cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP HANA SUM UI certificate issue

Go to solution
Former Member

on ‎06-26-2013 4:44 AM

0 Kudos

I am trying to apply patches on SAP HANA SP05 Rev 52. When i launch the Lifecycle management the certificate does not work and i get the below error

Error:
        Could not check credentials provided for user <SID>adm on host hostname.   

Error Details:

Could not check credentials provided for user hd1adm on host hananode01.
HTTP transport error: java.io.IOException: HTTPS hostname wrong:  should be
HTTPS hostname wrong:  should be

I have also tried following the SAP HANA Automated Update Guide by implementing the steps in 4.3 for applying a self certificate but have been unssuccessful

On HANA Appliance

keytool -genkeypair -keystore keystore.jks -alias sumforhana_<hostname> -keyalg RSA -dname "CN = <hostname>" -validity 9999

keytool -exportcert -keystore keystore.jks -alias sumforhana_<hostname> -file sumforhana.cer

On Hana Studio Desktop

keytool -importcert -keystore "C:\Program Files\Java\jre6\lib\security\cacerts" -alias sumforhana_<hostname> -file sumforhana.cer

I have restated the HANA DB after performing the above changes using HDB stop and start.

Kindly do let me know if I have missed something.

Thanks

Shaik Arshad

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

rindia
Active Contributor
‎06-26-2013 6:58 AM
0 Kudos

Hi Shaik,

The problem might be due to

1. incorrect configuration of https or

2. host name resolution is not properly set up.

Please refer to SAP note 1840870 for fixing this issue.

Regards

Raj

Show replies
Show replies
Former Member
‎06-26-2013 10:53 AM
0 Kudos

Hi Raj,

Thanks for your reply.

I have followed the steps mentioned in the guide and the certificates have been generated and added to the respective keystore. The name resolution is working fine.

I am currently trying to see if anything is mentioned in the snotes . I update as soon as i have an outcome.

Former Member
‎06-26-2013 2:05 PM
0 Kudos

Hi Shaik,

Try going through this thread. Take a look at at Sourabh Chordiya's response in the thread of recreating the certificate.

If that doesn't work you can try re-installing SUM using note 1793303. If you have AFL installed please make sure you re-install the same AFL version using hanaconfig.sh from the Unified installer to update the lm_structure. If you install it using hdbinst, the lm_structure will not get updated and SUM will have issues generating a stack.

Cheers,

Sharan

Former Member
‎07-15-2013 7:34 AM
0 Kudos

Hi Sharan ,

I have gone ahead with the re-installation of the SUM and am stuck at an issue with below issue when i start the Lifecycle Management

"Connection host and SID cannot be established.

Possible reason : Network error occured or Software Update manager is not running."

Currently trying to resolve the issue related to the above message but can seem to find much about it

thanks

regards

Shaik Arshad

former_member187175
Participant
‎07-15-2013 2:18 PM
0 Kudos

Hi Shaik,

I think we'll need some more info on your setup. First of all did you start sum.sh or did you create catalina.properties? Also when following note 1793303 did you use fqdn?

A few things to try, restart the hostagent, do a r-click refresh in the LCM screen after the connection error (assuming the LCM perspective does not automatically close)

Regards,

Serge

Former Member
‎07-16-2013 6:01 AM
0 Kudos

Hi Serge,

I have followed the note 1793303 with the fqdn. I restarted the HANA DB too. The host Agent was restarted when the Install.sh was run.

I am using the HANA Studio Lifecycle Management to start the SUM and end up with the issue just mentioned. Right now i am facing with the scenario where if asks me for the SIDadm and SAPadm pwds leading to the pop up error message.

Do let me know if need to head in a particular direction to do the needful to resolve the issue.

Thanks and regards

Shaik arshad

former_member187175
Participant
‎07-16-2013 1:33 PM
0 Kudos

Hi Shaik,

is there maybe an error in catalina.properties? You have to either start sum.sh manually OR you have to create catalina.properties before starting the LCM perspective. Without either of these you will see the error you mentioned.

So when you start LCM perspective, see if sum.sh is running with 'ps -ef|grep sum.sh'? I have seen it many times that someone starts LCM perspective and expects it to work while they have not first started sum.sh manually or created catalina.properties with the correct password.

If you did set catalina.properties, then start sum.sh manually and start LCM perspective. If this works there is an error in catalina.properties.

Regards,

Serge

Former Member
‎07-17-2013 11:17 AM
0 Kudos

Hi Serge,

i was able to start the SUM and and LCM but got stuck at the earlier error

Error:
        Could not check credentials provided for user <SID>adm on host hostname.   

