Troubleshooting BMC Digital Workplace Tomcat
The topic provides information about how to troubleshoot the most common issues related to BMC Digital Workplace Tomcat.
The most common issues are related to Tomcat startup, Tomcat SSL, and updating AR Server References in BMC Digital Workplace Tomcat when the AR Server password has changed. This topic also describes how to update Tomcat when you Clone and Restore BMC Digital Workplace environments.
BMC Digital Workplace main configuration files
File | Location | Configuration |
|---|---|---|
server.xml | <tomcat8.5/>conf/ | The server. xml file is BMC Digital Workplace Tomcat's main configuration file, and is responsible for specifying Tomcat's initial configuration on startup as well as defining the way and order in which Tomcat boots and builds. The file contains configuration details of Tomcat's Connector Ports, Engine (Catalina), and Host name. |
connect-dwp.properties | <tomcat8.5/>external-conf | The connect-dwp.properties file contains BMC Digital Workplace Tomcat properties for connections. Out of the box, this file contains the following connection properties: SMTP Host, cluster configuration, Service Health Subscription Poller. You can also add new properties to this file as directed by BMC Digital Workplace Engineering. |
rsso-agent.properties | <tomcat8.5/>external-conf | The rsso-agent.properties file enables you to define the mapping between the BMC Digital Workplace domain and Remedy Single Sign-On server using the following properties: sso-external-url and sso-service-url. |
sso-sdk.properties | <tomcat8.5/>external-conf | The sso-sdk.properties enables you to define the tenant setting for RSSO. |
logback-dwp.xml | <tomcat8.5/>external-conf | The logback-dwp.xml file enables you to define the logging level for BMC Digital Workplace specific troubleshooting. |
logback.xml | <DWP/DWP/>data-transfer | The logback.xml file enables you to define the logging level for data transfer troubleshooting. |
hosts file | /etc/hosts | The hosts file enables you to configure DNS resolution when no DNS server is in place. |
web.xml | <tomcat8.5/>conf/ | The web.xml file defines the default values for all web applications loaded into this instance of Tomcat. This file enables you to add more security settings as well as enable session persistence on the BMC Digital Workplace application. |
keystore | user defined | The keystore file shows the location of BMC Digital Workplace certificates imported by the administrator. |
java cacerts | /usr/java/latest/lib/security/cacerts | The Java cacerts file shows the location of your imported BMC Digital Workplace Catalog, RSSO, ITSM, SmartIT, and related certs. |
dwp.xml | <tomcat8.5/>/conf/Catalina/localhost | The dwp.xml file provides the BMC Digital Workplace database connection details. |
Tomcat Logs | <tomcat8.5/>/logs | The Tomcat Log files record the details of monitored, processed HTTP traffic (such as the URLs, methods, their status codes and time of execution) in the localhost_access_[date].txt file. |
BMC Digital Workplace Logs | <BMC Digital Workplace Installation>/DWP/DWP/logs | The BMC Digital Workplace Log files contain information such as errors and requests made by the application to the server. Starting with BMC Digital Workplace 19.02, as a MyIT Administrator, you can enable different DEBUG Log Levels from BMC Digital Workplace Admin Console > Configuration > Logging. By default, this Log Level is set to WARN or ERROR. You can set it to DEBUG to capture diagnostic information while troubleshooting BMC Digital Workplace application issues. Important: After you've finished with troubleshooting, revert the Log Level to WARN or ERROR.
|
Diagnosing and reporting an issue
After you identify the symptoms and scope of the issue, use this troubleshooting guide to diagnose and resolve the issue.
