DEVTEST 8.2 Registry does not Register with DEV10 ED

Document ID : KB000006572
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

We are trying set up SSL communication between components. We cannot get 8.2 Registry to register with  ED in 10.   Getting    SSL handshake errors as below.    Currently we are using our own keystore to start the Enterprise Dashboard on 8.2.0 version. We are trying to upgrade out ED to 10.0 and the same keystore which works on 8.2 does not work on 10.0. Please help.

 

 

7-04-05 21:29:08,760Z (14:29) [Thread-23] ERROR com.ca.dradis.cic.DradisCicMessageProcessor - CIC Failed sending access event from component 'null' to Enterprise Dashboard. 

13,067Z (14:35) [ActiveMQ Task] INFO System.out - Apr 05, 2017 2:35:13 PM com.itko.activemq.broker.TransportConnector$1 onAcceptError 
2017-04-05 21:35:13,067Z (14:35) [ActiveMQ Task] INFO System.out - SEVERE: Could not accept connection : javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
2017-04-05 21:35:13,079Z (14:35) [Thread-23] ERROR com.itko.lisa.dradis.comm.DradisRestStrategy - Failed sending component 'null', saving to dradis cache. 
2017-04-05 21:35:13,079Z (14:35) [Thread-23] ERROR com.itko.lisa.dradis.comm.DradisRestStrategy - Exception: unexpected end of stream on Connection{localhost:1506, proxy=DIRECT hostAddress=127.0.0.1 cipherSuite=none protocol=http/1.1} (recycle count=0) 
2017-04-05 21:35:13,193Z (14:35) [Thread-23] ERROR com.ca.dradis.cic.DradisCicMessageProcessor - CIC Failed sending access

 

Environment:
DEVTEST 8 , 9, 10
Cause:

Enterprise Dashboard CIC component should use HTTPS to communicate. It turns out there's an additional property called devtest.enterprisedashboard.https.enabled  that tells our internal REST clients whether to use HTTPS or not when communicating with the Enterprise Dashboard web server.


By default, the devtest.enterprisedashboard.https.enabled is set to false which means plain HTTP will be used.
We need to set devtest.enterprisedashboard.https.enabled=true in the local.properties for DevTest 10.0
 

  Enterprise Dashboard CIC log -

2017-04-05 21:35:13,079Z (14:35) [Thread-23] ERROR com.itko.lisa.dradis.comm.DradisRestStrategy - Failed sending component 'null', saving to dradis cache. 
2017-04-05 21:35:13,079Z (14:35) [Thread-23] ERROR com.itko.lisa.dradis.comm.DradisRestStrategy - Exception: unexpected end of stream on Connection{localhost:1506, proxy=DIRECT hostAddress=127.0.0.1 cipherSuite=none protocol=http/1.1} (recycle count=0) 
2017-04-05 21:35:13,193Z (14:35) [Thread-23] ERROR com.ca.dradis.cic.DradisCicMessageProcessor - CIC Failed sending access 


Resolution:

Setting  devtest.enterprisedashboard.https.enabled=true in the local.properties for DevTest 10.0 resolved the issue. 

 

Please see the connection properties needed for  8.2 and 10.0  SSL communication:

For DEVTEST 10.0 :

1. dradis.properties  we added the following properties 

#Enable SSL 
lisa.net.default.protocol=ssl 


dradis.webserver.https.enabled=true 
dradis.webserver.ssl.keystore.location=/opt/mylisa.ks 
dradis.webserver.ssl.keystore.password_enc=33aa310aa4e18c114dacf86a33cee898 
dradis.webserver.ssl.keymanager.password_enc=33aa310aa4e18c114dacf86a33cee898 

lisa.net.keyStore=/app/mykeystore.ks

lisa.net.keyStore.password=password1

 lisa.net.trustStore=/opt/mylisa.ks 
lisa.net.trustStore.password_enc=079f6a3d304a978146e547802ed3f3a4 

 

2. In the local.properties file:

we set devtest.enterprisedashboard.https.enabled=true so that the Enterprise Dashboard CIC component can connect to Enterprise Dashboard using HTTPS.   We shouldn’t need anything else in local.properties if DevTest 10.0 is only used for running Enterprise Dashboard and the CIC component.

 

For DEVTEST 8.2 :

1.       In the local.properties file

lisa.enterprisedashboard.service.url is set to communicate using SSL, like ssl://someHost:2003/EnterpriseDashboard  

# enable https and setup the webserver ssl keystore 

lisa.webserver.https.enabled=true 

lisa.webserver.ssl.keystore.location={{LISA_HOME}}/webserver.jks

lisa.webserver.ssl.keystore.password_enc=9839f65d0802b8cf48da5c1b095a0daa

lisa.webserver.ssl.keymanager.password_enc=c66a6d706fbef96905828231c4680e91

lisa.webserver.port=8443

# should lisa workstation use https when launching the portals?

lisa.portal.use_https=true

lisa.portal.url.prefix=https://

 

#Make all traffic as ssl

lisa.net.default.protocol=ssl

lisa.net.keyStore={{LISA_HOME}}/mykeystore.ks

lisa.net.keyStore.password_enc=c66a6d706fbef96905828231c4680e91

 

#To trust this machine to the server.

lisa.net.trustStore={{LISA_HOME}}/trustStore.ts

 

lisa.net.trustStore.password_enc=9839f65d0802b8cf48da5c1b095a0daa