Current Situation:

• Configuration Details:

  • WSMan service is configured on IP address 77.95.244.73.

  • Polling command used: poll -c org.opennms.netmgt.poller.monitors.WsManMonitor 77.95.244.73 resource-uri="http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/Win32_Service" selector.Name="SNMP" rule="#State matches 'Running' and #Status matches 'OK'"

  • Issue encountered: Service is reported as down with the error javax.xml.ws.soap.SOAPFaultException: No CallbackHandler available to garner authentication information from the user.

Enhancement Request: The customer requires the ability to use certificate-based authentication with WSMan in OpenNMS. The current setup involves using certificates signed by the same CA and requires HTTPS/SSL, as insecure protocols are not an option. There is a need to support certificate-based authentication without relying on username and password credentials.

Additional Information:

• The customer has successfully used Kerberos authentication with the appropriate enctype (aes256-cts-hmac-sha1-96), but now seeks a solution for certificate-based authentication.

• The customer is willing to provide configuration files if needed for further analysis.

Request: Please investigate and develop an enhancement to support certificate-based authentication with WSMan in OpenNMS, addressing the need for HTTPS/SSL and avoiding insecure protocols.