Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Log & Event Manager (LEM) > IE fails to connect to LEM

IE fails to connect to LEM

Updated March 10, 2017

Overview

IE (Microsoft Internet Explorer) version 11 may fail to connect to LEM after upgrades to 6.2.1 or 6.3.x.

Message: This Page can't be displayed.  Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings...

Environment

LEM versions 6.2.1 or 6.3.x and GUI-console (IE-web-based or air-based console)

Cause 

As of LEM version 6.2.1, we are using SHA512 instead of MD5 for the certificate signature algorithm.

In Microsoft IE version 8, 9 & 10, IE did not default of force TLS 1.2, whereas IE-11 does try to force the use of TLS 1.2.

So LEM versions 6.2.1 and before, we disabled the TLS 1.2 on IE to get IE to communicate with LEM.

 

On LEM 6.2.1 and later, LEM now uses SHA512 which prefers TLS 1.2.

As of LEM 6.3.x, LEM has a command (confselfsignedcert) to re-generate the certificate and eliminate the error with the certificate.

Resolution

  1. Open a Vsphere console connection (or putty session on port 32022) to LEM.
  2. Enter the "manager" menu > enter the "confselfsignedcert" to create a new certificate.
  3. Close the console connection.
  4. IE-11 should be working.


If using the air-based console:

  1. Open Vsphere console connection (or putty session on port 32022) to LEM.
  2. Enter the "manager" menu > enter the "confselfsignedcert" to create a new certificate.
  3. Enter the exportcert command to export the new certificate.
  4. Open the Microsoft MMC console, and add the "certificates" menu.
  5. Locate the Trusted Root Certification Authorities under mmc, and delete the existing LEM certificate (starts with TNS...).
  6. Using a right-click to add the new certificate, locate the new certificate and import to Trusted Root Certification Authorities
  7. The certificate should exist only under Trusted Root Certification Authorities, and no other location.
  8. The air-console should not be working.
 

 

Last modified

Tags

Classifications

Public