Error Details:

Could not check credentials provided for user hd1adm on host hananode01.
HTTP transport error: java.io.IOException: HTTPS hostname wrong:  should be
HTTPS hostname wrong:  should be

Reinstallation of SUM did not help

Looking for a solution to resolve the issue and get SP06 deployed.

Thanks

regards

Shaik Arshad

former_member187175
Participant
‎07-17-2013 12:58 PM
0 Kudos

Hi Shaik,

This means you got past one error and are back to the original error. You mentioned you followed note 1793303, did you use FQDN? I ran into this error recently and here was my fix/workaround. Find landscapeVariable.properties in the lm_structure directory. Make a backup of the file. Now edit the file and change the entry for centralserver. In my case I had to change it to non-fqdn, however since the cause of this error is a hostname/fqdn mismatch with saphostagent you simply have to flip it (i.e. if it is fqdn change it to non-fqdn, if it is non-fqdn change it to fqdn).

Now restart LCM perspective and it should get you past the error.

Regards,

Serge

Former Member
‎07-17-2013 1:56 PM
0 Kudos

Hi Shaik,

There are 3 notes that seem to be identical to your issue -->

1840870

1885528

1826767

Now based on what you have written above note 1840870 seems to be relevant to you. I also request you to post your lmtp.log as that will give us an insight as to what is happening behind the scenes with SUM. I also recommend you check the files mentioned in note 1885528.

2 highly critical/essential components for getting SUM to work are the SAP Host Agent and configuring the sapstartsrv process. Try updating your Host Agent to the latest support pack. Can you check if sapstartsrv process is properly configured for https as per note 1826767.

Can you also please confirm what SUM support pack and patch level you are using, as well as the lm_structure version?

I would also recommend you open a support ticket in the component BC-HAN-UPD, as you would probably get some assistance from OSS as well.

Again please post your lmtp.log which should be located in /us/sap/<SID>/SUM/log

Cheers,

Sharan

Former Member
‎07-19-2013 7:59 AM
0 Kudos

Hi Sharan ,

Thanks for your input.

I have verified the information in the notes mentioned in your post.

I have ensured that the name of the host in all the three location is same

  • /usr/sap/<SID>/SUM/config/keystore.jks
  • /usr/sap/hostctrl/exe/sec/SAPSSLS.pse
  • /usr/sap/<SID>/lm_structure/landscapeVariables.properties

I have also verified that the host agent is running on ports 1128 and1129.

Please find below the lmtp.log

Do let me know if i need to check any other location in the mean time i will try to raise the OSS.

**********************start******************************************

INFO 2013-07-19 06:35:25 com.sap.lm.logging

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.hana.updatewebservice.webui

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.hana.webui

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.lmtp.selfupdate

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.logging.sdt

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.services.fileoperation

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.services.fileoperation.unx

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:25 com.sap.lm.services.fileoperation.unx

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.services.fileoperation.win

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.services.filepath

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.services.hana.repository

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.services.hostcontrol

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.services.mopzclient

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.system.model

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.util

BundleEvent STARTED

INFO 2013-07-19 06:35:25 com.sap.lm.util.system

BundleEvent STARTED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.detect

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.sedm

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.lmtp.selfupdate

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.filepath

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.hana.repository

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.detect

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.hanadu

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.hana.repository

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.hostcontrol

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.hostagent

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.loadcontroller

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.newdb

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.newdb

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.newdb

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.newdb

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.providers.newdb

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.hostcontrol

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.update

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.update

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.mopzclient

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.smp

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.services.smp

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:26 com.sap.lm.hana.detect

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:28 com.sap.lm.hana.updatewebservice.webui

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:28 com.sap.lm.hana.updatewebservice.webui

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:29 com.sap.lm.hana.webui

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:29 com.sap.lm.hana.webui

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:29 com.sap.lm.hana.updatecontroller

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:29 com.sap.lm.util.status.StatusTracker

Status tracker initialized using storage file /usr/sap/HD1/SUM/param/UpdateContext.properties

INFO 2013-07-19 06:35:29 com.sap.lm.hana.updatecontroller.impl.UpdateContext

Changing locale to en...

WARN 2013-07-19 06:35:29 com.sap.lm.hana.lmproviders.LMProvidersRegistry

No messages.properties file found in package com.sap.lm.hana.lmproviders. The messages will not be localized.

WARN 2013-07-19 06:35:29 com.sap.lm.hana.lmproviders.LMProvidersRegistry

No messages.properties file found in package com.sap.lm.hana.lmproviders. The messages will not be localized.