Issues/Symptoms | Steps | Reference |
|---|---|---|
Tomcat not starting | Navigate to <tomcat x>/logs directory, and review the following log files. Look for SEVERE and Warning entries to find the root cause of the issue:
Review the BMC Digital Workplace log files in the <BMC Digital Workplace Installation>/DWP/DWP/logs directory and look for ERROR entries. Most of the time the root cause is likely to be:
| Configuring BMC Digital Workplace Logs https://docs.bmc.com/docs/digitalworkplaceadvanced/2002/configuring-logs-908224225.html |
Unable to start BMC Digital Workplace/BMC Digital Workplace Catalog after SSL is enabled, due to the error "PKIX path building failed" under BMC Digital Workplace Enhanced Catalog Section | To fix the error "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target error", follow these steps:
3. Ensure that all BMC Digital Workplace Catalog cluster nodes have the cert imported to the servers. Also import the certs into the cluster nodes for BMC Digital Workplace, AR Server, SmartIT, and RSSO servers. 4. Import the certificate to the cacerts file by using the following commands: Note: This can be Java cacerts or a custom cacerts.
5. Restart all application Tomcat (BMC Digital Workplace Catalog, BMC Digital Workplace, SmartIT) and AR Server services. 6. Clear the browser cache. 7. Log into the BMC Digital Workplace Admin Console and go to Configuration > Enhanced Catalog. 8. Update the BMC Digital Workplace Catalog URL with the correct port and URL values. Note: Repeat for each BMC Digital Workplace Load Balanced URLs by logging into the BMC Digital Workplace Admin console > Configuration > Enhanced Catalog. Update the BMC Digital Workplace Catalog URL with the correct port and URL information from each node. 9. Do the same (update with correct port and URL values) on the AR server's SB:RemoteApprovalConfiguration and Centralized Configuration's com.bmc.itsm.sbe component.
10. Update the Setting Value with the correct values. 11. Click Save. 12. Confirm that you are not getting the error anymore. If you are still getting the error, use SSL Poke to verify connectivity. SSL Poke is a third-party tool that enables you to verify that the cacerts file has the correct certificates added to it to connect securely.
If the connection is successful, you will get a successful message such as "Connection was successful". If the connection failed, you will get more details on the failure, such as:
You will need to resolve the issues identified by SSL Poke for the connection to be successful. For example:
keytool -list -v -keystore keystore.jks
keytool -list -v -keystore keystore.jks -alias mydomain | BMC Digital Workplace Advanced/Basic +SSL Additional resources:
|
Authentication Failed BMC Digital Workplace Catalog Services/Banners are not visible after SSL is enabled. BMC Digital Workplace Catalog loops when service is restarted. | Ensure that you follow these requirements when configuring the BMC Digital Workplace Catalog server files:
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
Jetty-Port: 443 Jetty-Protocol: HTTPS
cat jersey.0.0.log | grep -i ssl at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:426)
./sb/rxscripts/trace.log:1:== Info: About to connect() to xxxxxx port 443 (#0) If the issue is still not resolved, you can add additional logging if needed using the following steps:
The additional logging will be captured in startup_console.log and armonitor.log. | |
Scenario 1. 623 Authentication Failed after Remedy Application Service password was changed. Scenario 2. How to Update AR Server References in BMC Digital Workplace when Remedy Application Password has Changed | The following steps apply to BMC Digital Workplace 18.05 and later: Important: Take a database snapshot prior to modifying anything at the database level. Follow the steps given below when:
Encrypting the Password If the Remedy Application Password has changed, the password needs to be encrypted and updated in the database.
3. Save that encrypted password and use it when updating the AR server password in the database. Updating AR Server references in the database 1. Edit the following files and point them to the new host. Update SQL/Oracle database details as needed.
2. Edit the following file: /opt/apache/tomcat8.5/external-conf/connect-dwp.properties Update the api.token value to the current api.token (if it has changed) and use the same api.token for all your BMC Digital Workplace Servers. 3. Use the steps given below to verify that the BMC Digital Workplace database has the new AR Server host name, port, and password.
Updating AR Server References in BMC Digital Workplace Admin 1. Log in to BMC Digital Workplace Administration and go to Configuration > Providers. 2. Update all Pluggable Providers in /dwp/admin/configuration/features.html with the correct AR Server host name, port number, and credentials where needed. Updating RSSO configuration 1. If using RSSO, edit the RSSO agent files in <apache install directory>/external-conf:
2. Restart the Tomcat servers for the changes to take effect.
|
