OpenAPI with SSL configured in CA Performance Center SSO

Document ID : KB000057034
Last Modified Date : 14/02/2018
Show Technical Document Details

With the new r2.5 CA Performance Center (CAPC) release there is now the fully supported OpenAPI tool.

These are powerful tools and are great additions to the product.

If you are running an upgraded CAPC system that was running SSL, you may find that OpenAPI shows an error when it attempts to communicate with the CAPC host from the Data Aggregator (DA), where OpenAPI is launched from.

The common error observed is an HTTP 500 error.

HTTP ERROR 500

Problem accessing /sso/sign-in.jsp. Reason:

    Could not send Message.

Caused by:

javax.xml.ws.WebServiceException: Could not send Message.

      at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)

      at com.sun.proxy.$Proxy61.getProperty(Unknown Source)

      at org.apache.jsp.sign_002din_jsp._jspService(org.apache.jsp.sign_002din_jsp:167)

      at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111)

      at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)

      at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:403)

      at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:492)

      at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:378)

      at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)

      at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:648)

      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1336)

      at com.ca.im.portal.common.web.security.RequestFilter.doFilter(RequestFilter.java:26)

      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1307)

      at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:453)

      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)

      at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:534)

      at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)

      at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1072)

      at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:382)

      at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)

      at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1006)

      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)

      at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)

      at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)

      at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)

      at org.eclipse.jetty.server.Server.handle(Server.java:365)

      at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:485)

      at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:926)

      at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:988)

      at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:635)

      at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)

      at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)

      at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)

      at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:627)

      at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:51)

      at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)

      at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)

      at java.lang.Thread.run(Unknown Source)

Caused by: java.net.ConnectException: ConnectException invoking http://127.0.0.1:8181/pc/center/webservice/sso?WSDL: Connection refused

at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
 at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
 at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
 at java.lang.reflect.Constructor.newInstance(Unknown Source)
 at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1453)
 at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1438)
 at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
 at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:650)
 at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
 at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
 at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:531)
 at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:461)
 at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:364)
 at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:317)
 at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
 at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
 ... 37 more
Caused by: java.net.ConnectException: Connection refused
 at java.net.PlainSocketImpl.socketConnect(Native Method)
 at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
 at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
 at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
 at java.net.SocksSocketImpl.connect(Unknown Source)
 at java.net.Socket.connect(Unknown Source)
 at sun.net.NetworkClient.doConnect(Unknown Source)
 at sun.net.www.http.HttpClient.openServer(Unknown Source)
 at sun.net.www.http.HttpClient.openServer(Unknown Source)
 at sun.net.www.http.HttpClient.<init>(Unknown Source)
 at sun.net.www.http.HttpClient.New(Unknown Source)
 at sun.net.www.http.HttpClient.New(Unknown Source)
 at sun.net.www.protocol.http.HttpURLConnection.getNew/beanttpClient(Unknown Source)

 

The common cause for this is that the Data Aggregator is not aware of the appropriate ports to contact the CAPC host with.

There is a new step in the SSL configuration for CAPC and the DA introduced in the 2.5 release. If that step is missed it will cause these HTTP 500 errors. It is easy to overlook this step if post r2.5 upgrade your SSL implementation continues to function giving no strong reason to review the SSL configuration documentation for the new release.

The new steps involved a new file on the CAPC host. It is the CADataAggregator.xml file and is found in: the directory:

/opt/CA/PerformanceCenter/sso/webapps/sso/configuration/

The changes necessary in that file are:

     Replace the <Scheme> and <Port> values for SingleSignOnWebServiceUrl with settings appropriate for SSL (Do not change values for SignInPageProductDefaultUrl)

For more details the new step is further documented in (as of the time this is written) steps 18 and 19 in the CAPC SSL configuration documentation in the CAPC documentation Wiki. It can be found here:

https://wiki.ca.com/display/CAPM250/Configure+CA+Performance+Center+to+Use+HTTPS