02-06-2012 02:46 AM
I have some problems with LMS 4.1. When i switch to https i can't accces
I have these message :
Forbidden
You don't have permission to access /cwhp/LiaisonServlet on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
2 question : the timer of sysolg is not synchronised with the ntp server : when i see the error ( time it's ok) but when i see the same error in the syslog i have a one hour time lag.
Thanks
Red1
02-15-2012 08:45 AM
Hi.
I have the same problem. Any ideas?
02-15-2012 10:28 AM
There is sometimes a problem with the redirecting after you log in. Try to go direcly to this url:
https://
Cheers,
Michel
02-16-2012 02:35 AM
Hi Michel,
Your answer is about https or syslog??
Thank you
Red1
02-16-2012 03:28 AM
Here is recommendation from Cisco TAC. It was perect for me (Cisco Prime LMS for Windows 4.1. Problem: no access to portal after switching to https)
-- Dont forget to start you shell session as Administrator
net stop crmdmgtd
-- Remove server.* files under NMSROOT\MDC\Apache\conf\ssl
NMSROOT\bin\perl NMSROOT\MDC\Apache\ConfigSSL.pl -disable
NMSROOT\bin\perl NMSROOT\MDC\Apache\ConfigSSL.pl -enable
-- If the command says something as " Usage ConfigSSL.pl -enable | -disable"
-- Please then try it like this:
-- NMSROOT\bin\perl NMSROOT\MDC\Apache\perl ConfigSSL.pl -disable
-- NMSROOT\bin\perl NMSROOT\MDC\Apache\perl ConfigSSL.pl -enable
NMSROOT\bin\perl NMSROOT\MDC\Apache\bin\ConfigSSL.pl -disable (only if you do not use SSL https://...)
net start crmdmgtd
-- Ensure that the following files are created under
-- NMSROOT\MDC\Apache\conf\ssl
-- server.crt
-- server.key
-- server.pk8
-- Wait about 15 minutes or so and login again.
02-16-2012 03:48 AM
Thank you very much Vladimir,
I will tray it.
Cdlt
Red1
03-07-2012 10:31 PM
I had a little trouble following Vladimir's response, so I paid attention while the TAC engineer did his thing...
Delete the server.* files as indicated in vlad's post above
at CMD prompt opened as Administrator:
C:\>net stop crmdmgtd
Then
C:\Program Files (x86)\CSCOpx\MDC\Apache>C:\Progra~2\CSCOpx\bin\perl.exe ConfigSSL.pl -disable
(after hitting enter, message was "SSL is disabled. Restart Daemon Manager to reflect the changes.
Next command was
C:\Program Files (x86)\CSCOpx\MDC\Apache>C:\Progra~2\CSCOpx\bin\perl.exe ConfigSSL.pl -enable
Output was:
You don't have a private key and/or certificate
*** Running key and certificate generation utility ***
Please enter the following information. It is needed to generate your temporary certificate
Country (2 letter code) :
State or Province (full name):
Locality (eg, city) :
Orgaization (eg, company):
Organization_unit (eg, company):
Host Name (eg, FQDN):
enter email address (eg, your_name@domainname.com):
After hitting enter, the private key and certificate was generated.
net start crmdmgtd
IMPORTANT: It took a good 15 minutes for the services to restart (as Vlad indicates). You can check their status by typing
c:\Program Files (x86)\CSCOpx\bin>pdshow -brief
The TAC engineer said this was how they used to change the https/http login method on previous versions, but now there was a radio button on the Settings page in LMS. Selecting that button is supposed to do what these command lines just did, but they are not. BUG.
08-06-2012 02:13 AM
That works perfectly for me as well....
09-11-2012 02:41 AM
Thanks for that Post.
It also solved my Problem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide