How to enable TLS debug logging for TERR Service (TERRSRV).
Article ID: KB0077355
Updated On:
| Products | Versions |
|---|---|
| Spotfire Enterprise Runtime for R - Server Edition | All Versions |
Description
Sometime it is necessary to enable TLS debug logs for TERR Service when there is communication issue.
For example: Could not create SSL/TLS secure channel (SecureFailure) between Web Player service and TERR Service.
To troubleshoot such issue we need to enable TLS debug log(s) under TERR Service which will show what is going on with the certificates handshake.
For example: Could not create SSL/TLS secure channel (SecureFailure) between Web Player service and TERR Service.
To troubleshoot such issue we need to enable TLS debug log(s) under TERR Service which will show what is going on with the certificates handshake.
Issue/Introduction
How to enable TLS debug logs for TERR Service (TERRSRV).
Environment
All Supported OS
Resolution
On the Node Manager machine where TERR Service is installed, navigate to the TERR Service directory.
Example : C:\tibco\tsnm\10.x.x\nm\services\TERR service Windows-1.1.0.48-da7fb1dc-43c8-4514-ae69-8f34fcf1ce3e
- Under this folder, take backup of file startTerr.bat before editing it.
- Once you have taken backup, open startTerr.bat in any text editor. At the bottom of the file, find the line that starts with
------------
SET COMMAND=..\..\..\jdk\bin\java -Dlog4j.configurationFile=%LOG4J% -jar %TERR_SERVICE_JAR% --tssUrl=%TSS_URL% --baseUrl=%BASE_URL% --server.port=%SERVER_PORT% --serviceId=%SERVICE_ID% --registrationPort=%REGISTRATION_PORT% --certificatePath=%CERTIFICATE_PATH%
-------------
- Add the specified properties in the file as below(Added properties are :- -Djava.security.debug=certpath:x509:ocsp -Djavax.net.debug=ssl:handshake )
--------------
SET COMMAND=..\..\..\jdk\bin\java -Djava.security.debug=certpath:x509:ocsp -Djavax.net.debug=ssl:handshake -Dlog4j.configurationFile=%LOG4J% -jar %TERR_SERVICE_JAR% --tssUrl=%TSS_URL% --baseUrl=%BASE_URL% --server.port=%SERVER_PORT% --serviceId=%SERVICE_ID% --registrationPort=%REGISTRATION_PORT% --certificatePath=%CERTIFICATE_PATH%
---------------
- Save this file and restart the Node Manager service.
- In the log(s) file directory(For example: C:\tibco\tsnm\10.x.x\nm\logs), the terr-service-(guid).log file should now show debug logging and information related to the certificates handshake.
Example : C:\tibco\tsnm\10.x.x\nm\services\TERR service Windows-1.1.0.48-da7fb1dc-43c8-4514-ae69-8f34fcf1ce3e
- Under this folder, take backup of file startTerr.bat before editing it.
- Once you have taken backup, open startTerr.bat in any text editor. At the bottom of the file, find the line that starts with
------------
SET COMMAND=..\..\..\jdk\bin\java -Dlog4j.configurationFile=%LOG4J% -jar %TERR_SERVICE_JAR% --tssUrl=%TSS_URL% --baseUrl=%BASE_URL% --server.port=%SERVER_PORT% --serviceId=%SERVICE_ID% --registrationPort=%REGISTRATION_PORT% --certificatePath=%CERTIFICATE_PATH%
-------------
- Add the specified properties in the file as below(Added properties are :- -Djava.security.debug=certpath:x509:ocsp -Djavax.net.debug=ssl:handshake )
--------------
SET COMMAND=..\..\..\jdk\bin\java -Djava.security.debug=certpath:x509:ocsp -Djavax.net.debug=ssl:handshake -Dlog4j.configurationFile=%LOG4J% -jar %TERR_SERVICE_JAR% --tssUrl=%TSS_URL% --baseUrl=%BASE_URL% --server.port=%SERVER_PORT% --serviceId=%SERVICE_ID% --registrationPort=%REGISTRATION_PORT% --certificatePath=%CERTIFICATE_PATH%
---------------
- Save this file and restart the Node Manager service.
- In the log(s) file directory(For example: C:\tibco\tsnm\10.x.x\nm\logs), the terr-service-(guid).log file should now show debug logging and information related to the certificates handshake.
Feedback
Yes
No
Powered by
