HTTPS 证书更改后 PowerFlex 网关不可用

Summary: 问题描述: 将 PowerFlex 网关用于浏览器访问的 SSL 证书从自签名证书更改为自定义证书后,无法再访问网页。

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

症状

 - 使用网关的 IP 或 DNS 名称表示无法访问该站点。

 - 服务运行成功。

# systemctl status scaleio-gateway
● scaleio-gateway.service - EMC ScaleIO Gateway service
   Loaded: loaded (/etc/systemd/system/scaleio-gateway.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2023-11-06 13:21:11 EST; 3min 44s ago
  Process: 23621 ExecStart=/opt/emc/scaleio/gateway/bin/startup.sh > /dev/null 2> /dev/null (code=exited, status=0/SUCCESS)
 Main PID: 23635 (java)
   CGroup: /system.slice/scaleio-gateway.service
           └─23635 /usr/bin/java -Djava.util.logging.config.file=/opt/emc/scaleio/gateway/conf/logging.properties -Djava.util.logging.manager=org.apache.jul...

Nov 06 13:21:11 rhel-79 systemd[1]: Starting EMC ScaleIO Gateway service...
Nov 06 13:21:11 rhel-79 startup.sh[23621]: Tomcat started.
Nov 06 13:21:11 rhel-79 systemd[1]: Started EMC ScaleIO Gateway service.


 - catalina 日志文件显示无法打开密钥库:

06-Nov-2023 11:59:04.189 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[HTTP/1.1-443]]
        org.apache.catalina.LifecycleException: Protocol handler initialization failed
                at org.apache.catalina.connector.Connector.initInternal(Connector.java:1075)
                at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
        Caused by: java.lang.IllegalArgumentException: Keystore was tampered with, or password was incorrect
 

影响

网关 UI 不可用。 

Cause

根本原因

在这种情况下,/opt/emc/scaleio/gateway/conf/catalina.properties 文件有两个值,在将自定义证书添加到网关时会进行编辑:
keystore.file = <keystore location>
keystore.password = <password>

密钥库的密码在行末尾有一个额外的空格。 

Resolution

解决方法

删除密码行末尾的多余空格,然后重新启动网关服务。

service scaleio-gateway restart

 

使用以下命令验证是否可以按预期打开密钥库:

keytool -list -keystore <keystore location> -storepass <password>
如果它打开,则表示密码正确。

受影响的版本

PowerFlex 3.x

已修复问题的版本

不适用 — 不是 PowerFlex 问题

Products

PowerFlex rack, VxFlex Ready Nodes, PowerFlex custom node, PowerFlex appliance R650, PowerFlex appliance R6525, PowerFlex appliance R660, PowerFlex appliance R6625, Powerflex appliance R750, PowerFlex appliance R760, PowerFlex appliance R7625 , PowerFlex custom node, PowerFlex custom node R650, PowerFlex custom node R6525, PowerFlex custom node R660, PowerFlex custom node R6625, PowerFlex custom node R750, PowerFlex custom node R760, PowerFlex custom node R7625, PowerFlex custom node R860, PowerFlex appliance R640, PowerFlex appliance R740XD, PowerFlex appliance R7525, PowerFlex appliance R840 ...
Article Properties
Article Number: 000263856
Article Type: Solution
Last Modified: 24 Dec 2024
Version:  1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.