INFO 2013-07-19 06:35:29 com.sap.lm.services.smp

BundleEvent STARTED

INFO 2013-07-19 06:35:29 com.sap.lm.services.smp

BundleEvent STARTED

INFO 2013-07-19 06:35:29 com.sap.lm.hana.cli

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:29 com.sap.lm.hana.cli

ServiceEvent REGISTERED

INFO 2013-07-19 06:35:29 com.sap.lm.hana.updatecontroller

ServiceEvent REGISTERED

******************************end**********************************

Thanks

Best regards

Shaik Arshad

Former Member
‎07-19-2013 8:17 AM
0 Kudos

Hi Serge,

Some how I am bouncing between my two earlier errors.

I am back to facing the issue encountered earlier

"Connection host and SID cannot be established.

Possible reason : Network error occurred or Software Update manager is not running."

I did all the changes as mentioned by you in landscapeVariable.properties.

tried flipping the values but to no avail.

One more thing serge. I start the SUM manually by going to /usr/sap/<SID>/SUM and running ./sum.sh using <SID>adm which brings me to the osgi prompt.

just wanted to be sure that i am doing the right thing.

been eating drinking HANA for the past few days and thats kind of gettin to me

thanks you inputs but do let me know if i need to do anything else.

Best Regards

Shaik Arshad

former_member187175
Participant
‎07-19-2013 4:36 PM
0 Kudos

Hi Shaik,

take a look at my blog published today:

http://scn.sap.com/community/hana-in-memory/blog/2013/07/19/sap-hana-lifecycle-manager-how-to-get-it

I recommend following scenario B and bypassing SUM altogether to get HLM and SP6. I would have suggested this earlier, but only finished testing today.

Regards,

Serge

Former Member
‎07-22-2013 10:40 AM
0 Kudos

Hi Serge,

I got all the files downloaded and upgraded SAPHOSTAGENT.

but when i try to upgrade LM then i get the below message

"

Installation failed

    Cannot initialize custom event handler: Can't load '/tmp/MASTER/SP06/HANALM_SP06_Patch01/instruntime/SSH2.so' for module Net::SSH2: libssh2.so.1: cannot open shared object file: No such file or directory at DynaLoader.pm line 190.

at sdbrun/Require.pl line 62

BEGIN failed--compilation aborted at HLM/Installer/OS/SSH2Connection.pm line 9.

BEGIN failed--compilation aborted at HLM/Installer/OS/SSH2RemoteExecutor.pm line 9.

BEGIN failed--compilation aborted at HLM/Installer/BaseExecutionPlanManager.pm line 32.

        ...propagated at base.pm line 94.

BEGIN failed--compilation aborted at HLM/Installer/ExecutionPlanManager.pm line 35.

BEGIN failed--compilation aborted at HLM/Installer/InstallationEventHandler.pm line 16."

Thanks

regards

Shaik Arshad

Answers (3)

Answers (3)

Former Member
‎07-29-2013 12:23 PM
0 Kudos

Thanks everyone for your invaluable input.

I was able to resolve the scenario by re-installing SUM and HOST agent and then upgrading HLM.

I also went through all the logs trying to trace the mismatch of hostnames and have resolved wherever they were encountered.

this helped me in getting the system up and running without going through the easy way of uninstalling and and then re-installing the SAP HANA application

I successfully upgraded SAP HANA from SP05 Rev 52 to SP06 Rev 61

Thanks again.

Regards

Shaik Arshad

Show replies
Show replies
AtulKumarJain
Active Contributor
‎06-26-2013 2:24 PM
0 Kudos

Hi Shaik,

Could you please delete HANA system from your studio and add it again with FQDN

It will work .

Best Regards,

Atul

Show replies
Show replies
Former Member
‎07-15-2013 7:35 AM
0 Kudos

Hi Atul,

I have tried that but to no avail.

Thanks

Regards

Shaik Arshad

deepak_chodha
Explorer
‎07-16-2013 2:44 PM
0 Kudos

Hi Shaik,

I from HANA Quality team, SLI. we have seen such issues earlier, so can try resolving your issue. Just need a little info:

1. You installed HANA DB using Unified Installer or you did separate configuration of SUM with HANA?

2. If you used the DVD during installation, did you gave FQN for "hdbHost" parameter in setuphana.slmodel file? this is important

3. What was the DVD version?

3. On HANA server you ran:

keytool -genkeypair -keystore keystore.jks -alias sumforhana_<hostname> -keyalg RSA -dname "CN = <hostname>" -validity 9999

keytool -exportcert -keystore keystore.jks -alias sumforhana_<hostname> -file sumforhana.cer

Did you got the sumforhana.cer file generated?

