Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Log & Event Manager (LEM) > Unable to connect to the LEM appliance after upgrading to LEM 6.3

Unable to connect to the LEM appliance after upgrading to LEM 6.3

 

Problem Overview

When you connect LEM appliance on secure port 8443 using Microsoft® Internet Explorer® (IE) or the Desktop Console powered by Adobe® AIR® Runtime, an error message displays that prompts you to check Transport Layer Security (TLS) 1.0, 1.1, and 1.2. Connecting to the appliance on port 8080 does not generate an error message. 

OR

Simply no error message but just connection time out after few minutes if you applied HF5 ( in some cases)

Environment

  • LEM 6.3 and later 

Cause 

  1. LEM 5.7 and earlier generated a certificate using Message-Digest algorithm 5 (MD5) as the hash algorithm for certificates. This hash algorithm is incompatible with TLS 1.2, which is used in LEM 6.3 and later.
  2. In some cases this can happen after applying 6.3.1 HF5

Resolution

Use the confselfsignedcert command included in the LEM 6.3 management console to configure your LEM appliance to generate and use a new self-signed certificate. All existing certificates and CA information will be lost. 

  1. Open a cmc command prompt in VMware® vSphere®, Microsoft Hyper-v®, or an SSH client (such as PuTTY). 
  2. Access the management console.

    management_console.png

  3. At the cmc> prompt, type manager to access the manager menu.
  4. At the cmc::manager> prompt, type confselfsignedcert to create a new self-signed certificate. 
  5. When prompted, type y to continue.
  6. Follow the prompts on your screen to complete the certificate.
  7. Log back in to your appliance using IE or the LEM desktop console. 
 

 

Last modified
09:16, 10 Aug 2017

Tags

Classifications

Public