DX NetOps

Hi,

In Spectrum SPM I have successfully used HTTPS tests until confronted with the webserver with enabled only TLS v1.0, TLS v.1.1, TLS v1.2 protocols. SSL 2, SSL 3 disabled on it for security reasons.

SPM HTTPS test fails with error in jcollector.log:

[LOG_FATAL][2015-05-07 09:59:11][Thread:Thread-27273][Pass #2311]: SSLHandshakeException thrown by the html page download: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

[LOG_CRITICAL][2015-05-07 09:59:11][Thread:Thread-27273][Pass #2311]: [#9458] ERRSRC:https ERRCODE:58 INDEX:9458 NAME: TESTDESC:IPasasX ERROR: jcollector.SATestException: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Other https webserver with SSL v3 enabled is monitored with HTTPS test without problems.

Can jcollector monitor webserver with TLS protocols? If it can, how to configure it?

Enviroment:

Spectrum OneClick 9.4.0.0.223

SystemEDGE for Windows 5.8.2

This is actually a known issue. The Service Response AIM in versions prior to 5.8.2 utilize Java 6 still which can only do SSLv3 (no TLS). The latest version of the Service Response AIM changed the Java Runtime Environment to Java 7 (still a version behind but progress is progress) which can support TLSv1, 1.1 and 1.2 in addition to SSLv3.... Unfortunately the jcollector still is not renegotiating the versions correctly (or the code just didn't make it into the 5.9 codebase). I actually have a CA Support case open on this very issue (00044513) which right now has a status of "Preparing Solution" so I'm hopeful I'll be getting a patch or something soon on this.

MattClausen is correct. This is a known issue for which we are still working on a solution.

Please open a support case so we can add you to the "list" and deliver the solution to you once available.

Regards,

Sean

I just got the new jcollector.jar file this week that fixes the issue. If you haven't opened up a support case yet, go ahead and do so since the fix is available now.

Hi everyone,

They know how to say what the name of this fix that was released? I just installed SystemEDGE 5.9 and the error continues.

jcollector.jar that came in SystemEDGE 5.9 was created on February 10, 2015.

Regards

Leandro Oliveira

The fix is not included in 5.9.0 (it'll likely be in 5.9.1 when it comes out). You need to open a support case to get it for the 5.9.0 package.

The fix has not been released publicly yet. As MattClausen mentioned, you'll need to open a support ticket so it can be provided to you.

I have just done and I am waiting now.

Thanks for all.

Once the patch is applied, do I have to redeploy or reinstall the agents?

The patch requires an agent, AdvancedEncryption and SRM upgrade to 5.9 -- if you are not already at that level. Then a updated jcollector.jar and some 3rd party jar files.

If you require the fix, please open a case with support.

Hi Sean,

Currently I have the same problem. issue 00889562
the strange thing about this is that we have the version of core 5.9 and the oneclick console in versions 10.1 for production and 10.2 for laboratory.

[LOG_CRITICAL][2017-11-09 09:33:45][Thread:Thread-4][Pass #4]: [#11756] ERRSRC:https ERRCODE:58 INDEX:11756 NAME: TESTDESC: https//urlpage ERROR: jcollector.SATestException: java.net.SocketTimeoutException: Read timed out

[LOG_CRITICAL][2017-11-09 13:24:44][Thread:Thread-21][Pass #459]: [#15210] ERRSRC:https ERRCODE:58 INDEX:15210 NAME: TESTDESC:https://url page2 ERROR: jcollector.SATestException: java.net.SocketException: Connection reset