I have some problems with LMS 4.1. When i switch to https i can't accces
I have these message :
You don't have permission to access /cwhp/LiaisonServlet on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
2 question : the timer of sysolg is not synchronised with the ntp server : when i see the error ( time it's ok) but when i see the same error in the syslog i have a one hour time lag.
There is sometimes a problem with the redirecting after you log in. Try to go direcly to this url:
Here is recommendation from Cisco TAC. It was perect for me (Cisco Prime LMS for Windows 4.1. Problem: no access to portal after switching to https)
-- Dont forget to start you shell session as Administrator
net stop crmdmgtd
-- Remove server.* files under NMSROOT\MDC\Apache\conf\ssl
NMSROOT\bin\perl NMSROOT\MDC\Apache\ConfigSSL.pl -disable
NMSROOT\bin\perl NMSROOT\MDC\Apache\ConfigSSL.pl -enable
-- If the command says something as " Usage ConfigSSL.pl -enable | -disable"
-- Please then try it like this:
-- NMSROOT\bin\perl NMSROOT\MDC\Apache\perl ConfigSSL.pl -disable
-- NMSROOT\bin\perl NMSROOT\MDC\Apache\perl ConfigSSL.pl -enable
NMSROOT\bin\perl NMSROOT\MDC\Apache\bin\ConfigSSL.pl -disable (only if you do not use SSL https://...)
net start crmdmgtd
-- Ensure that the following files are created under
-- Wait about 15 minutes or so and login again.
I had a little trouble following Vladimir's response, so I paid attention while the TAC engineer did his thing...
Delete the server.* files as indicated in vlad's post above
at CMD prompt opened as Administrator:
C:\>net stop crmdmgtd
C:\Program Files (x86)\CSCOpx\MDC\Apache>C:\Progra~2\CSCOpx\bin\perl.exe ConfigSSL.pl -disable
(after hitting enter, message was "SSL is disabled. Restart Daemon Manager to reflect the changes.
Next command was
C:\Program Files (x86)\CSCOpx\MDC\Apache>C:\Progra~2\CSCOpx\bin\perl.exe ConfigSSL.pl -enable
You don't have a private key and/or certificate
*** Running key and certificate generation utility ***
Please enter the following information. It is needed to generate your temporary certificate
Country (2 letter code) :
State or Province (full name):
Locality (eg, city) :
Orgaization (eg, company):
Organization_unit (eg, company):
Host Name (eg, FQDN):
enter email address (eg, email@example.com):
After hitting enter, the private key and certificate was generated.
net start crmdmgtd
IMPORTANT: It took a good 15 minutes for the services to restart (as Vlad indicates). You can check their status by typing
c:\Program Files (x86)\CSCOpx\bin>pdshow -brief
The TAC engineer said this was how they used to change the https/http login method on previous versions, but now there was a radio button on the Settings page in LMS. Selecting that button is supposed to do what these command lines just did, but they are not. BUG.