TSPM CTGVG0263E ERROR IN TIP

Technote (FAQ)


Question

When accessing the TSPM menu in the TIP console, it reports following error "CTGVG0263E The Tivoli Security Policy Manager cannot be reached". What is wrong?

Cause

Checking the SystemOut.log on the TIP profile, following messages are seen:
com.ibm.jsse2.util.h: No trusted certificate found javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found
    at com.ibm.jsse2.n.a(n.java:28)
    at com.ibm.jsse2.jc.a(jc.java:235)
    at com.ibm.jsse2.db.a(db.java:268)

This is an indication that the Singer Certificate of the WebSphere Server that servers the IBM Tivoli Security Policy Manager application cannot be trusted by the TIP Server.


Answer

A quick way to check in TIP is by looking at the expiration date of the 'tspm_server' certificate:


TIP > Security > SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates > tspm_server

In case the Signer Certificate has expired, you can overcome this situation by importing the TSPM Server (WebSphere) Signer Certificate again.

TIP > Security > SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates

Select 'tspm_server' and press 'Delete'

Next click 'Retrieve from port'

Fill out the required Host and Port (typically 9443) of the WAS Server hosting TSPM, and give the alias the name 'tspm_server'. Next click 'Retrieve singer information'.

Make sure to save the changes.

After taking these steps, verify if the connection from TIP to TSPM is restored.

Product Alias/Synonym

TSPM PolicyManager

Rate this page:

(0 users)Average rating

Document information


More support for:

Tivoli Security Policy Manager

Software version:

7.1

Operating system(s):

AIX, Linux xSeries, Solaris, Windows

Reference #:

1579047

Modified date:

2013-12-27

Translate my page

Machine Translation

Content navigation