No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
eSight V300R010C00SPC200, 300, and 500 Single-Node System Software Installation Guide (Windows) 18
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
What Do I Do If the Third-Party System Fails to Be Interconnected After the Patch Is Installed

What Do I Do If the Third-Party System Fails to Be Interconnected After the Patch Is Installed

Question

What do I do if the third-party system fails to be interconnected after a patch of eSight V300R010C00SPC630 or a later version or a patch of V300R010C00CP5030 or a later version is installed?

Answer

The cause is that the insecure CBC encryption algorithm is deleted from the patch version. You can perform the following operations to add the corresponding encryption algorithm:

  1. Log in to the current eSight server as the ossuser user.

    In a HA scenario, you need to perform the operations only on the active server.

  2. Add the configuration item ssl.include.ciphers to the configuration file /opt/eSight/AppBase/etc/oms.ros/ros_config_esight.xml and set its value as follows:

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<webservers>
        <webserver name="rosOpenAPIROA">
                <connectors>
                        <connector name="openapiROAConnector" type="https">
                                <property name="ip" value="10.243.1.42"/>
								<property name="ssl.include.ciphers" value="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256;TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;TLS_RSA_WITH_AES_256_CBC_SHA256;TLS_RSA_WITH_AES_256_CBC_SHA;TLS_RSA_WITH_AES_128_CBC_SHA256;TLS_RSA_WITH_AES_128_CBC_SHA"/>
                        </connector>
                </connectors>
        </webserver>
        <webserver name="rosRoaIntegrateROA">
                <property name="roa.server.ip.white.list.enable" value="false"/>
                <connectors>
                        <connector name="roaIntegrateROAConnector" type="https">
                                <property name="ip" value="10.243.1.42"/>
                        </connector>
                </connectors>
        </webserver>
</webservers>

  1. After the modification, restart eSight for the configuration file to take effect. Interconnect with the third-party system again.
Translation
简体中文
Download
Updated: 2022-02-11

Document ID: EDOC1100044388

Views: 352439

Downloads: 1231

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :