Skip to main content
Start a Conversation

Unsolved

C

cgerard

1 Rookie

 • 

2 Posts

157

September 7th, 2023 14:19

Can't get Warranty Info via OME 3.10.2

Hello,
Currently, there is no way for my OME 3.10.2 (Build 13) to access warranty information services
I've tried the "Refresh Warranty" button, but nothing gets displayed

I have also tried via Monitor > Troubleshoot > Test Appliance Connection and I get the error



I have enable debug log on TUI and exported log console, and it seems I have two kind of errors  :

1)

[INFO ] 2023-09-06 09:47:00.711 [Warranty-Task-Pool-1] SecureKeyImpl - [Encryption Key]: Get Encryption Key[ERROR] 2023-09-06 09:47:01.242 [Warranty-Task-Pool-1] OAuthUtils - Exception caught in createAccessToken()javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[?:1.8.0_352]at sun.security.ssl.TransportContext.fatal(TransportContext.java:324) ~[?:1.8.0_352]at sun.security.ssl.TransportContext.fatal(TransportContext.java:267) ~[?:1.8.0_352]at sun.security.ssl.TransportContext.fatal(TransportContext.java:262) ~[?:1.8.0_352]at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654) ~[?:1.8.0_352]at sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473) ~[?:1.8.0_352]at sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369) ~[?:1.8.0_352]at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377) ~[?:1.8.0_352]at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[?:1.8.0_352]at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422) ~[?:1.8.0_352]at sun.security.ssl.TransportContext.dispatch(TransportContext.java:182) ~[?:1.8.0_352]at sun.security.ssl.SSLTransport.decode(SSLTransport.java:152) ~[?:1.8.0_352]at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1397) ~[?:1.8.0_352]at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1305) ~[?:1.8.0_352]at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440) ~[?:1.8.0_352]at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:1.8.0_352]at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:197) ~[?:1.8.0_352]at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1342) ~[?:1.8.0_352]at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1317) ~[?:1.8.0_352]at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:264) ~[?:1.8.0_352]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.oauth.OAuthUtils.createAccessToken(OAuthUtils.java:83) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.oauth.OAuthUtils.requestAccessToken(OAuthUtils.java:44) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.WarrantyTask.testAPIConnection(WarrantyTask.java:272) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.WarrantyTask.run(WarrantyTask.java:224) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.common.integration.lib.taskpool.CorePlatformTaskPool$WorkerThread.run(CorePlatformTaskPool.java:1030) ~[taskpool-0.0.1-SNAPSHOT.jar:?]Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:456) ~[?:1.8.0_352]at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:323) ~[?:1.8.0_352]at sun.security.validator.Validator.validate(Validator.java:271) ~[?:1.8.0_352]at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:315) ~[?:1.8.0_352]at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:223) ~[?:1.8.0_352]at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[?:1.8.0_352]at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638) ~[?:1.8.0_352]... 20 moreCaused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:1.8.0_352]at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:1.8.0_352]at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[?:1.8.0_352]at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:451) ~[?:1.8.0_352]at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:323) ~[?:1.8.0_352]at sun.security.validator.Validator.validate(Validator.java:271) ~[?:1.8.0_352]at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:315) ~[?:1.8.0_352]at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:223) ~[?:1.8.0_352]at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[?:1.8.0_352]at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638) ~[?:1.8.0_352]... 20 more[ERROR] 2023-09-06 09:47:01.242 [Warranty-Task-Pool-1] ConsoleUpdateExecutionTask -  failed to get auth token.

2) 

