Jump to content

Node Manager offline


Hung-Ken Chien

Recommended Posts

I'm in the process of upgrading Spotfire Server 7.0.1 to 7.5.0. It's installed on an AWS instance of Windows Server 2012 R2. The previous setup also includes a Web Player Server, installed on the same AWS instance.

Upgrade of the Spotfire Server went fine. However, when I tried to set up the node manager in order to add Web Player Service, the status of the node is always offline.

The Server uses the default ports, 9080 and 9443, and I've changed the NM ports to 19080 and 19443 since it's on the same machine. I've made sure all the ports are open in the firewall and AWS security group. netstat command also confirms that the ports are listening. The administration console sees the node in "Untrusted Nodes", and I was able to "Trust" the node to move it to "Your Network". But after that, the node has a gray stop sign at the front, and the status says "Offline since".

Any suggestions are very much appreciated!

Edit:

As I looked at the nm logs, I saw the error below ("myIP" is a placeholder for my AWS instance's IP):

... [] nodemanager.trust.DelayUntilAuthorizedGate: Unable to use certificate to contact the server at Node [serverId=43ede777-016c-4ffd-bf95-3af6d8a4faef, serverName=myIP, port=9443, online=true, siteID=5c2c7b84-e1f4-4187-9799-85a2a48f0ebc] on port 9443: I/O error on POST request for "

Link to comment
Share on other sites

I ran into this exact same problem on Friday. In my case, when I looked in the logs for the Node Manager I found a message that said to look at Microsoft Knowledge Base article 2801679.

This article describes how an erroneous windows update had added 330 Third-Party root certification authorities to the Windows Registry. This causes some certificate lookups to fail resulting in TLS/SSL issues.

Sure enough, when I deleted the registry tree as described in the KB article my node started working.

I don't know if this is the same problem that you are having, but you could search in your node manager log file (C:tibcotsnm7.5.0nmlogs in my case) for 2801679.

Here is the full url for the Microsoft article:

https://support.microsoft.com/en-us/kb/2801679

Link to comment
Share on other sites

TIBCO Support was able to solve the problem. Essentially, it's related to the way AWS is configured--for any AWS instance, you have three "identifiers" to your server: the hostname (WIN-xxxxxxxx), private IP, and public IP. I'm not completely sure, but it looks like each identifier associates with a different SSL certificate. Mixmatching of these certificates caused the issue at hand.

The support staff edited the node manager properties and the bootstrap file to get a consistent match of server and certicate, which solves the problem. Those who encounter the same issue under AWS should probably talk to TIBCO Support directly to sort it out.

Also thanks to Dave for his help.

Link to comment
Share on other sites

  • 1 month later...
  • 2 years later...

Just in case anyone encounters this issue again: I did follow the process mentioned on this thread for removing the registry keys.

However, I also revoked the trust of my node manager and then re-registered it. Doing both of these steps fixed the problem.

I would guess that it was the second step that was the item that solved it, but I didn't try this prior to modifying the registry.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...