Troubleshooting tomcat, Troubleshooting imanager, Troubleshooting tomcat troubleshooting imanager – Novell eBook Reader User Manual

48

Liberty Identity Provider for Novell eDirectory

Novell Confidential

07appc.fm last saved 4/14/03

Manual

Version: 3/17/03

103

[Wed Apr 02 14:26:58 2003] [notice] Parent: Created child process 3740

[Wed Apr 02 14:27:01 2003] [notice] Child 3740: Child process is running

[Wed Apr 02 14:27:01 2003] [notice] Child 3740: Acquired the start mutex.

[Wed Apr 02 14:27:01 2003] [notice] Child 3740: Starting 250 worker

threads.

You might get a warning like the one below because the IP address of the server being
accessed did not correspond to the servername entry in the httpd.conf. These types of
warnings are unlikely to cause major problems and can be ignored.

[Wed Apr 02 14:26:57 2003] [warn] RSA server certificate CommonName (CN)

`147.2.32.97' does NOT match server name!?

Secure Mode: From a browser, go to https://<x.x.x.x> where <x.x.x.x> is the IP address of your
Apache Web server.

If the browser displays a 'Page cannot be displayed' error, then the chances are that Apache's server
certificated have not initialized correctly, or have not been configured. Check the following:

1

Make sure that httpd.conf has the LoadModule ssl_module modules/mod_ssl.so statement in
its Dynamic Shared object section, and that the following include statement for ssl.conf exists:

<IfModule mod_ssl.c>

Include conf/ssl.conf

</IfModule>

2

Make sure that the ssl.conf SSLCertificateFile entries are uncommented and point to the
following:

Š

SSLCertificateFile conf/ssl/server.cert

Š

SSLCertificateKeyFile conf/ssl/server.key

3

Make sure that the CRT and KEY files referenced in the ssl.conf file exist under conf/ssl.

You must manually use OpenSSL to create the certificates. OpenSSL is shipped with the Apache
server and instructions to create a test certificate are available at the

Sunsite Web site (http://

sunsite.bilkent.edu.tr/pub/infosystems/modssl/ftp/contrib/apache-ssl-win32-howto-V1.2.html)

.

Troubleshooting Tomcat

If you get an internal server error when you try to access iManager or the IDP server, verify that
Tomcat has successfully intialized by checking the content of the stdout file in the
<Tomcat_home>\logs directory. Tomcat has successfully initialized if the "service started"
message is displayed in this file.

Troubleshooting iManager

To troubleshoot iManager, using a browser, go to https://<ip_addr_of_IDP_Server>/eMFrame/
iManager.html. If you cannot get to this location, go to <Tomcat_home>\logs and check the
iManager_log.<date>.txt. and iManager_eMFrame_log.<date>.txt files for errors.

If you make changes to your Liberty configuration in iManager, you must restart Tomcat in order
for the changes to take effect. Additionally, if you use iManager to defederate a user, you must
restart Tomcat.