Hi,
Yeah there are issues. Previously jmx.web.console.ssl.* config was done in wrapperContext.xml (for DM) and applicationContext.xml (for Executionserver). Sometime after v5.0.2 this moved to the distributed.properties file. This config does not get upgraded so manual intervention is required.
Repository – even if your previous server.xml is configured only for https post upgrade seems to reenable non https too – so you have to manually comment out that section again.
Non ssl related
tomcat-users.properties in the repository does not get upgraded.
If you set RUN_AS_USER= in any of the start scripts for INIT integration – this gets wiped.
The new 64bit agent installer doesn’t even have a RUN_AS_USER= option, even though the install stdout instructions tell you to find and edit accordingly – I had to add this in manually ☹.
The watchdog script doesn’t work with ssl – you have to add a ‘-k’ to the curl command (this is not upgrade to v5.5.2 specific – simply missed by CA Dev in all ) – I raised a support case for this, and advised them of the problem and the fix. Bearing in mind this is a paid for product and this particular script is part of the core HA functionality and is a script not a config file, the response was that I, a customer, should make the edit to the script myself and the fix CA were proposing was to add some text to the online v5.5 documentation. WOW! I’d expect that kind of behaviour from open source not a paid for product – very cheeky.
The nolio_server.sh script has a bit of logic to determine the OS – there is a ‘tr’ command in it that needs modifying – by either surrounding the pattern match with single quotes or removing the square braces altogether. Bad scripting.
There are heaps more like this but I need to get back to my day job and stop moonlighting (albeit unpaid and without any agreement) as one of CA’s RA debug/test team.
I can only assume the CA RA test team are focusing their testing elsewhere?
Cheers
Stuart