Applications Manager Plugin not accessible after enabling SSL in OpManager

Applications Manager Plugin not accessible after enabling SSL in OpManager

Try accessing the Applications Manager Plugin separately using HTTPS protocol in a separate browser in incognito mode.
To do that, you will need the hostname and port number of Applications Manager. To find the same, click here.

If Applications Manager Plugin is not at all accessible using the HTTPS port, follow the instructions given below:
  1. If SSL is enabled in OpManager i.e. to use HTTPS instead of HTTP, APM Plugin will automatically refer to OpManager's keystore.
  2. Ensure that Applications Manager's server.xml file under <Applications Manager Home>\working\apache\tomcat\conf directory has the keystoreFile value as the absolute file path of OpManager's keystore.
    Note: If SSL is enabled in OpManager,  OpManager's Keystore and Truststore path will be read from system_properties.conf file located under the <OpManager_Home>/conf directory.
    Example:
    javax.net.ssl.trustStore=conf/itom.truststore where itom.truststore is present under the <OpManager_Home>/conf directory.
    javax.net.ssl.keyStore=conf/itom.keystore where itom.keystore is present under the <OpManager_Home>/conf directory.
  3. If connector tag specific to SSL Configuration in server.xml file has keystoreType key, verify its value. (i.e.) the File type given in the keystoreFile should belong to the value of the keystoreType.
    Note: Based on the KeyStore file's type, the value for KeyStore type may vary:
    For eg. keystoreFile="C:\Endeca\MDEXEngine\workspace\etc\eneCert.p12"   keystoreType="PKCS12"
  4. If you want to use your own Keystore, follow the steps given:
    Connect to the Applications Manager's database and execute the below query:
    UPDATE AM_GLOBALCONFIG SET VALUE = 'true' WHERE NAME = 'Plugin_CustomiseSSLConfiguration';
    Using your own Keystore:
         * Paste your Keystore file's absolute path as value for keystorePath in Applications Manager's server.xml under <Applications Manager Home>\working\apache\tomcat\conf\backup directory.
         * Enter your keystore password as value for keystorePass in server.xml under <Applications Manager Home>\working\apache\tomcat\conf\backup directory

    Importing certificate to Applications Manager Plugin's default Keystore
    Follow the steps given in this KB to import your own certificate to Applications Manager Plugin's keystore.
    Note: Ensure that you update Keystore path and password in AppManager_Home\working\apache\tomcat\conf\server.xml file with default keystore values i.e. Path and password of AppManager_Home\working\apache\tomcat\appmanager.keystore.
NOTE: If encryptedKeystorePass key is already present there, update the key name with keystorePass.

If Applications Manager Plugin is accessible via HTTPS protocol but UI is not loaded inside OpManager, follow the steps given below:
  1. You might be using a self-signed certificate or an untrusted domain certificate. Hence, try accessing Applications Manager with HTTPS protocol using the same hostname and port number obtained from the very first step, in a separate tab in the same browser where OpManager is logged in.
  2. Accept the risk warning page and proceed. 
  3. Now logout of OpManager, log in again and check the Applications/Apps tab.

                  New to ADSelfService Plus?