To disable TLS for NFM-P XML API clients

Purpose

The following steps describe how to disable TLS for all XML API clients in order to support OSS clients in a non-secure environment.

Note: Disabling TLS on the XML API also disables TLS for all clients that use the XML API, and for NFM-P GUI clients. Browser-based clients are unaffected, and must use HTTPS for access.

Note: Disabling TLS on the XML API disables the NFM-P REST API, which can operate only when secured using TLS.

CAUTION

Service Disruption

Performing the procedure involves stopping and starting each main server, which is service-affecting.

You must perform the procedure only during a scheduled maintenance period of low network activity.

Note: You require the following user privileges on the main server station:

root
nsp

Note: The Bash shell is the supported command shell for RHEL CLI operations.

Note: The following RHEL CLI prompts in command lines denote the active user, and are not to be included in typed commands:

# —root user
bash$ —nsp user

Steps


1	Perform the following steps on each main server station to stop the main server. Note: In a redundant system, you must stop the standby main server first. Log in to the main server station as the nsp user. Enter the following: `bash$` `cd /opt/nsp/nfmp/server/nms/bin ↵` Enter the following: `bash$` `./nmsserver.bash stop ↵` Enter the following: `bash$` `./nmsserver.bash appserver_status ↵` The server status is displayed; the server is fully stopped if the status is the following: `Application Server is stopped` If the server is not fully stopped, wait five minutes and then repeat this step. Do not perform the next step until the server is fully stopped. Enter the following to switch to the root user: `bash$` `su ↵`
2	When the main servers are stopped, perform the following on each main server station. Enter the following: `#` `samconfig -m main ↵` The following is displayed: `Start processing command line inputs...` `<main>` Enter the following: `<main>` `configure oss no secure back ↵` The prompt changes to `<main configure>`. Enter the following: `<main configure>` `back ↵` The prompt changes to `<main>`. Enter the following: `<main>` `apply ↵` The configuration is applied. Enter the following: `<main>` `exit ↵` The samconfig utility closes.
3	Perform the following on each main server station to start the main server. Note: In a redundant system, you must start the primary main server first. Enter the following to switch back to the nsp user: `#` `exit ↵` Enter the following: `bash$` `cd /opt/nsp/nfmp/server/nms/bin ↵` Enter the following: `bash$` `./nmsserver.bash start ↵` Enter the following: `bash$` `./nmsserver.bash appserver_status ↵` The server status is displayed; the server is fully initialized if the status is the following: `Application Server process is running. See nms_status for more detail.` If the server is not fully initialized, wait five minutes and then repeat this step. Do not perform the next step until the server is fully initialized.
4	Close the console window.
5	On each XML API client station, modify the URL that the client uses to reach the main server. Change https: to http:. Change the URL port value from 8443 to 8080. End of steps