- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Systems Insight Manager
- >
- Re: Single Sign on doesn't work after System Manag...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2012 12:46 AM
06-26-2012 12:46 AM
Single Sign on doesn't work after System Management Homepage update
Hi all
We use our HP SIM with a certificate from our CA and distribute this certificate to all of our servers, which are running a SMH.
The SMH trusts by certificate and the SIM server is known as the trusted management server with this certificate. With the SMH versions 6.3.1.24 and 7.0.0.24 it was possible to use the SSO from SIM to acces the SMH. After updating to the newest Version 7.1.1.1 it is no longer possible to use the SSO and I found this errors in the SMHlog:
CRITICAL
Trusted certificate used for SSO is either revoked or SMH failed to verifiy it against CRL
MAJOR
Certificate verification message: uanble_to_get_local_issuer_certificate
WARNING
Secure Task Execution User:auto_generated was DENIED acces to System Management Homepage to invoke target URL=/Proxy/STE
Does anyone know this problem?
Thanks a lot
nik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2012 04:20 AM
06-26-2012 04:20 AM
Re: Single Sign on doesn't work after System Management Homepage update
Hi nik,
I know this problem - but not the solution, sorry.
i tried so far to create a new certificate for SIM and even renewed the CA certificate to get rid of a URL with file://... for the CRL.
As far as I can remember HP changed OpenSSL to a newer version with this release of SMH.
jens
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2012 03:02 AM
06-28-2012 03:02 AM
Re: Single Sign on doesn't work after System Management Homepage update
hello nik.
the next thing I tried was to look closer at the new SIM 7.1. There is an option how the agents should check for revoked certificates (e.g. is the CA available for the agents or has the SIM a copy of the CRL).
I installed a complete new SIM 7.1 and a new server with the current agents but had no luck at all to get this working.
So my conclusion for the moment is once more: HP broke it, HP should fix it.
Jens
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2012 05:46 AM
06-28-2012 05:46 AM
Re: Single Sign on doesn't work after System Management Homepage update
hello jens
Thanks for your informations.
I also upgraded to SIM 7.1 and tried to configure the Certificate Revocation Check but the probles is still the same.
I am agree with you about HP....
nik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2012 12:28 AM
07-06-2012 12:28 AM
Re: Single Sign on doesn't work after System Management Homepage update
I've just come across this issue too, after upgrading to SIM 7.1 and updating my servers with SMH 7.1.1.1.
Hugely annoying to not have SSO working for any system now - this needs fixing ASAP HP!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2012 12:42 AM
07-06-2012 12:42 AM
Re: Single Sign on doesn't work after System Management Homepage update
Hi,
Just to inform you all that I have no such problems... Have 2 independent SIM environments running with the latest SMH and SIM 7.1 and do not have the SSO problem...
Kr,
Bart
If my post was useful, clik on my KUDOS! "White Star" !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2012 01:02 AM
07-06-2012 01:02 AM
Re: Single Sign on doesn't work after System Management Homepage update
Hi Bart,
are you using a CA in these environments and what kind of CA? Are you copying the CRLs to the SIM servers?
Jens
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2012 01:25 AM
07-06-2012 01:25 AM
Re: Single Sign on doesn't work after System Management Homepage update
Hi Jens,
No I am not using a separate CA...
Kr,
Bart
If my post was useful, clik on my KUDOS! "White Star" !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2012 05:10 AM
07-09-2012 05:10 AM
Re: Single Sign on doesn't work after System Management Homepage update
Hi,
I fixed the problem with the CRL by signing a new SIM Certificate (2048) with my CA.
But the next problem is already here:
The SIM server uses a self-signing certificate (1024) for the SSO and not my new cert from the CA.
Is this a new thing with SIM 7 or why does he take this one?
nik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2012 05:18 AM
07-09-2012 05:18 AM
Re: Single Sign on doesn't work after System Management Homepage update
Hi,
did you changed to SIM certificate or the SMH certificate of the SIM server?
SIM certificates must be changed in SIM (Options / Security / HP Systems Insight Manager Server Certificate) using the button "Import" where you can create a new request and import it later.
After import the SIM has to be rebooted.
I also tried to generate a new CA signed certificate for the SIM (and even setting up a complete new SIM) but had no luck...
Jens