Troubleshooting NIST SP800-131a environment configurations
If you are configuring IBM® Business Process Manager to support the National Institute of Standards and Technology (NIST) SP800-131a security standard, you might observe one or more of the following configuration issues.
Symptom | Potential cause | What to do |
---|---|---|
Synchronization in the administrative console fails after conversion of certificates | The existing connection is using old certificates | Run the syncNode command |
The deployment manager, node agent, or node cannot be stopped after you have made the changes to support NIST | PROFILE_DIR/properties/ssl.client.props file properties have not been updated | Update the PROFILE_DIR/properties/ssl.client.props file properties as they are not transferred during node synchronization |
Browser cannot access the Process Admin console | The TLS 1.2 protocol might not be enabled in the browser |
|
The Process Portal is empty when only Microsoft Internet Explorer is used |
|
|
PProcess Designer login fails, resulting in apeer not authenticated error message |
|
|
Process Designer login displays an empty page with the This program cannot display the webpage message | Process Designeruses Microsoft Internet Explorer to open the Process Center page, which is the default perspective. As a result, this error appears when TLS version 1.2 is not enabled in Microsoft Internet Explorer | Verify that TLS version 1.2 is supported and enabled in Microsoft Internet Explorer and reopen Process Designer. |
A configured Process Server does not show up in the Servers tab of the Process Designer | After the certificates were converted to the NIST SP 800-131a standard, Process Center and Process Server signers were not added to the Process Center and Process Server truststore | Confirm that the Process Server signer certificate is added to the Process Center truststore and that the Process Center signer certificate is added to the Process Server truststore |
When Firefox is used, Process Designer playback fails and returns the The connection was interrupted error message | Firefox does not support TLS version 1.2 | Change the default browser |
When Microsoft Internet Explorer is used, Process Designer playback fails and returns the Internet Explorer cannot display the webpage error message | TLS version 1.2 is not enabled in Microsoft Internet Explorer | Change the default browser |