How to enable SSL Trace logging in TIBCO Data Virtualization?

How to enable SSL Trace logging in TIBCO Data Virtualization?

book

Article ID: KB0073790

calendar_today

Updated On:

Products Versions
TIBCO Data Virtualization All Versions

Description

This article describes the process of enabling SSL Trace logging in TIBCO Data Virtualization.

Issue/Introduction

How to enable SSL Trace logging in TIBCO Data Virtualization?

Resolution

There are two ways to enable the SSL Trace logging:
  1. From TDV Studio (Studio -> Administration -> Configuration)
  2. Using JRE.
 Note:The Studio version will not give as much logging as the JRE options, but the JRE options can slow down the server if they are handling many requests. Sometimes we need the SSL logging increased, though.
 
1. Enable from TDV Studio 
  • Set Studio > Administration > Configuration > Server > Communications > Generate SSL Diagnostics (On Server Restart) to True
  • Restart TDV Server
​         User-added image

2. ​ Enable SSL settings using JRE options
  • Copy <TDV_install_dir>/conf/script_env.sh.sample to script_env.sh
  • Get the current JVM args from cs_monitor.out log, starting with –server and all the args that start with "-XX:". Create one line from them to add to the script_env.sh file, and then add the GC args to this line, like this:
 -server -XX:NewRatio=6 -XX:-UseGCOverheadLimit -XX:+HeapDumpOnOutOfMemoryError "-XX:HeapDumpPath=<<TDV Install Dir>>/logs" -XX:PermSize=64m -XX:MaxPermSize=256m -XX:-ReduceInitialCardMarks -XX:+ExplicitGCInvokesConcurrent -XX:+UseConcMarkSweepGC  -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCDateStamps
 
  • Uncomment (don't copy) the last 2 lines in script_env.sh and add the above line to the CIS_SERVER_VM_ARGS= line, like this 
 CIS_SERVER_VM_ARGS=-server -XX:NewRatio=6 -XX:-UseGCOverheadLimit -XX:+HeapDumpOnOutOfMemoryError "-XX:HeapDumpPath=<<TDV Install Dir>>/logs" -XX:PermSize=64m -XX:MaxPermSize=256m -XX:-ReduceInitialCardMarks -XX:+ExplicitGCInvokesConcurrent -XX:+UseConcMarkSweepGC -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCDateStamps 
  • Export CIS_SERVER_VM_ARGS 
  • Add one of these args to the end of the args line. (These are the 2 settings you can add. Sometimes we need “all”, but it creates a lot of logging and really slows down TDV. The second option creates less logging and is usually sufficient) 
  • -Djavax.net.debug=all
  • -Djavax.net.debug=ssl,handshake,keymanager,trustmanager,sslctx
For example: 
 CIS_SERVER_VM_ARGS=-server -XX:NewRatio=6 -XX:-UseGCOverheadLimit -XX:+HeapDumpOnOutOfMemoryError "-XX:HeapDumpPath=<<TDV Install Dir>>/logs" -XX:PermSize=64m -XX:MaxPermSize=256m -XX:-ReduceInitialCardMarks -XX:+ExplicitGCInvokesConcurrent -XX:+UseConcMarkSweepGC -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCDateStamps -Djavax.net.debug=all
  • Stop TDV using the command line  - <TDV_install_dir>/bin/composite.sh monitor stop
  • Make sure the server is stopped (ps -ef | grep java) 
  • Start the TDV instance - <TDV_install_dir>/bin/composite.sh monitor start
  • Now look at the <TDV_install_dir>\logs\cs_server.out.<latest timestamp> file. You should see the newly added configuration (-Djavax.net.debug) in cs_server.log.  
  • Now try to replicate the issue and capture the timestamps.
Note: To stop logging, rename script_env.bat or script_env.sh to script_env.bat.bak and restart TDV server.
Powered by Wolken Software