Question & Answer
Question
How do you enable Java SSL debugging in nonnative probes?
Answer
Method#1.
The probes environment file can be used for most Netcool/OMNIbus 8.1 nonnative probes.
cd $NCHOME/omnibus/probes/java
ls nco_p_<probe>.env
vinco_p_<probe>.env
# Debugging
# Create a unique log file name
PROBENAME=`echo $PROGRAM | awk -Fnco_p_ '{print $2}'`
UNIQUENAME=${PROBENAME}.$$
export UNIQUENAME
# Create a unique log file name
PROBENAME=`echo $PROGRAM | awk -Fnco_p_ '{print $2}'`
UNIQUENAME=${PROBENAME}.$$
export UNIQUENAME
###
# Debug
# echo "UNIQUENAME=${UNIQUENAME}"
###
# Set debugging variables for SSL
# Handshake only
# NCO_JPROBE_JAVA_FLAGS="-Djavax.net.debug=ssl:handshake:verbose $NCO_JPROBE_JAVA_FLAGS"
# FOR ALL
NCO_JPROBE_JAVA_FLAGS="-Djavax.net.debug=all:handshake:verbose $NCO_JPROBE_JAVA_FLAGS"
# Nonnative logging
NDE_DEFAULT_LOG_LEVEL="debug"
NDE_FORCE_LOG_MODULE="$NCHOME/omnibus/log/${UNIQUENAME}_forced.log"
NCO_P_NONNATIVE_TRANSCRIPT="$NCHOME/omnibus/log/${UNIQUENAME}_nonnative.log"
export NDE_DEFAULT_LOG_LEVEL NDE_FORCE_LOG_MODULE NCO_P_NONNATIVE_TRANSCRIPT
# NCO_JPROBE_JAVA_FLAGS="-Djavax.net.debug=ssl:handshake:verbose $NCO_JPROBE_JAVA_FLAGS"
# FOR ALL
NCO_JPROBE_JAVA_FLAGS="-Djavax.net.debug=all:handshake:verbose $NCO_JPROBE_JAVA_FLAGS"
# Nonnative logging
NDE_DEFAULT_LOG_LEVEL="debug"
NDE_FORCE_LOG_MODULE="$NCHOME/omnibus/log/${UNIQUENAME}_forced.log"
NCO_P_NONNATIVE_TRANSCRIPT="$NCHOME/omnibus/log/${UNIQUENAME}_nonnative.log"
export NDE_DEFAULT_LOG_LEVEL NDE_FORCE_LOG_MODULE NCO_P_NONNATIVE_TRANSCRIPT
# Debug messages
echo "NCO_JPROBE_JAVA_FLAGS=$NCO_JPROBE_JAVA_FLAGS"
#EOF
echo "NCO_JPROBE_JAVA_FLAGS=$NCO_JPROBE_JAVA_FLAGS"
#EOF
Method#2.
Probes that use the nco_jprobe script can have Java debug log enabled, such as SSL handshake, to aid troubleshooting SSL certificate issues.
To check the probe uses the nco_jprobe script;
cd $NCHOME/omnibus/probe
ls -l nco_p_<probe>
The probe is linked to the nco_jprobe script.
To enable additional Java logging.
Move the nco_p_<probe> file.
cd $OMNIHOME/probes
mv nco_p_<probe> nco_p_<probe>.orig
Copy the nco_jprobe to nco_p_<probe>.
cp $OMNIHOME/probes/nco_jprobe $OMNIHOME/probes/nco_p_<probe>
Edit the <probe> script and add the debug options
vi $OMNIHOME/probes/nco_p_<probe>
# Execute probe
exec $OMNIHOME/probes/$ARCH/nco_p_nonnative $JAVA
-Djavax.net.debug=ssl:handshake:verbose $NCO_JPROBE_JAVA_FLAGS -cp
$CLASSPATH $NCO_JPROBE_JAVA_XFLAGS -DOMNIHOME="$OMNIHOME" $PROGRAM "$@"
:wq
The important addition being : -Djavax.net.debug=ssl:handshake:verbose
To allow full handshake debugging use : -Djavax.net.debug=all:handshake:verbose
Set the probe users environment to log to a file.
NCO_P_NONNATIVE_TRANSCRIPT=$OMNIHOME/log/nco_p_nonnative_debug.log
export NCO_P_NONNATIVE_TRANSCRIPT
Run the modified probe from the command line;
$OMNIHOME/probes/nco_p_<probe>
To revert move the original file back to the probe name;
mv nco_p_<probe>.orig nco_p_<probe>
Note: Revert to the normal Java settings after debugging. The debug settings are not meant to be used on a production environment, other than for debugging SSL connectivity.
[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSSHTQ","label":"Tivoli Netcool\/OMNIbus"},"ARM Category":[{"code":"a8m500000008ZurAAE","label":"Probes-\u003ECommon features and tasks"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"}],"Version":"8.1.0"}]
Was this topic helpful?
Document Information
Modified date:
19 July 2023
UID
swg21572468