StoreVirtual Storage

Updates check from CMC not working anymore

 
SOLVED
Go to solution
LF1UK
Occasional Contributor

Updates check from CMC not working anymore

Checking for updates or view notifications in CMC doesn't work anymore. Last working check was few weeks ago. The HTTPS address CMS is using for checking news is https://downloads.hpe.com/pub/StoreVirtual/CMC/
but is shows:

Forbidden

You don't have permission to access /pub/StoreVirtual/CMC/ on this server.

Can HPE restore the access? StoreVirtual licences are still under valid support contract.

20 REPLIES 20
oppemarc
Occasional Visitor

Re: Updates check from CMC not working anymore

I have the same Problem cant update my Systems!

Rachna-K
HPE Pro

Re: Updates check from CMC not working anymore

@oppemarc

There is an issue with the Certificates. We nee to add and update them manually.

Request you to raise a ticket with the Support for the same. 


Regards,
Rachna K
I am an HPE Employee

Accept or Kudo




Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the company
Rachna-K
HPE Pro

Re: Updates check from CMC not working anymore

@LF1UK 

We need to add the Certificates manually. Please have a ticket raised with the Support. 


Regards,
Rachna K
I am an HPE Employee

Accept or Kudo




Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the company
GFGAdmin
Occasional Advisor

Re: Updates check from CMC not working anymore

I have manually added the CA and the downloads.hpe.com certificate to the keystore using the import function from keytool.

This did not resolve the issue. 

Please advise. 

Serverparken
Occasional Advisor

Re: Updates check from CMC not working anymore

Same problem here. Please fix this HPE - or publish the solution somewhere.

Rachna-K
HPE Pro

Re: Updates check from CMC not working anymore

@GFGAdmin @Serverparken 

There is a digital certificate issue with the CMC and we have a workaround.

Please log a Case with the Support and we can assist you to perform the workaround. 


Regards,
Rachna K
I am an HPE Employee

Accept or Kudo




Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the company
Serverparken
Occasional Advisor

Re: Updates check from CMC not working anymore

@Rachna-K  - Well, I suppose a lot of customers are having the same problem, so I would suggest that you instead publish the solution here in the forums...

GFGAdmin
Occasional Advisor

Re: Updates check from CMC not working anymore

@Serverparken 

Completely agreed.  

@Rachna-K 

To say 'we know we broke it, open a ticket so we can fix it' seems a little disingenuous.  If it broke, and HPE knows they broke it, then they should come out and state the fix.

Rachna-K
HPE Pro

Re: Updates check from CMC not working anymore

@Serverparkenand @GFGAdmin

 

I understand. I was waiting for an official Advisory on this which will be released soon.

 

Please find below the workaround:

 

We need to install new DigiCert Public SSL Intermediate Certificates (SHA1) certificates on

  • Host machine where CMC is installed.
  • CMC Java runtime environment

 

DigiCert Certificate installation and import steps:

 

Step 1:  Login to Windows host where CMC is installed and make sure that internet connection is working properly on the same host.

 

Step 2: Download the new DigiCert certificate from below hyperlink.

New DigiCert Public SSL Intermediate Certificates under SHA1 Root

DigiCert TLS RSA SHA256 2020 CA1 (binary or DER)

 

Step 3:  Copy downloaded certificate “DigiCertTLSRSASHA2562020CA1.cer” into CMC installation directory (“C:\Program Files (x86)\HPE\StoreVirtual\UI\jre\bin”) and try to install it in machine (double click on certificate and install in windows host)

 

Double click on the Certificate to install on machine.

 

Click on ‘Install Certificate’

 

Click on “Next”

 

Click "OK" once the Import is successful.

 

 

Step 4: Open a command prompt in same directory path (“C:\Program Files (x86)\HPE\StoreVirtual\UI\jre\bin”) where CMC is installed.

 

Step 5: Run below keytool command to import the downloaded DigiCert certificate in JRE security which is used by CMC.

                             

keytool –importcert –trustcacerts –alias <ALIASNAME> -file <PATH_TO_FILENAME_OF_THE_INSTALLED_CERTIFICATE> -keystore <PATH_TO_CACERTS_FILE> -storepass changeit

 

How to verify whether the imported certificate is added into ‘cacerts’ or not?

               Run below keytool command to verify :-

               keytool -list -keystore <PATH_TO_CACERTS_FILE> -alias <ALIASNAME>

 

(Enter keystore password: changeit )

 

Step 6: Close the CMC application instances and relaunch it again.

 

Step 7: Try to download the latest ‘upgrades.xml’ file thru CMC.


Regards,
Rachna K
I am an HPE Employee

Accept or Kudo




Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the company