Appreciations accepted

Vladlen Litvinov, the author: If you have some job offer for me, I'm ready to discuss it. View Vladlen Litvinov's profile on LinkedIn


Wednesday, December 3, 2014

SSL does not work in a BPM 8.5.5 configuration with on-demand router

I created BPM 8.5.5 environment, transformed it into a dynamic cluster, created on demand router (ODR), and published its plugin-cfg.xml on my web server as it is written in IBM Knowledge Center.
I can open BPM portals, ODR works, but only through http protocol. https does not work. What to do?

Following the guide, you need copy plugin-cfg.xml from ODR profile to the folder of web server plugin config. This file is created or changed during ODR restart.

First of all, look here:

            <Property Name="keyring" Value="/opt/bpm855/profiles/ODR01/etc/plugin-key.kdb"/>
            <Property Name="stashfile" Value="/opt/bpm855/profiles/ODR01/etc/plugin-key.sth"/>

The properties point to the keystore files but these files do not exist in this location.
So you must edit the file or copy the files to the specified folder (if it possible).

But https still does not work. Then I looked through the logs. In http_plugin.log I found: 

[01/Dec/2014:22:30:42.10684] 000014c3 e0d64b10 - ERROR: ws_transport: transportInitializeSecurity:security library not found. PluginInstallRoot is not defined.
[01/Dec/2014:22:30:42.10686] 000014c3 e0d64b10 - ERROR: ws_server: serverAddTransport: Failed to initialize security. Secure transports are not possible.
[01/Dec/2014:22:30:42.10686] 000014c3 e0d64b10 - ERROR: ws_server: serverAddTransport: HTTPS Transport is skipped. IMPORTANT: If a HTTP transport is defined, it will be used for communication to the application server.

It is clear. ODR does not create the necessary property in plugin-cfg.xml.
So you have to add this string manually under <config> tag:

   <Property Name="PluginInstallRoot" Value="/opt/IBM/WebSphere/Plugins" />

Everything works but I think it is a real trouble. 

No comments:

Post a Comment