000025754 - Can /KMS/provider be accessed through a browser or other HTTP clients for checking system health

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025754
Applies ToRSA Key Manager Server 2.0.2
Microsoft Windows 2003 Server SP1
IssueCan /KMS/provider be accessed through a browser or other HTTP clients for checking system health
Accessing /KMS/provider through a browser or other HTTP clients (non-RKM Client) produces the following page (regardless of the HTTP or HTTPS protocol used, and whether accessed through a web server proxy or directly on the application server):

KMS Provider
To Protect and Serve
Error "Client failed to provide certificate" shows up in RSA Key Manager server logs:

ERROR TP-Processor3 com.rsa.kms.transport.servlet.ProviderServlet - Client failed to provide certificate
com.rsa.kms.key.support.KeyProviderException: Client failed to provide certificate
at com.rsa.kms.key.provider.DefaultKeyProviderManager.e(DashoA10*..:184)
at com.rsa.kms.key.provider.DefaultKeyProviderManager.a(DashoA10*..:103)
at com.rsa.kms.key.provider.DefaultKeyProviderManager.init(DashoA10*..:82)
at com.rsa.kms.transport.servlet.ProviderServlet.performGet(DashoA10*..:66)
...
User needs to monitor that KMS is still responding, thus will use /KMS/provider in a load balancer configuration
CauseThough it is not intended for that purpose, the URL /KMS/provider can be used for system monitoring. However, keep in mind that doing so will generate a java exception 30 lines long each time the URL is accessed with a browser, or with a script.
ResolutionAs of June 2010, there is a hotfix available for RKM Server 2.5.0.x (URL for system health check is /KMS/diagnostics.jsp). Please contact RSA Customer Support and reference the RFE KMSRV-248.

/KMS/diagnostics.jsp is also available in RKM Server 2.7.1.1.  Please contact RSA Customer Support and request RKM Server 2.7.1.1 or a later fix if your RKM Server is at version 2.7SP1.
NotesBZ69011
KMSRV-248
Legacy Article IDa37230

Attachments

    Outcomes