Home
CERT+
Automate certificate lifecycle management including issuance, discovery, renewal, and deployment, across public and private trust CAs. Assess, prioritize, and plan your migration to quantum-safe encryption with the Quantum Trust Hub add-on module.
CERT+ Troubleshooting Guide
Troubleshooting Server, Firewall and WAF CLM Integrations
Troubleshooting Microsoft Tomcat

CERT+
Automate certificate lifecycle management including issuance, discovery, renewal, and deployment, across public and private trust CAs. Assess, prioritize, and plan your migration to quantum-safe encryption with the Quantum Trust Hub add-on module.
PKI+
Provision, govern and scale private trust certificates with a Post Quantum ready cloud based Enterprise PKI-as-a-Service.
SIGN+
Secure software, firmware, and containers with a comprehensive enterprise code signing solution.
SSH+
Control SSH access and key rotation at scale with an SSH key lifecycle management solution.
KUBE+
Unify DevOps and Security teams by managing certificates with a Kubernetes-native certificate lifecycle management solution.
DDI+
Manage domain registration, renewal, decommissioning, and other security controls with an end-to-end domain lifecycle management solution.
ADC+
Automate and orchestrate application delivery infrastructure at scale with an ADC lifecycle automation platform.
Platform
Manage policy and automation across all of the products and modules in the AVX ONE platform.
AppViewX Setup
Get detailed instructions for setting up AVX ONE in on-premises or SaaS deployments.
Release Artifacts
Review new features, fixes, and security advisories with official AppViewX release documentation.

Troubleshooting Microsoft Tomcat

This section helps you troubleshoot the common problems that you might encounter when using certificate server functionalities. This guide will give more troubleshooting processes on server addition, deletion, import, export, push, bind, rollback, and other actions associated with Microsoft Tomcat server.

Issues in Microsoft Tomcat Server Addition using AppViewX UI


Error Message	Possible Cause	Possible Solution
Device Name already exists.	A device with the same name exists in inventory.	Check the Device name, it should be unique.
Details incorrect	Some of the mandatory fields might be missing or might be invalid.	Add all the valid information in the mandatory section.

Issues in Communicating to Tomcat Server


Error Message	Possible Cause	Possible Solution
Device name cannot be null or empty.	Device name is empty.	Provide device name as it is a mandatory field.
Invalid device name.	Device Name is not valid.	The Device name can only contain alphanumeric characters, '-' , '_' , '.' , '*' , '\|' , '!' and spaces.
Communication to <hostname> has failed	Hostname / Username / Password of the device added might be wrong.	Click on the device name in the Inventory Page. Update the correct details and click Save.
Communication to <Hostname> has failed due to Error while communicating via windows agent service	Windows agent provided is not reachable	Check Windows agent is Up and running and update the valid agent in the device addition page.
Parsing for PTPLD178 completed. 0 ports parsed.	Invalid Tomcat Server path	Login manually into the windows server and find the Tomcat installation directory path and provide the same path in Server path attribute of tomcat device addition page
Error on fetching Tomcat instance, config fetch process failed due to df9cbf67-e1af-4d8c-8a7c-fe88bb83e0b3: PowerShell ScriptExecution Error in PTPLD178 : Cannot find path 'C:\tmp_1615504487924.tmp' because it does not exist.	Invalid Server path	Login manually into the windows server and find the Tomcat installation directory path and provide the same path in Server path attribute of tomcat device addition page

Issues in Accessing Server

Access Issues might be reproduced when communicating with servers while discovering or fetching configuration files. These errors can be collected either from logs, API responses, or in the status field for the particular server.


Error Message	Possible Cause	Possible Solution
Permission denied for file/location.	1. File might not be present in the avx environment. 2. user might not have permission to read in the given source location 3.Device communication might not be established when service has started.	1.Check whether someone deleted the file from AppViewX environment. 2. Verify if read permission is given for the location. 3.Verify the device connection and restart the service.

Issues in Config Fetch


Error Message	Possible Cause	Possible Solution
Communication to <hostname> has failed	Hostname / Username / Password of the device added might be wrong.	Verify the input details and check for device status error messages in the Issues in Communicating to Tomcat Server section.

Issues in Certificate Discovery


Error Message	Possible Cause	Possible Solution
Please provide information as required	Discovery name is not given or length is less than 2 characters. Interval between batches info. is missing when execution type is sequential.	Enter a valid name with a minimum of 2 characters. Provide a time interval between batches in minutes.
Please select a device	No device is selected in the “Discover By” section.	Select at least one device to discover certificates from.

Issues in CSR generation


Error Message	Possible Cause	Possible Solution
Problem while generating csr on target server	General Failure - SSH/SFTP communication failure	Provide correct credentials and make sure device communication is successful.
Invalid key type specified in the request	Given key type might not be supported by open SSL in the target machine.	Provide valid key type.
Problem while generating csr on the target server.	Location might not have permission.	Check the permission and provide it.
CSR and Private key has been failed	Open SSL configuration might be wrong in the target machine.	Check and correct open SSL configuration in the device.
CSR generation got failed	User has restricted access to the path configured for the “CSR FileName” and “Key File name”	Kindly ensure the user configured for device addition has read/write access to the path configured.

Issues in Push and Rollback


Error Message	Possible Cause	Possible Solution
Unable to initiate request.	Pushing to device when certificate is unavailable, i.e, in a new state. Previous work order is in progress and not completed. AppConnector might not be in sync.	Push to device after certificate has been retrieved from CA. Initiate push after previous work order is finished. Synchronize the AppConnector and retry.
Unable to initiate request, template is in disabled state	Given workflow is not in enabled state	Enable the push/rollback workflow from the Workflow section.
User is not authorized	User does not have required permissions to push to the device.	Retry after getting the access for required action.
Private key content is unavailable.	Private key content is not available for the certificate.	Private key is mandatory for the certificate to be pushed.
Application connector(s) not found	Application connector info was not found.	Provide the correct connectorId if not pushing using AppViewX UI.
Request associated with the application connector is in progress	Previous work order is in progress and not completed.	Initiate this request after the previous work order is finished.
Push not triggered or succeeded or No existing data available for backup process.	Rollback couldn’t proceed because push was not successful.	Only successfully pushed certificates can be rolled back.
Certificate not found.	Pushing to device when certificate is unavailable, i.e. in a new state.	Push to device after certificate has been retrieved from CA.
Certificate Push failed	User has restricted access to the path configured to push the certificate in the application connector	Kindly ensure the user is configured while device addition has the read/write access to the path configured in application connector to certificate push.
Certificate push failed due to Private key In device configured. But key content is available with the certificate from appview pushRequest So failing push request.	“Private key in Device” is enabled in application connector and also private key is available in the certificate	Ensure “Private key in Device” attribute in application connector is unchecked.
PrivateKey in device push invalid	“Private key in Device” is enabled in application connector, but key is not available in device.	Ensure to enable “Private key in Device” attribute in application connector, if the certificate does not have the key and the certificate is generated using CSR gen option from Device.

AppViewX