Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

LMS 4.1 https/syslog

I have some problems with LMS 4.1. When i switch to https i can't accces

I have these message :

Forbidden

You don't have permission to access /cwhp/LiaisonServlet on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

2 question : the timer of sysolg is not synchronised with the ntp server : when i see the error ( time it's ok) but when i see the same error in the syslog i have a one hour time lag.

Thanks

Red1

  • Network Management
8 REPLIES
New Member

LMS 4.1 https/syslog

Hi.

I have the same problem. Any ideas?

LMS 4.1 https/syslog

There is sometimes a problem with the redirecting after you log in. Try to go direcly to this url:

https:///cwportal/group/lms/lms-monitoring

Cheers,

Michel

New Member

LMS 4.1 https/syslog

Hi Michel,

Your answer is about https or syslog??

Thank you

Red1

New Member

LMS 4.1 https/syslog

Here is recommendation from Cisco TAC. It was perect for me (Cisco Prime LMS for Windows 4.1. Problem: no access to portal after switching to https)

-- Dont forget to start you shell session as Administrator

net stop crmdmgtd

-- Remove server.*  files under NMSROOT\MDC\Apache\conf\ssl

NMSROOT\bin\perl NMSROOT\MDC\Apache\ConfigSSL.pl -disable

NMSROOT\bin\perl NMSROOT\MDC\Apache\ConfigSSL.pl -enable

-- If the command says something as " Usage ConfigSSL.pl -enable | -disable"

-- Please then try it like this:

--  NMSROOT\bin\perl NMSROOT\MDC\Apache\perl ConfigSSL.pl -disable

--  NMSROOT\bin\perl NMSROOT\MDC\Apache\perl ConfigSSL.pl -enable

NMSROOT\bin\perl NMSROOT\MDC\Apache\bin\ConfigSSL.pl -disable (only if you do not use SSL https://...)

net start crmdmgtd

-- Ensure that the following files are created under

--   NMSROOT\MDC\Apache\conf\ssl

--   server.crt

--   server.key

--   server.pk8

-- Wait about 15 minutes or so and login again.

New Member

LMS 4.1 https/syslog

Thank you very much Vladimir,

I will tray it.

Cdlt

Red1

New Member

Re: LMS 4.1 https/syslog

I had a little trouble following Vladimir's response, so I paid attention while the TAC engineer did his thing...

Delete the server.* files as indicated in vlad's post above


at CMD prompt opened as Administrator:

C:\>net stop crmdmgtd

Then

C:\Program Files (x86)\CSCOpx\MDC\Apache>C:\Progra~2\CSCOpx\bin\perl.exe ConfigSSL.pl -disable
(after hitting enter, message was "SSL is disabled.  Restart Daemon Manager to reflect the changes.

Next command was
C:\Program Files (x86)\CSCOpx\MDC\Apache>C:\Progra~2\CSCOpx\bin\perl.exe ConfigSSL.pl -enable

Output was:
You don't have a private key and/or certificate

*** Running key and certificate generation utility ***

Please enter the following information.  It is needed to generate your temporary certificate

Country (2 letter code) :
State or Province (full name):
Locality (eg, city) :
Orgaization (eg, company):
Organization_unit (eg, company):
Host Name (eg, FQDN):
enter email address (eg, your_name@domainname.com):

After hitting enter, the private key and certificate was generated.


net start crmdmgtd

IMPORTANT:  It took a good 15 minutes for the services to restart (as Vlad indicates).  You can check their status by typing

c:\Program Files (x86)\CSCOpx\bin>pdshow -brief

The TAC engineer said this was how they used to change the https/http login method on previous versions, but now there was a radio button on the Settings page in LMS.  Selecting that button is supposed to do what these command lines just did, but they are not.  BUG.

New Member

LMS 4.1 https/syslog

That works perfectly for me as well....

New Member

LMS 4.1 https/syslog

Thanks for that Post.

It also solved my Problem

2210
Views
0
Helpful
8
Replies