follow the steps given in this KB to import your own certificate to Applications Manager Plugin's keystore.
    Note: Ensure that you update Keystore path and password in AppManager_Home\working\apache\tomcat\conf\server.xml file with default keystore values i.e. Path and password of AppManager_Home\working\apache\tomcat\appmanager.keystore.
NOTE: If encryptedKeystorePass key is already present there, update the key name with keystorePass.

If Applications Manager Plugin is accessible via HTTPS protocol but UI is not loaded inside OpManager, follow the steps given below:
  1. You might be using a self-signed certificate or an untrusted domain certificate. Hence, try accessing Applications Manager with HTTPS protocol using the same hostname and port number obtained from the very first step, in a separate tab in the same browser where OpManager is logged in.
  2. Accept the risk warning page and proceed. 
  3. Now logout of OpManager, log in again and check the Applications/Apps tab.

                  New to ADSelfService Plus?

                    • Related Articles

                    • Upgrade guide for OpManager v 12.7 and APM Plugin

                      After downloading the service pack for OpManager and the compatible service pack for Applications Manager Plugin (APM Plugin) to OpManager installed server, start the upgrade process for OpManager and APM Plugin by following the steps below: Note: If ...
                    • Troubleshooting Applications Manager Plugin database migration failure after service pack upgrade of OPM and APM plugin

                      When upgrading OpManager from version 12.6.xxx to 12.7.xxx and updating the APM Plugin to 1651x, particularly when using Postgresql as the backend database, an essential one-time migration occurs. This migration involves moving our backend Postgresql ...
                    • Troubleshooting SSL Handshake Error

                      An SSL Handshake error typically occurs when a secure connection cannot be established due to issues like incompatible SSL protocol versions, ciphers or missing client certificates. Verify URL Accessibility Ensure that the URL you’re monitoring is ...
                    • Disable HTTP access in Applications Manager

                      Overview This article describes configuring a secure connection between Applications Manager server and the browser/client. Applications Manager can be accessed through any of the following URLs: For HTTP  -> http://[hostname/ip-address]:[http-port] ...
                    • Resolving Issues When Onboarding SSL-Enabled MySQL Database Servers

                      Error Message: Connections using insecure transport are prohibited while --require_secure_transport=ON Solution: To overcome this issue follow the steps given below: Execute the following query in the corresponding MySQL shell script: ALTER USER ...