Operations Bridge Manager (OBM) 2020.05 topology integration with OML

Document ID:KM03686907
Creation Date:27-Jul-2020
Modified Date:27-Jul-2020
- Micro Focus Products:
  operations bridge manager 2020.05

Summary

Error received when running startInitialSync.sh

Error

When running the command /opt/OV/bin/OpC/startInitialSync.sh in OML to synchronize the topology with OBM, it shows an error message:

Server : 'https://<OBM_Server>:383/com.hp.ov.ow.SvcDscSvr/SvcDscSvr' is not available.

Please make sure that the certificates are in place and bbcutil -ping

Verfied there was no Firewall, network communication worked fine. Checking the bbcutil -ping <OBM_Server>:383/com.hp.ov.ow.SvcDscSvr/SvcDscSvr works:

bbcutil -ping https://<OBM_Server>:383/com.hp.ov.ow.SvcDscSvr/SvcDscSvr

https://<OBM_Server>:383/com.hp.ov.ow.SvcDscSvr/SvcDscSvr:

status=eServiceOK coreID=87e76efc-d3ee-75b6-0f9a-97753096f094

bbcV=12.12.010 appN=com.hp.ov.ow.SvcDscSvr appV=unknown version

conn=0 time=97 ms

Cause

OBM 2020.05 TLSv1.1 and TLSv1.0 is disabled:

<OBM_HOME>\JRE\lib\security\java.security

jdk.tls.disabledAlgorithms=MD5, SSLv2Hello, TLSv1, TLSv1.1, RSA keySize < 1024, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 256, 3DES_EDE_CBC, anon, NULL

In Operations Agent 12.12, the default TLS version is 1.2:

ovconfget sec.core.ssl

[sec.core.ssl]

COMM_PROTOCOL=TLSv1.2

TLS 1 and 1.1 is diabled in OBM and connections from OML is done using any of the TLS versions. It should be restricted to use just TLSv1.2, that way OBM can accept the communication.