Below are items to check:
Item 1) See if the same App Visibility Portal can connect from a different TSPS (if available). This should indicate that the problem is only on the TSPS side.
Item 2) Is the App Visibility Portal and TSPS using the BMC out-of-the-box security certificates or custom security certificates? If using the BMC out-of-the-box security certificates then the connection between TSPS and App Visibility Portal should be successful.
Item 3) Ensure the App Visibility Portal certificates related files and configurations are in place and with the correct default out-of-the-box configurations. Check if customer is using LB certificates and ask to validate are working.
See below for the steps:
Step 1. Under TSPS_HOME, open conf\secure directory and make sure the App Visibility out-of-the-box security certificate files are there. The out-of-the-box key store file is called adopskeystore.jks, and the out-of-the-box trust store file is called adopstruststore.jks.
Step 2. Under TSPS_HOME, open Conf directory and ensure both files called appVisCertificates.xml and appVisCertificates.xsd are present
Step 3. Open "appVisCertificates.xml" and make sure the default configuration is in place. It should look as follows:
<?xml version="1.0" encoding="UTF-8"?>
<config>
<default-certificate path="conf/secure/adopskeystore.jks" password="YZ22D+YsakY=" truststorePath="conf/secure/adopstruststore.jks"/>
<!-- example for configuration with custom tenant certificate. Custom certificates that are stored under TSPS home directory must be located under conf/secure/appVisScecure directory and configured with relative path-->
<!--tenant-certificate tenant="BmcRealm" path="conf/secure/appVisSecure/keystore.jks" password="YZ22D+YsakY=" truststorePath="conf/secure/appVisSecure/truststore.jks"/-->
</config>
Step 4. Make sure the TSPS and App Visibility certificates related properties are configured correctly.
Run the following tssh command from a command line (from the bin directory under the TSPS_HOME):
tssh properties list
In the results list, ensure the following properties are present with the default values:
PropertyName = tsps.appvis.truststore.filename
PropertyValue = adopstruststore.jks
PropertyName = tsps.appvis.truststore.password
PropertyValue = qwerty
Item 4) Review the file called TrueSight.log on the TrueSight Presentation Server. If this log has the following registration error messages:
---------- Start of registration error message ----------
DEBUG 09/03 13:36:33.296 [ComponentPing_2] c.b.t.p.e.c.m.t.ComponentManagementPingTask Performing heartbeat for [ <hostname>, status : REGISTRATION_ERROR, Id : 9 ]
ERROR 09/03 13:36:33.296 [ComponentPing_2] c.b.t.p.u.r.AppVisTenantCertConfigLoader BMC_TS-AV000158E AppVisTenantCertConfigLoader.getCertificateInfo(): Cannot locate default or custom certificate configuration for the <Tenant_Name> tenant in the App Visibility certificates file, appVisCertificates.xml. {}
INFO 09/03 13:36:33.296 [ComponentPing_2] c.b.t.p.e.c.m.t.ComponentManagementPingTask heartbeat for component [ <hostname>, status : REGISTRATION_ERROR, Id : 9 ] is failed
---------- End of registration error message ----------
These error message indicates that the security certificate details were not configured correctly in appVisCertificates.xml for tenant. Once the configuration details are corrected in the appVisCertifiactes.xml file, and the TSPS has been stopped and restarted then you can add the App Visibility Portal again.
If the above items are verified then below are steps to debug the issue:
Step 1) Enable debug on the App Visibility Portal by opening the Windows Explorer, and navigate to the %ADOPSSERVER_HOME%\portal\properties directory. Make a backup of the portal.properties file.
Step 2) Edit the original portal.properties and search for the following line:
log4j.write.ssl.logs = false
Step 3) Change the value from false to true like the following:
log4j.write.ssl.logs = true
Step 4) Save the file
Step 5) Stop and restart the App Visibility Portal
Step 6) Enable debug logging on the TSPS by navigating to the \BMC Software\TrueSightPServer\truesightpserver\bin directory from a command prompt
Step 7) Execute all of the following commands:
tssh logger debug on -n ROOT
tssh logger debug on -n RestServiceAudit
tssh logger debug on -n TS_DEFAULT
tssh logger debug on -n com.bmc.truesight.platform
tssh logger debug on -n com.bmc.truesight.rest.formatter.GenericMessageFormatHandler
tssh logger debug on -n com.bmc.tsps.common.services
tssh logger debug on -n org.jnp.interfaces.NamingContext
Step 8) Reproduce the issue by registering the App Visibility Portal from the TSPS console
Note: The additional VERBOSE should expose what's wrong with Certificate, or configuration, or something else.
Step 9) After the issue is reproduced, send the following items:
Item 1) From the App Visibility Portal:
- Generate a Z&D file from the App Visibility Portal console or provide all of the files in the \BMC Software\App Visibility\portal\logs directory
- Send all of the files from the \BMC Software\App Visibility\portal\properties directory
- Send all of the files from the \BMC Software\App Visibility\portal\security directory
Item 2) From the TSPS server:
- Send all of the files from the \BMC Software\TrueSightPServer\truesightpserver\logs directory
- Send all of the files from the \BMC Software\TrueSightPServer\truesightpserver\conf directory
Step 10) Stop the App Visibility Portal
Step 11) Disable the debug back to the original values in App Visibility Portal, and stop and restart the App Visibility Portal
Step 12) Disable the debug logging on the TSPS by executing the following commands from the \BMC Software\TrueSightPServer\truesightpserver\bin directory:
tssh logger debug off -n ROOT
tssh logger debug off -n RestServiceAudit
tssh logger debug off -n TS_DEFAULT
tssh logger debug off -n com.bmc.truesight.platform
tssh logger debug off -n com.bmc.truesight.rest.formatter.GenericMessageFormatHandler
tssh logger debug off -n com.bmc.tsps.common.services
tssh logger debug off -n org.jnp.interfaces.NamingContext