Has anyone got this to setup, I am trying to setup a test lab with
vsphere 6.7
horizon 7.5
appvolumes 2.14
uem 9.4
but I can't get the jmp server to register, it keeps saying
and I can't figure out the logs to see more. If I go to the jmp server with a webbrowers I see a 404, which I can't figure out is expected or not, I think so since this is probably just an server to make api calls to. I am using all self signed certificated, but I copied each of the verts to the folders listed in
but I can't seem to get it to work. Any suggestions would be great
av-selfsigned.cert.pem
I got it to work finnally. The last error I got was
To get it to work I had add my admin account directly in horizon, I couldn't use the ad group I had set for administrators. Then I needed to logon directly to the horizon console, before I used the horizon console from the flash interface. I think thats the token based session. Once I did both of these the jmp server validated successfully.
Can you share the http response for login call(JMP Server registration call)?
Have few questions:
1. Is your Jmp server's self signed certificate replaced with CA signed?
2. Are the jmp server services up? Try hitting this url from your browser https://<jmp-server-ip>/xmp/system/versions , it should return 200 OK.
3. Is the horizon certificate copied into "/vmware/jmp/com" folder as "horizon.cert.pem".
4. Are you logged into horizon as domain/admin or are you using horizon servers local account?
I'm not near in right now but I wanted to answer the other questions. I'll check the http resoponse when I can.
1. Is your Jmp server's self signed certificate replaced with CA signed?
No I'm using all self signed certs. I setup a small lab to test this, previous labs didn't need real certs.
2. Are the jmp server services up? Try hitting this url from your browser https://<jmp-server-ip>/xmp/system/versions , it should return 200 OK.
thanks for this, going directly to the https://<jmp-server-ip> provides a 503 tomcat error if I remember, I'll try this url later
3. Is the horizon certificate copied into "/vmware/jmp/com" folder as "horizon.cert.pem".
I have both the horizon and appvolumes certificates here, both self signed
4. Are you logged into horizon as domain/admin or are you using horizon servers local account?
using the domiain\admin account.
This is all in vmware workstation in two nested esxi servers so I'm not sure if thats related. Everything is on the same subnet.
{"success":"ok","data":{"type":"Version","name":"v100","current":true,"deployment_mode":"wem","product_name":"VMware App Volumes XMP","version":"1.0.0","product_version":"1.0"}}
is what https://<jmp-server-ip>/xmp/system/versions returns. So it looks like the horizon part isn't working?
The response I get back when I try to add it is
{"code":403,"error":"Error: Unable to verify Horizon JWT","error_code":"1044","error_type":"horizonJwtVerificationError"}
I get this sometimes too
I got it to work finnally. The last error I got was
To get it to work I had add my admin account directly in horizon, I couldn't use the ad group I had set for administrators. Then I needed to logon directly to the horizon console, before I used the horizon console from the flash interface. I think thats the token based session. Once I did both of these the jmp server validated successfully.
I've tried the same steps that you described here and when browsing to https://<jmp-server-ip>/xmp/system/versions it's successfull. However when I browser directly to https://<jmp-server-ip> I get an nginx 404 error. There doesn't seem to be anything that sticks out in the nginx logs either.
Has anyone else come across this 404 error?
All of the other steps that are suggested I can verify are correct.
Anyone have any further ideas or things to lookout for troubleshooting?
the 404 nginx error is expected I think, you never go there directly, you access the jmp services from the new horizon console. I've installed this in two different enviornments now successfully. To get the true error codes enable web developer tools in a browser like firefox to watch the http requests
Network Monitor - Firefox Developer Tools | MDN
go to the new admin console on the connection server and attempt to add the jmp server. Look at the last request that was attempted, if you click on the response from that attempt its where I got the message. The key things I learned that I don't think are in the instructions
1.)The account you are logging into the newadmin console needs to be added directly to the administrators group in horizon. I had a AD group we use for administrators, but it looks like the API doesn't like the security groups
2.)You need to go directy the to new admin console(https:/connectionserver.url.new admin. You can't go through the old console and click on the horiozn console button at the top, that uses a token based login, which the jmp server doesn't like
Out side of this the other most important part is to make sure the ssl certificates from appvolumes and horizon are in the jmp/com folder listed here
,
Configuring TLS Certificates and Cipher Suites for JMP Server
Hey sjesse,
Did you got a 504 error in your troubleshoot?
504 Gateway Timeout
Request URL: https://jmpserver/xmp/jmp/login
I'm checking with the developer tool in Chrome Browser.
I'm able to connect HTTPS 443, Horizon CS and JMP are in the same network.
Every service is up and running, and certificates ok as well.
Using Self-Signed for JMP and got both CA-Signed (Horizon and AppVolumes) in the COM folder.
Domain Account added in Horizon Administrator as well.
When i try to Add the JMP server and hit save, it connects and after a few seconds, it shows the 504 error.
Any ideas?
Thanks
I did not see that issue. See if you can ping the server from the horizon connection serer, and from your desktop. Also make sure the jmp server has proper dns, you just have jmpserver as the fqdn. Since this requires ad make sure its connected to the domain and then when you add it use the full domain name.
Hey,
Yes, i can ping from the Horizon CS and Desktop.
I'm also using a proper dns configuration, with fqdn, registered in domain/dns, everything works.
Could you please confirm for me what it shows, using this url for your environment: https://yourjmpserver.com/xmp/jmp/login
For me is this message: {"code":"NotFound","message":"/xmp/jmp/login"}
Just checking if it trying to connecting to a service/api that is not properly running or if this is a common message for it.
Thanks,
In the horizon server new admin console where you add the jmp server its just the jmp.server.com address. Don't add anymore.
Actually its the https://jmp.server.com address don't add the part after the /
Actually I'm experiencing this exact same thing as mouraMXmouraMX too.
I have been using the developer view as suggested by sjesse a few posts early to further troubleshoot and thats the same error in regards to https://yourjmpserver.com/xmp/jmp/login that I'm seeing in the Network view of developer mode in Firefox. Very odd to say the least.
If you are using self signed certificate for JMP server, make sure you add certificate exception to browser and then try registering jmp server. Hit the url https://<jmp-server-ip>/xmp/system/versions and add exception to your browser.
I've also tried this as well and today did a fresh install in our test environment and got similar results only this time it says the horizon certificate is missing. I've definitely exported the self-signed cert created during the Horizon 7 install to the correct location on the JMP server yet still no luck.
At this point I'm at a complete loss for where to go next and feel like a crazy person. Anyone have any other suggestions or experienced similar issues?
Thanks for everyone's response already as well. Appreciate it!
check that the certificate added to jmp server(horizon and av certificates) have .pem extension not .cer extension
How I got the certificates was to go to the page in a web browser, open the certificate, and then export it. Make sure you pick the base 65 option, and then check the extension. Mine kepts saying as .cer so I used a command prompt and the move command to change it to the correct extension. I think if you do it this way your doing it the same way the JMP server needs to so you know you have the correct cert.
ok, so after deleting my Horizon servers, which had already been through several version upgrades, and re-installing the JMP server along with using the .pem cert extension instead of .cer for both the App Volumes and Horizon certificates I've now finally got everything up and running and integrated.
Thanks for everyone's suggestions and help, they've been much appreciated!