Communication error from the App Visibility agent for .NET to the server
On Windows Server 2012, the App Visibility agent for .NET log file, installationDirectory\BMC Software\App Visibility\Agent for .NET\logs\current.log, occasionally shows an error in communication with the App Visibility portal or collector.
Sample error
06:15:21.636 1656: 5872 NOTICE AgentCore::ExternCommLayer::CollectorTask<struct AgentCore::RequestInstance const >::execute(): Task executed with exception, call callback with exception info for processing; ex: AgentCore::ExternCommLayer::HttpException{message: `SendRequest failed. Destination info: HttpDestRequest
{host: L`<hostName>’, port: 8200, proxy: L`', proxyPort: 0}
, security info: HttpSecurityInfo
{securityLevel: 3(secure - encrypted and authenticated), certificationHint: 0(self signed)}
: The buffers supplied to a function was too small. (error code: 2148074273/0x80090321)'}; agentcore\externcommlayer\collectorproxy\collectorproxy.cpp(56); /AgentCore/ExternCommLayer/CollectorProxy
Issue
Sometimes, communication fails between the App Visibility agent for .NET and the App Visibility portal or collector.
Probable cause
An open issue with Microsoft exists, where the TLS handshake intermittently fails for the DHE-RSA key exchange.
Resolution
Perform one of the following procedures:
- To remove the DHE ciphers from the property for the portal and collector
- To remove the TLS 1.2 protocol from the portal and collector properties files
To remove the DHE ciphers from the tomcat.ciphers property for the portal and collector
- Stop the App Visibility portal collector services.
- Open the properties file for each component in a text editor:
- Portal: portal_installationDirectory\portal\properties\portal.properties
- Each collector:collector_installationDirectory\collector\properties\collector.properties
- In each component property file, remove the DHE ciphers from the tomcat.ciphers property:
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_128_SHA256
- TLS_DHE_RSA_WITH_AES_128_SHA
- TLS_DHE_DSS_WITH_AES_128_SHA256
- TLS_DHE_RSA_WITH_AES_256_SHA256
- TLS_DHE_DSS_WITH_AES_256_SHA
- TLS_DHE_RSA_WITH_AES_256_SHA
- Start the services.
To remove the TLS 1.2 protocol from the portal and collector properties files
- For the App Visibility portal and collector, open the properties files:
- Portal: portal_installationDirectory\properties\portal.properties
- Each collector: collector_installationDirectory\properties\collector.properties
- In each component property file, copy the tomcat.ssl.enabled.protocols property.
- Comment out one copy (add a hash tag # character to the beginning of the line), creating a commented reference.
- Remove the TLSv1.2 value from the non-commented property:
tomcat.ssl.enabled.protocols = SSLv2Hello,TLSv1,TLSv1.1 - Save the property file.
- Restart the server component service.
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*