3 Replies Latest reply on Dec 7, 2012 9:00 AM by Gurneet Singh Chopra

    BL Console tries to accept 2 certificates when going through VIP

    Gurneet Singh Chopra

      Hi,

       

      We have 2 application servers whcih we manager through VIP. Sometimes, when we try connecting to VIP through BL Console, it tries 2 accept 2 individual certificates from 2 application servers and then throows an error saying:

       

      Your session credentials has been rejected by the server.

       

      How can we manage this?

       

      Thanks,

      Gurneet

        • 1. Re: BL Console tries to accept 2 certificates when going through VIP
          Bill Robinson

          you need to do a couple things:

           

          1 - copy the bladelogic.keystore file from the NSH/br/deployments/_template/ from the 1st appserver to the 2nd, and into all of the folders in NSH/br/deployments/*.  you may need to update blasadmin w/ the correct password for this file.  what versoin of bsa are you using?  there should be a KA on how to do this.

           

          2 - what is in the appserver log when you get the credential rejected?  is the load balancer passing the source ip through the vip ?

          • 2. Re: BL Console tries to accept 2 certificates when going through VIP
            Gurneet Singh Chopra

            Hello Bill,

             

            Its BSA 8.2 SP2. We have file server and database server both on 2 node O.S Cluster.

             

            In the Infrastructure Management section of BL Console, i already see 2 application servers up and running. Do i still need to synchronize the bladelogic.keystore files between 2 application servers?

             

            When the "credential rejected" error comes, i see the following error in the appserver log:

             

            [07 Dec 2012 11:18:40,623] [Authentication-Service-Thread-2] [WARN] [::10.54.82.4] [Appserver] Connection closed by /10.54.82.4:41567 before pre-authentication handshake could be completed.

            [07 Dec 2012 11:18:40,623] [Authentication-Service-Thread-2] [INFO] [::10.54.82.4] [Appserver] Authentication Connection closed

            [07 Dec 2012 11:18:42,729] [Client-Connections-Thread-3] [WARN] [Anonymous:Anonymous:10.54.82.4] [Client] Connection closed by /10.54.82.4:36911 before pre-authentication handshake could be completed.

            [07 Dec 2012 11:18:42,729] [Client-Connections-Thread-3] [WARN] [Anonymous:Anonymous:10.54.82.4] [Client] Error authorizing the connection

            [07 Dec 2012 11:18:42,729] [Client-Connections-Thread-3] [INFO] [Anonymous:Anonymous:10.54.82.4] [Client] Connection disconnecting: id = 50695

            [07 Dec 2012 11:18:45,615] [Authentication-Service-Thread-1] [WARN] [::10.54.82.4] [Appserver] Connection closed by /10.54.82.4:41694 before pre-authentication handshake could be completed.

            [07 Dec 2012 11:18:45,615] [Authentication-Service-Thread-1] [INFO] [::10.54.82.4] [Appserver] Authentication Connection closed

            [07 Dec 2012 11:18:47,721] [Client-Connections-Thread-8] [WARN] [Anonymous:Anonymous:10.54.82.4] [Client] Connection closed by /10.54.82.4:37032 before pre-authentication handshake could be completed.

            [07 Dec 2012 11:18:47,721] [Client-Connections-Thread-8] [WARN] [Anonymous:Anonymous:10.54.82.4] [Client] Error authorizing the connection

            [07 Dec 2012 11:18:47,721] [Client-Connections-Thread-8] [INFO] [Anonymous:Anonymous:10.54.82.4] [Client] Connection disconnecting: id = 50696

             

            -Gurneet

            • 3. Re: BL Console tries to accept 2 certificates when going through VIP
              Gurneet Singh Chopra

              Hi,

               

              Synchronizing bladelogic.keystore file between two app servers helped. Thanks bill.

               

              -Gurneet