4. On Studio machine you ran:

keytool -importcert -keystore "C:\Program Files\Java\jre6\lib\security\cacerts" -alias sumforhana_<hostname> -file sumforhana.cer

did you check your HANA Studio is using java available in C:\Program Files\Java\jre6?

did certificate got added successfully?

5. I can see up you added the FQN in studio. Correct me if I am wrong.

I sense the problem is client contacting HANA server using host agent. We need to streamline the error possibility.

HAPPY HANA 

Deepak Chodha.

Former Member
‎07-17-2013 11:15 AM
0 Kudos

Hi Deepak,

1 ) You installed HANA DB using Unified Installer or you did separate configuration of SUM with HANA? the HANA installation was done the vendor onsite as we hrecieved the box with any software installed on it. delivery team of the Vendor had carried out the OS and HANA installation in our organization after we received the Box  and they restored the software so i dont think Unified installer was used.

Correction to the file system of installation were done by SAP when we were working with the HANA team for a prototype on NW 7.4 inorder to setup a Multi SID enviroment.

2) While performing the installation the FQDN was not specified and the vendor had specified the default node name hananode01in the FQDN.

3) I do not have the details of the DVD version and have not found it in the appliance

4) I was able to generate the sumforhana.cer.

5) HanaStudio is using the JRE as mentioned by you.

6) Yes i have addedd the FQDN in the HANASTUDIO

when start the LM on HanaStudio i get the message

Error:
        Could not check credentials provided for user <SID>adm on host hostname.   

Error Details:

Could not check credentials provided for user hd1adm on host hananode01.
HTTP transport error: java.io.IOException: HTTPS hostname wrong:  should be
HTTPS hostname wrong:  should be

Do let me know what can be done inorder to resolve this issue as it is turning out to be a major showstopper

Thanks

Best regards

Shaik Arshad

deepak_chodha
Explorer
‎07-17-2013 2:49 PM
0 Kudos

Hi Shaik,

Thanks for the detailed info.

As I doubted the problem is here *While performing the installation the FQDN was not specified and the vendor had specified the default node name hananode01 in the FQDN.

We always need to provide a FQDN at time of installation else SUM has always issues. It is a known limitation.

  1. Now what you can do is, check your /etc/hosts file, what is the hostnames mentioned in that. Add both FQN and SQN.
  2. Stop sum.sh.
  3. Now goto /<hanainstallation folder-SID>/lm_structure.
  4. Check the file landscapeVariables.properties.
  5. What is the parameter mentioned for 'centralserver'.
    1. If the parameter is set to SQN, then make it FQN->restart the host agent->Start sum.sh-> add HANA db with FQN to Studio->then check again.
    2. If the parameter is set to FQN, then make it SQN->restart the host agent->Start sum.sh-> add HANA db with SQN to Studio->then check again.

Mostly this thing shall work since connection to the HANA server is referred to this file.

Hope this works.

HAPPY HANA

Deepak Chodha.

Former Member
‎07-19-2013 8:21 AM
0 Kudos

Hi Deepak,

I tried the steps mentioned by you but was not able to get any success.

I am stuck at the below message

"Connection host and SID cannot be established.

Possible reason : Network error occured or Software Update manager is not running."

just hoping to crack this issue to get SP06  installed as need to get it ready for a client demo .

Any input that can get me help would be invaluable.

Thanks

Best regards

Shaik Arshad

Former Member
‎07-24-2013 11:50 AM
0 Kudos

Hi ,

I am considering the option of uninstalling the HANA DB and then performing a clean installation.

Once the clean installation is completed i will be restoring the backup of the earlier DB.

Just wanted to know what all i will need to perform with regards to the whole system restore as this is a live system with client POCs running on it.

As non of the above solution are helping in the resolution I would like to go ahead with the clean setup and then restore the DB .

It would be really helpful if you could provide any guidelines for the procedure that would be required inorder to complete a complete restore after uninstall of the HANA and all its components as we need HANA DB to up and running with the latest SP06 patch be next week for the client.

Thanks

Shaik Arshad

shashisingh
Participant
‎07-25-2013 9:17 AM
0 Kudos

HI Shaik,

Check whether HANA Db is listening to 3<nr>15 port and it is not blocked by firewall.

Thanks,

Shashi

nicholas_chang
Active Contributor
‎06-26-2013 6:51 AM
0 Kudos

Hi,

Just ensure you entered the correct password for SIDadm when prompts?

Show replies
Show replies
Former Member
‎06-26-2013 10:26 AM
0 Kudos

Hi Nicholas,

Thanks for the response. The SIDADM password is not issue, i have verified it. I am trying to issue a self-signed server certificate. Right now my issue is that the studio keeps getting my old SSL certificate instead of the newly issued certificate.

Regards

Arshad

Ask a Question