Troubleshooting
Problem
Some users might encounter certificate warnings or errors when they access the web management interface or the XML management interface, or both, after upgrading DataPower firmware to 7.2.
Symptom
This issue occurs only if you configured a custom SSL proxy profile for the web management interface or the XML management interface, or both, before upgrading to 7.2. If you did not have any custom profiles configured, but see certificate warnings and errors, see technote New certificate used by the IBM DataPower Gateways Web Management Service gives untrusted certificate warnings.
After the upgrade to firmware version 7.2, users that had the web or XML management interfaces configured with a custom proxy profile and certificate find that accessing either of these interfaces does not present the configured certificate. Instead, the interfaces present the default device certificate.
Inspecting the configuration of these interfaces reveals that the previously configured custom proxy profile is no longer set. Instead, a new custom SSL server type property is set with a value of server profile.
The CLI shows the ssl-config-type server command.
xi52(config)# show web-mgmt
web-mgmt [up]
--------
admin-state enabled
ip-address 0.0.0.0
port 9090
save-config-overwrite on
idle-timeout 600 Seconds
acl web-mgmt [up]
ssl-config-type server
xi52(config)# show xml-mgmt
xml-mgmt [up]
--------
admin-state enabled
ip-address 0.0.0.0
port 5550
acl xml-mgmt [up]
slm-peering 10 Seconds
mode any+soma+v2004+amp+slm+wsrr-subscription
ssl-config-type server
Log InLog in to view more of this document
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21960992