This topic describes the issues that you might encounter when accessing or using the BMC Helix Intelligent Integrations on-premises gateway.
| Issue Symptom | Issue cause | Troubleshooting |
|---|
The following error message is displayed when you access the BMC Helix Intelligent Integrations on-premises gateway UI: 400 error: This page isn't working. In addition, the swp-authproxy container logs contain one of the following error messages: No valid user identifier was found, redirecting to the RSSO Server. Or, Could not communicate to the RSSO Server
javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
at java.net.http/jdk.internal.net.http.HttpClientImpl.send(Unknown Source) ~[java.net.http:na]
at java.net.http/jdk.internal.net.http.HttpClientFacade.send(Unknown Source) ~[java.net.http:na]
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty | This issue occurs if authentication is enabled for the on-premises gateway. | Make sure that the OAuth client is registered correctly. For more information, see Setting up authentication for the on-premises gateway. |
The following error message is displayed when you access the BMC Helix Intelligent Integrations on-premises gateway UI for which authentication is enabled: 400 error: This page isn't working. In addition, the swp-authproxy container logs contains an error message similar to the following: Could not communicate to the RSSO Server
Caused by: java.nio.channels.UnresolvedAddressException: null
at java.base/sun.nio.ch.Net.checkAddress(Unknown Source) ~[na:na]
at java.base/sun.nio.ch.Net.checkAddress(Unknown Source) ~[na:na]
at java.base/sun.nio.ch.SocketChannelImpl.checkRemote(Unknown Source) ~[na:na]
at java.base/sun.nio.ch.SocketChannelImpl.connect(Unknown Source) ~[na:na] | This issue occurs if authentication is enabled for the on-premises gateway. | To resolve the issue, perform the following steps: - Check if any proxy or firewall is present between the on-premises gateway host and BMC Helix platform.
Interception by the proxy or firewall could lead to invalid SSL certificates. - Disable the proxy or firewall.
- Obtain the SSL certificates from the BMC Helix platform deployment again.
- Import the certificates again.
For instructions, see Task 2: To import SSL certificates into the on-premises gateway. - Enable the proxy or firewall.
|
You experience the following issues when using the BMC Helix Intelligent Integrations on-premises gateway: - Unable to view the existing connectors
- Unable to add a source or destination
In addition, the container logs contain one of the following error messages: - The swp-mediator container logs
Access denied: bad token, serviceName: mediator, token: Some(*****), uri: /api/mediator/v3/origins/retrieve/all, errors: Bad JWT: failed to get permission using ims-sdk, url http://helix-abc.com/, error: com.bmc.ade.ims.exceptions.IMSTokenException: java.util.concurrent.ExecutionException: com.bmc.ade.ims.exceptions.IMSTokenException: org.apache.http.conn.HttpHostConnectException: Connect to helix-abc.com:80 [helix-abc.com/172.16.189.xxx] failed: Operation timed out
com.lightbend.lagom.scaladsl.api.transport.PolicyViolation: User not authenticated - The swp-authproxy container logs
18-06-25 07:53:14.501 UTC [O-1 I/O-13] DEBUG io.undertow.request.error-response.debugf():
Setting error code 500 for exchange HttpServerExchange{ GET /swpui/api/mediator/v3/destinations/retrieve/all}
java.lang.RuntimeException: null
at io.undertow.server.HttpServerExchange.setStatusCode(HttpServerExchange.java:1491) ~[authproxy.jar:na]
at io.undertow.server.handlers.proxy.ProxyHandler$ResponseCallback.completed(ProxyHandler.java:724) ~[authproxy.jar:na]
at io.undertow.server.handlers.proxy.ProxyHandler$ResponseCallback.completed(ProxyHandler.java:702) ~[authproxy.jar:na]
at io.undertow.client.http.HttpClientExchange.setResponse(HttpClientExchange.java:125) ~[authproxy.jar:na]
at io.undertow.client.http.HttpClientConnection$ClientReadListener.handleEvent(HttpClientConnection.java:670) ~[authproxy.jar:na]
at io.undertow.client.http.HttpClientConnection$ClientReadListener.handleEvent(HttpClientConnection.java:535) ~[authproxy.jar:na]
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) ~[authproxy.jar:na]
at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) ~[authproxy.jar:na]
at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) ~[authproxy.jar:na]
at org.xnio.nio.WorkerThread.run(WorkerThread.java:591) ~[authproxy.jar:na]
18-06-25 07:53:14.501 UTC [O-1 I/O-13] DEBUG client.http.HttpClientExchange.terminateResponse():
response terminated for request to swp-ui/172.18.0.xx:7555/swpui/api/mediator/v3/destinations/retrieve/all
This issue occurs when the on-premises gateway can't communicate with Identity Management System (IMS) due to a failed connection. | This issue occurs if authentication is enabled for the on-premises gateway. | To resolve this issue, set the required communication protocol between the on-premises gateway and IMS by using the USE_HTTPS_IMS_URL parameter: - Stop the container services by using the following commands:
- docker-compose service
docker-compose down - podman-compose service
podman-compose down
- Navigate to the /IIGateway_INSTALL_DIR/hii directory.
- Open the docker-compose.yaml or podaman-compose.yaml file with an editor.
- Locate the mediator > environment section and search for the USE_HTTPS_IMS_URL parameter.
- Set the value of the parameter:
- true: The HTTPS protocol is used for communication,
- false (default): The HTTP protocol is used for communication
- Save and close the file.
- Start the container services by using the following commands:
docker-compose service:
docker-compose up -d podman-compose service:
podman-compose -f podman-compose.yaml up -d
|
| Rapid growth of log files in the on-premises gateway installation directory might lead to disk space issues. | Logging is enabled even during normal operations. | Enable logging only when you are troubleshooting issues; otherwise, keep it disabled. Perform the following steps to disable the logging: - On the on-premises gateway server, open the /<IIGateway_INSTALL_DIR>/hii/conf/neo-logging.yaml file by using a text editor.
- Set the rootLevel attribute to info:
rootLevel: info - For each connection instance on the BMC Helix Intelligent Integrations UI, click Configure Mediator
 on the SOURCES panel. - For each data type, on the COLLECTOR CONFIGURATION and DISTRIBUTOR CONFIGURATION tabs, toggle Edit JSON.
- Set the values of the logging parameters (if present) to false, as shown in the following example:
- "logResponses": false
- "logRequests": false
- "logging": false
- Click Save.
- Toggle Edit JSON.
- Click SAVE & CLOSE.
- Repeat steps from 3 to 8 for the destination on the DESTINATIONS panel.
- Restart the container services by using the following commands:
- docker-compose service
docker-compose down
docker-compose up -d - podman-compose service
podman-compose down
podman-compose -f podman-compose.yaml up -d
|
BMC Helix applications stop receiving events, metrics, or topology data from third-party products. And the swp-mediator container logs contain the following error message: Posting Resource Exhausted event: Java heap space | JVM tried to allocate memory on the Java heap, and there wasn’t enough free heap. | To resolve the issue, increase the JVM max heap size: - Stop the container services by using the following commands:
- docker-compose service
docker-compose down - podman-compose service
podman-compose down
- On the on-premises gateway server, open the /<IIGateway_INSTALL_DIR>/hii/conf/swp_jvm.ini file by using a text editor.
- Locate the attribute starting with -J-Xmx, for example, -J-Xmx4G
- Increase the heap max size of the attribute. For example, update it to -J-Xmx16G.
If you still see the Java heap space error, increase the max heap size further. - Start the container services by using the following commands:
docker-compose service:
docker-compose up -d podman-compose service:
podman-compose -f podman-compose.yaml up -d
|
