SOAPam Server: Certificate installation page returns HTTP 403 Forbidden error

Summary

An issue exists in SOAPam^© Server  that causes the Control Panel certificate installation pages to return an HTTP 403 Forbidden error upon form submission. This is due to an issue with the XSRF protection feature introduced in version 3.1.8.

Advisory Release Date

Jan 31, 2021

Affected Versions

• 3.1.8

Fixed Versions

• 3.1.8.2

Status

A hotfix is available for this issue. Once the hotfix is installed, the issue will no longer occur.

Hotfix Installation

Install the hotfix by following these steps:

1. Download the hotfix PAK file using the link below and transfer the file to your NonStop system using binary transfer.               
   • For TNS/E: hf3182e.pak
   • For TNS/X: hf3182x.pak
2. Unpak the hotfix PAK file, which contains the following files:               
   • SOAPAM - The SOAPAM process program file.
   • SOAPAMP - The SOAPAMP process program file (privileged version)
3. Stop any existing SOAPAM / SOAPAMP processes.
4. Replace the existing program files with the hotfix program files.
5. Restart the SOAPAM / SOAPAMP processes.

The VPROC for this hotfix is:

• TNS/E - T0000H06_31JAN2021_NuWave_SOAPam_3_1_8_2_H_74df1692
• TNS/X - T0000L06_31JAN2021_NuWave_SOAPam_3_1_8_2_H_74df1692