Troubleshooting TLS configuration issues

If there are any TLS configuration issues, the relevant cell service logs do not have related messages to identify the issues.

The following section helps you to enable TLS logs so that the TLS related information is logged in the files:

To enable TLS debug log messages for TrueSight Infrastructure Management

Do the following:

  1. Using a text editor, open and edit the following configuration files:

    Component

    Process

    Configuration file

    TLS debug log file

    TrueSight Infrastructure Management


    JServer

    (Windows and Linux) <Infrastructure Management Server Installation Directory>\TrueSight\pw\pronto\conf\pnjserver.conf

    Truesight.log

    Rate

    (Windows and Linux) <Infrastructure Management Server Installation Directory>\TrueSight\pw\pronto\conf\pnrate.conf

    Truesight.log

    Integration Service

    (Windows and Linux) <Infrastructure Management Server Installation Directory>\TrueSight\pw\pronto\conf\pnagent.conf

    Truesight.log

    pronet_cntl

    (Windows and Linux) <Infrastructure Management Server Installation Directory>\TrueSight\pw\pronto\conf\pnagentcntl.conf

    Truesight.log

  2. Add the -Djavax.net.debug parameter and set it to ssl as shown in the following code block, and save the files: 

    #Debug -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005
    Option=Debug -XDebug -XNoagent -Djavax.net.debug=ssl -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005
  3. (Applicable only to the Rate process) Run the following command to print the log messages in the <Infrastructure Management Server Installation Directory>\TrueSight\pw\pronto\logs\debug\rate.log file:
    pw debug on -p rate -s rate

  4. (Applicable only to the Agent Controller process) Run the following command to print the log messages in the <Infrastructure Management Server Installation Directory>\TrueSight\pw\pronto\logs\debug\pronet_cntl.log file: 

    pw debug on -p pronet_cntl -s pronet_cntl

  5. Restart the JServer, Rate, Integration Service, and pronet_cntl processes. 

    TLS related information and errors will be printed in the <Infrastructure Management Server Installation Directory>\TrueSight\pw\pronto\logs\Truesight.log file.

To enable TLS debug log messages for Publishing Server

  1. Go to the <Infrastructure Management Server Installation Directory>\TrueSight\pw\server\bin directory. 
  2. Using a text editor, open and edit the following file:
    • (Windows) pserver.bat
    • (Linux) pserver.sh

  3. Add the -Djavax.net.debug parameter and set it to ssl in the PS_JVM_ARGS variable as shown in the following code block, and save the file:

    set PS_JVM_ARGS=-Dps=DUMMY -Djava.library.path="%ATRIUM_CMDB_HOME%" -Dorg.apache.activemq.SERIALIZABLE_PACKAGES="*" -Djavax.net.debug=ssl

  4. Restart the pserver process.

    TLS related information and errors will be printed in the <Infrastructure Management Server Installation Directory>\TrueSight\pw\server\tmp\<ps_name>\pserver.out file.

To enable TLS debug log messages for Impact Integration Web Services (IIWS) server

Microsoft Windows

  1. Go to the <IIWS Installation Directory>\Tomcat\bin directory. 
  2. Create a file named setenv.bat.
  3. Add the following line in the setenv.bat file:
    set JAVA_OPTS= -Djavax.net.debug=ssl
  4. Stop the Windows service in the IIWS server.
  5. Go to the <IIWS Installation directory>\Tomcat\bin directory. 
  6. From the command prompt, run the following command to start Tomcat:
    catalina start >  stdout.txt 2>&1
    This command will open a new window and start displaying the SSL log messages.

Linux

  1. Go to the <IIWS Installation Directory>/Tomcat/bin directory.
  2. Create a file named setenv.sh.
  3. Add the following line in the setenv.bat file:
    JAVA_OPTS=' -Djavax.net.debug=ssl '
  4. Stop the IIWS server by running the following command:
    ./BMCImpactWebService stop
  5. Start the IIWS server by running the following command:
    ./BMCImpactWebService start

           The SSL logs will be printed in the <IIWS Installation Directory>/Tomcat/logs/catalina.out file.

To enable TLS debug log messages for TrueSight Presentation Server

  1. Go to the <Presentation Server Installation Directory>\truesightpserver\conf\services directory. 
  2. Open and edit the csr.conf file.

  3. Add the -Djavax.net.debug parameter and set it to ssl as shown in the following code block, and save the file:

    vm.args.system.<number>=-Djavax.net.debug=ssl

  4. Restart the Presentation Server.

    TLS related information and errors will be printed in the <Presentation Server Installation Directory>\truesightpserver\logs\session.stdout file.


Where to go from here

Troubleshooting-a-Presentation-Server-deployment

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*