add doc for troubleshooting AT-TLS Zowe Desktop issues#4701
Conversation
Signed-off-by: MarkAckert <mark.ackert@broadcom.com>
Signed-off-by: MarkAckert <mark.ackert@broadcom.com>
MarkAckert
added
area: docs
|
😺 Thank you for creating this PR! To publish your content to Zowe Docs, follow these required steps.
Need help? Contact the Doc Squad in the #zowe-doc Slack channel. |
| Upgrade to Zowe 3.4.0 if available, OR add required metadata manually to the ZLUX app in the APIML Discovery service. The metadata will need to be added after any restart of Zowe. Contact your conformant support provider for assistance. | ||
|
|
||
| The metadata that should be added to the ZLUX eureka app: | ||
| - `apiml.corsEnabled`: `true` | ||
| - `apiml.corsAllowedOrigins` : `https://<your_zowe_host>:<catalog_port>,https://<your_zowe_host>:<gateway_port>` |
There was a problem hiding this comment.
Is there no way to provide these via properties? I think it's quite complicated to add these after every restart considering it requires direct access to the eureka API and client certificate authentication.
There was a problem hiding this comment.
There's no way to provide this via properties that I could find. The metadata is all populated in code. I agree the workaround is possible but a huge pain; maybe it's better to simply say wait for 3.4.0?
There was a problem hiding this comment.
I think it will be very difficult for customers to update the metadata of the zlux service based on these steps alone (I'm thinking about the client certificate requirement, finding the correct endpoint and parameters to provide). Maybe we should include those details to the instructions?
There was a problem hiding this comment.
Yeah, I omitted that in favor of Contact your conformant support provider for assistance. I can move this to the front of the statement. I'll take a stab at writing out the details in an expandable block, but my impression was this is too much for most users to work through on their own, even with some instruction in the doc.
There was a problem hiding this comment.
@pablocarle are any specific user permissions required to update the service metadata? Is this endpoint protected by APIML.SERVICES ?
There was a problem hiding this comment.
No, only requirement is to provide client certificate authentication with a trusted cert
Signed-off-by: MarkAckert <mark.ackert@broadcom.com>
Signed-off-by: Andrew Jandacek <andrew.jandacek@broadcom.com>
janan07
left a comment
janan07
left a comment
There was a problem hiding this comment.
Reviewed and edited by Doc Squad
skurnevich
left a comment
skurnevich
left a comment
There was a problem hiding this comment.
Just realized that square brackets would not work here, should be written as other arrays
😨 you're right - I got that array syntax working in a test environment, but had trouble with it in others. I'll switch it. |
Signed-off-by: MarkAckert <mark.ackert@broadcom.com>
Signed-off-by: MarkAckert <mark.ackert@broadcom.com>
Signed-off-by: MarkAckert <mark.ackert@broadcom.com>
Signed-off-by: MarkAckert <mark.ackert@broadcom.com>
5 participants
Describe your pull request here:
Adds doc describing possible issues with Zowe Desktop apps in AT-TLS mode, and their fixes.
Related PRs (fixes coming in 3.4.0):
zowe/zss#797
zowe/zlux-server-framework#617
List the file(s) included in this PR:
docs/user-guide/configuring-at-tls-for-zowe-server.md