Verified Answers

If an answer to your question is correct, click on "Verify Answer" under the "More" button. The answer will now appear with a checkmark. Please be sure to always mark answers that resolve your issue as verified. Your fellow Community members will appreciate it!  Learn more

  • State Verified Answer
  • Replies replies
    15
  • Subscribers subscribers
    206
  • Views views
    373
  • Users 0 members are here
  • +1 person also asked this people also asked this
Related
Options

OBM 2022.05 upgrade to OA 12.27 issue

ANGIL

Problem after upgrade of OA from 12.22 to 12.27 on the 2022.05 OBM GW servers.  I already have a high priority case open on this, but I'd like to know if anyone has seen this. Every little bit helps.  2 DPs 2 GWs so it's a distributed environment on win2022 servers and the DPs are set as HA, Oracle DB, no LB.  We're having to upgrade OA to 12.27 on every server with an agent due to a CVE.  We're not prepared just yet for an OBM upgrade, which I know normally is the best way to upgrade OA on the OBM servers with the OBM install itself.  I upgraded to OA 12.27 on the DPs and the DPs start with no issues and OA looks good on both.  I upgraded to 12.27 on the GWs and every thing starts, but OA on the OBM servers and the managed nodes/agents starts buffering.  I reverted back to 12.22 on one GW to restore service.  It seems OA 12.27 runs fine until the GW is started then OA can't communicate.  I start seeing a lot of IO and SSL errors in the logs and when running opcagt it does not show a buffering status at the bottom of the output when ran on the GWs.  In our test environment we do not see this issue.  We only have 10 or so managed nodes/agents connected to our test environment, but in prod we have thousands.  Thank you.

Parents
  • 0  

    Hi Angil,

    The Operations Agent on the OBM servers cannot be independently upgraded as the agent ties in with the OBM software.

    You can open a support case to ask OpenText if they have Operations Agent updates available for your version of OBM.

    Thanks and regards,

    Tim

  • 0 in reply to   

    Hi Tim,

    I used to understand the same, but I found you can upgrade OA on the OBM servers without an OBM upgrade.  I sure it's best to upgrade OBM and let it upgrade OA, but timing to fix this CVE is not allowing me a complete upgrade of OBM.  Again we are on OBM 2022.05 and I'm trying to upgrade to 12.27 to fix CVE-2024-5532.  The SUMA shows that OA 12.27 is supported and co-exist with OBM 2022.05.

    https://portal.microfocus.com/s/article/KM000035731?language=en_US

    The upgrade on our test servers worked great and when starting the OBM gateways I see no issues.  It's in prod that OA has issues after starting the GW.  In prod OA 12.27 runs with no issue until the GW is started.

  • 0   in reply to 

    Hi Angil,

    If your Data Processing servers starting OK, you could try requesting new agent certificates for the Gateways.  It might be worth checking the asymmetric key length and hash algo settings on all 4 OBM servers and older certs are no longer compatible.  Maybe some of the default TLS settings have changed with the upgrade.

    Regards,

    Tim

  • 0 in reply to   

    I have already tried a remove and re-request of the cert on the broke GW, which did not help.  How do I check the asymmetric key length and hash also settings on the certs?

Reply Children
  • 0   in reply to 

    Hi Angil,

    You can run 'ovcoreid' to get the core id, then run 'ovcert -certinfo <coreid>'.

    You can also run 'ovconfget' to list out all the OA settings, or 'ovconfchg -edit' which will open the settings in notepad on Windows, where you can edit and save if you need to.  Most settings will take effect after you run 'ovconfchg' on its own, but some require an agent restart.

    It's worth looking for any differences with TLS and cipher settings too.

    Regards,

    Tim

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.