[DEBUG] 2023-09-06 09:34:54.807 [Warranty-Task-Pool-1] WarrantySubTask - warranty inputStream retry no :1[ERROR] 2023-09-06 09:34:54.807 [Warranty-Task-Pool-1] OAuthUtils - Exception caught in createAccessToken()java.net.UnknownHostException: apigtwb2c.us.dell.comat java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184) ~[?:1.8.0_352]at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[?:1.8.0_352]at java.net.Socket.connect(Socket.java:607) ~[?:1.8.0_352]at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:293) ~[?:1.8.0_352]at sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:173) ~[?:1.8.0_352]at sun.net.NetworkClient.doConnect(NetworkClient.java:180) ~[?:1.8.0_352]at sun.net.www.http.HttpClient.openServer(HttpClient.java:463) ~[?:1.8.0_352]at sun.net.www.http.HttpClient.openServer(HttpClient.java:558) ~[?:1.8.0_352]at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264) ~[?:1.8.0_352]at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367) ~[?:1.8.0_352]at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:203) ~[?:1.8.0_352]at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1162) ~[?:1.8.0_352]at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1056) ~[?:1.8.0_352]at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:189) ~[?:1.8.0_352]at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1342) ~[?:1.8.0_352]at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1317) ~[?:1.8.0_352]at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:264) ~[?:1.8.0_352]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.oauth.OAuthUtils.createAccessToken(OAuthUtils.java:83) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.oauth.OAuthUtils.requestAccessToken(OAuthUtils.java:44) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.WarrantySubTask.getWarrantyInputStream(WarrantySubTask.java:195) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.WarrantySubTask.getWarrantyInformation(WarrantySubTask.java:130) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.lexington.integration.lib.tasks.warrantytask.WarrantySubTask.processTarget(WarrantySubTask.java:432) ~[warrantytask-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.common.integration.lib.taskengine.CorePlatformSubTask.run(CorePlatformSubTask.java:320) ~[taskengine-0.0.1-SNAPSHOT.jar:?]at com.dell.enterprise.common.integration.lib.taskpool.CorePlatformTaskPool$WorkerThread.run(CorePlatformTaskPool.java:1030) ~[taskpool-0.0.1-SNAPSHOT.jar:?][ERROR] 2023-09-06 09:34:54.807 [Warranty-Task-Pool-1] WarrantySubTask - getting warranty inputStream error :java.net.UnknownHostException: apigtwb2c.us.dell.com[DEBUG] 2023-09-06 09:34:54.813 [Warranty-Task-Pool-1] WarrantySubTask - warranty inputStream wait time in minutes :3

This is unlikely to be a networking issue since I can generate a firmware catalog via downloads.dell.com just fine
My referenced PowerEdge server all have a "4 Hour ProSupport Plus Mission Critical" support enabled

Thanks for your help

Gatto Sama

1 Rookie

 • 

93 Posts

September 7th, 2023 15:50

The error messages you're encountering in your OME (OpenManage Essentials) logs suggest two different issues related to network connectivity and SSL certificate validation. Let's address each issue separately:

Issue 1: SSL Certificate Validation

The first error you've posted indicates an issue with SSL certificate validation when trying to access Dell's warranty information services. The error message "PKIX path building failed" suggests that the SSL certificate chain cannot be validated. This can happen for various reasons, including expired certificates, missing intermediate certificates, or misconfigured SSL settings.

Here are some steps to address this issue:

  1. Certificate Update: Ensure that the SSL certificates on your OME server are up-to-date. If there are outdated or expired certificates in your certificate chain, you may need to update them.

  2. Certificate Chain: Verify that your SSL certificate chain is complete, including all necessary intermediate certificates. Some SSL validation issues can be resolved by ensuring that the full certificate chain is available.

  3. Time and Date Settings: Ensure that the date and time settings on your OME server are correct. SSL certificate validation can fail if the system time is significantly out of sync with the certificate's validity period.

  4. Firewall and Network Configuration: Ensure that your OME server can access external resources, including the Dell warranty services, through any firewalls or proxy servers. Make sure there are no network restrictions preventing the connection.

  5. CA Certificate Bundle: Update the CA (Certificate Authority) certificate bundle on your OME server. This bundle contains trusted root certificates and is used for SSL certificate validation.

Issue 2: Unknown Host Exception

The second error message "java.net.UnknownHostException: apigtwb2c.us.dell.com" suggests a DNS resolution issue. It appears that your OME server is unable to resolve the hostname "apigtwb2c.us.dell.com" to an IP address.

Here are some steps to address this issue:

  1. DNS Configuration: Ensure that your OME server's DNS configuration is correct. Verify that it can resolve external hostnames.

  2. Network Connectivity: Double-check that your OME server has proper internet connectivity and can reach external servers, including "apigtwb2c.us.dell.com." This could be related to firewall rules or network issues.

  3. Proxy Settings: If your OME server is behind a proxy, ensure that proxy settings are correctly configured to allow access to external resources.

  4. DNS Resolution Testing: You can use command-line tools like nslookup or ping on your OME server to test DNS resolution for the Dell domain. For example:

    Copy code
    nslookup apigtwb2c.us.dell.com ping apigtwb2c.us.dell.com

If you've followed these steps and continue to experience issues, it's a good idea to reach out to Dell Support for assistance. They can provide specific guidance related to Dell warranty services and OME integration, especially if you have an active support contract.

cgerard

1 Rookie

 • 

2 Posts

September 8th, 2023 12:39

Quick update :
So I've looked at the solution Gatto Sama sent me, however everything seems properly configured. Also my issue seems to be like this one : https://www.dell.com/community/en/conversations/dell-openmanage-enterprise/no-items-show-in-warranty-page-after-discover/64d5af6ed54d2f7608b1bdc9
Apparently I need to change the MTU from 1500 to 1472
However for this I need to enable FSD to access the underlying CentOS console, for which I require a dat.ini file (which I have) and a public ssh key, where am I supposed to find such key ?

View More

View All

No Events found!

Top