Web Help Desk discovery connection with JSS 9.61

pbenham
Contributor

Quick question:

Anyone out there in JSS land using Web Help Desk with a Casper 9 discovery connection? If so are you seeing errors after upgrading to JSS 9.61?

Looks like there is an issues as JSS 9.61 switched SSL 3.0 for TLS (from the release note - [D-007876] The default server.xml file now only supports Transport Layer Security (TLS) and disables support for Secure Sockets Layer (SSL) v3.0.). Web Help Desk now errors out for us with this:

Encountered error(s) during synchronization:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

So...anyone seeing this? I have had conversations with both JAMF and Solarwinds (Web Help Desk) about this and I'm trying to collect info to pass on to them.

Cheers

Paul

14 REPLIES 14

pat_best
Contributor III

We have our discovering connection set up, but have not done a sync since 9.61 upgrade. I would be happy to run a sync and see what happens. It sounds like the sync does not occur at all? My only hesitation would be if you have already experienced corrupt database info. So I am clear, all you have seen is a no-go on a sync not data loss or corruption?

pbenham
Contributor

No data corruption. It's just that the sync does not complete. I wouldn't have noticed it either only I had a note to go and remove our old Casper 8 discovery connection last week (after the 9.61 update) and I saw it then.
Let me know if you are able to confirm what I'm seeing, or not!
Thanks

Paul

pat_best
Contributor III

JSS 9.61 and WHD version 12.1 and I have the same error

pbenham
Contributor

Hi Pat,

we have fixed the discovery connection issue between WHD and the JSS. Let me know if you'd like our process (if you haven't already worked it out for yourself).

Cheers

Paul

damienbarrett
Valued Contributor

I'd like to know how to fix this. I've been unable to find a solution yet.

pbenham
Contributor

Drop me a line at pbenham@bates.edu and I'll get you the info that we used.

Cheers

Paul

cmarker
Contributor

I'm also having the same issue with 9.61 and Web Help Desk.

khatem
New Contributor

I would also like to know how to fix this. I'm using 9.62.

CasperSally
Valued Contributor II

It's related to the poodle vulnerability and effects earlier versions of JSS if you manually fixed it using the JAMF KB here

https://jamfnation.jamfsoftware.com/article.html?id=382

This vulnerability is fixed in newer versions of JSS.

Backup the server.xml file first, but try to remove the line suggested in step 3 to see if that fixes it. IF it doesn't, put the server.xml file back
<<
1) Open the server.xml file in a text editor.
2) The server.xml file is located in /path/to/JSS/Tomcat/conf/.
3) Add the following attribute to the Connector element for port="8443" after the sslProtocol="TLS" attribute:
sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"
4) Save and close the server.xml file.
5) Restart Tomcat.>>

Of course this is less than ideal, less secure. We are putting a solarwinds ticket in on it, you all should too. Other user posted in earlier thread his ticket number with them (714076) with them so hopefully if enough people complain they'll address. And maybe someday they'll support iOS syncing?

khatem
New Contributor

I also updated my WHD from 12.1 to 12.2 and now it works.

BVikse
New Contributor III

@khatem so you left the lines in server.xml in place and just updated WHD?

khatem
New Contributor

That is correct Vikse.

Malcolm
Contributor II

@pat.best Hmm been looking for a ticket system to integrate with JSS, do you know if the free version of Web Help Desk integrates with it?

pat_best
Contributor III

@Malcolm I don't have any information on that. I actually don't work in that environment anymore. Let me page @ncottle for you to see if he has any info for you!