Thursday, 6 November 2014

IBM BPM - BPMConfig, Response Files and Escape Characters

This follows on from these two posts: -

This time around, I am using the BPMConfig command to create a BPM 8.5.5 Deployment Environment: -

/opt/IBM/WebSphere/AppServer/bin/ -create -de /mnt/hgfs/SoftwareLibrary/ResponseFiles/

which keeps failing with: -

/opt/IBM/WebSphere/AppServer/bin/ -create -de /mnt/hgfs/SoftwareLibrary/ResponseFiles/ 
Logging to file /opt/IBM/WebSphere/AppServer/logs/config/BPMConfig_20141106-213359.log.
Validating the profile registry.
Configuring the deployment manager.
Creating the deployment manager profile.
The following validation errors were present with the command line arguments: 
signingCertDN: Enter only one value for the signingCertDN parameter.
importSigningCertKS: importSigningCertKS cannot be empty.
importSigningCertKSType: importSigningCertKSType cannot be empty.
importSigningCertKSAlias: importSigningCertKSAlias cannot be empty.
CWMCB0003E: A profile was not created for Dmgr01.
The ' -create -de /mnt/hgfs/SoftwareLibrary/ResponseFiles/' command failed. For more information, see the log file /opt/IBM/WebSphere/AppServer/logs/config/BPMConfig_20141106-213359.log.

and: -

2014-11-06 21:38.48.231 Result of executing /opt/IBM/WebSphere/AppServer/bin/ -create -templatePath BPM/BpmDmgr -profileName Dmgr01 -profilePath /opt/IBM/WebSphere/AppServer/profiles/Dmgr01 -cellName PCCell1 -nodeName Dmgr -hostName -serverType DEPLOYMENT_MANAGER -enableAdminSecurity true -adminAliasName CellAdminAlias -adminUserName wasadmin -adminPassword ******** -personalCertDN,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US -signingCertDN,ou=Root Certificate,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword ******** -winserviceCheck false: 1
2014-11-06 21:38.48.231 RETURN 1
2014-11-06 21:38.48.231 RETURN Result of execution: 1
2014-11-06 21:38.48.237 CWMCB0003E: A profile was not created for Dmgr01. CWMCB0003E: A profile was not created for Dmgr01.


This is because I'm using the following line: -

bpm.dmgr.profileOptions=-personalCertDN "\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -signingCertDN "\\,ou=Root Certificate\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword passw0rd "\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -signingCertDN "\\,ou=Root Certificate\\,ou=bpm85Cell\\,ou=bpm85Node1\\,o=IBM\\,c=US" -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword passw0rd

in my response file - - to override the defaults that BPMConfig uses when it creates a profile, as described here: -

Long story short, this was again down to the use of escape characters, which differs from my prior experience ( as per the previous blog posts ).

After much trial and error, I tested this hypothesis by manually executing the manageProfiles command using the exception listed above: -

/opt/IBM/WebSphere/AppServer/bin/ -create -templatePath BPM/BpmDmgr -profileName Dmgr01 -profilePath /opt/IBM/WebSphere/AppServer/profiles/Dmgr01 -cellName PCCell1 -nodeName Dmgr -hostName -serverType DEPLOYMENT_MANAGER -enableAdminSecurity true -adminAliasName CellAdminAlias -adminUserName wasadmin -adminPassword passw0rd -personalCertDN ",ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US" -signingCertDN ",ou=Root Certificate,ou=bpm85Cell,ou=bpm85Node1,o=IBM,c=US" -personalCertValidityPeriod 15 -signingCertValidityPeriod 25 -keyStorePassword passw0rd -winserviceCheck false: 1

which now completes with: -

INSTCONFSUCCESS: Success: Profile Dmgr01 now exists. Please consult /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/logs/AboutThisProfile.txt for more information about this profile.

The solution ?

In this case, I did NOT need to use the escape characters ( \ or \\ ) but I did need to use double-quotes ( "" ) to wrap up the certificate Distinguished Names.

Another lesson learned.

"Every day is a school day!"

No comments: