IBM Support

Cloud Pak for Security: Cases Upstream Connect Error from Connection Failure

Troubleshooting


Problem

Logging in to the Cloud Pak for Security (CP4S) web interface is successful, but launching the Cases Application produces the following error message:
"upstream connect error or disconnect/reset before headers. reset reason: connection failure".

Symptom

The isc-cases-application pod shows as running at less than 8/8 (or 9/9 for Cloud Pak for Security release 1.10) which implies that not all of the containers are running. For example, you observe the pod is at 7/8 or less.

Cause

The problem relates to the "isc-cases-customer-license" secret:
  • The name of the key used in the secret is incorrect. It must be called license.key and nothing else.
  • The data within the secret itself either has the wrong content or has an expired the license key.

Diagnosing The Problem

Before you begin
Using the command-line interface, log in to the Red Hat OpenShift Cluster by using an admin login ID or with an admin token.
Note: In the following examples replace $CP4SNAMESPACE with the Cloud Pak for Security namespace you chose when the product was installed.

Referenced Key Name Is Incorrect

Run the following command.

$ oc -n $CP4SNAMESPACE describe secret isc-cases-customer-license
For example: 
$ oc -n cp4s describe secret isc-cases-customer-license
Name:         isc-cases-customer-license
Namespace:    cp4s
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
mysoar.key:  468 bytes

This example output has the key name set incorrectly as "mysoar.key".

Key Used is Invalid

  1. Run the following command: 
    $ oc -n $CP4SNAMESPACE describe secret isc-cases-customer-license
    For example: 
    $ oc -n cp4s describe secret isc-cases-customer-license
Name:         isc-cases-customer-license
Namespace:    cp4s
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
license.key:  485 bytes
    The following example output has the key name set correctly as "license.key" but as the problem persists we need to check the contents of the secret.
  2. Run the following command to show the contents of the secret: 
    $ oc -n $CP4SNAMESPACE extract secret/isc-cases-customer-license --to -
-----BEGIN LICENSE-----
AB+3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345
6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB
CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01
23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567
89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD
EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123
4567890ABCD==
-----END LICENSE-----
    If the contents revealed do not match that of a valid key, then a valid key is required.

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTDPP","label":"IBM Cloud Pak for Security"},"ARM Category":[{"code":"a8m0z0000001h8pAAA","label":"Cases"},{"code":"a8m0z0000001h8uAAA","label":"Install"}],"ARM Case Number":"TS008386044","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.7.2;1.8.0"}]

Document Information

Modified date:
28 October 2022

UID

ibm16555326

Page Feedback