| Author |
APACHE2 & ADMSRV problem
|
|
| John Sposato 2005-10-24, 9:15 am |
| Neither the ap2webup or apache2 commands result in a loaded Apache.
Neither one gives an error. One just flashes by and the other has only
"<Press any key to continue>" on it. When I press the any key ;)
the screen goes away.
I have run PKIDIAG and tckeygen with no luck.
This is a new 6.5Sp3 install, and I did get an NMAS error during
installation. I have since gone back and re-installed NMAS (without
un-installing) and received no errors.
I have verified httpd.conf (SYS:apache2\conf) against a working server
and it is ok.
The startup.err file is 0 bytes. It contains no data.
error_log contain this line several times (from several failed startup
attempts):
[Wed Oct 19 12:14:44 2005] [crit] (10043)Unknown error:
make_secure_socket: failed to get a socket for address 159.178.45.16
port 2200
Configuration Failed
I have verified that the IP is bound to the board and I can ping the IP.
Not sure where to go from here, any suggestions?
TIA,
John
| |
| Timothy Leerhoff 2005-10-24, 9:15 am |
| Looks like it is a cert/encryption issue.
Try the following:
in the httpd.conf file comment out all the includes (normally near the
end, then comment out the listens pointing to an encrypted port (443,
2200, etc)
Try loading apache again and post any error on the logger, startup.err,
etc
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
| |
| John Sposato 2005-10-24, 9:15 am |
| Timothy Leerhoff wrote:
> Looks like it is a cert/encryption issue.
>
> Try the following:
> in the httpd.conf file comment out all the includes (normally near the
> end, then comment out the listens pointing to an encrypted port (443,
> 2200, etc)
>
> Try loading apache again and post any error on the logger, startup.err,
> etc
>
From error_log:
[Fri Oct 21 13:05:13 2005] [crit] (10043)Unknown error:
make_secure_socket: failed to get a socket for address 159.178.45.16
port 2200
Configuration Failed
Nothing in startup.err, it's still 0 bytes.
I attached a screen print of the logger screen.
| |
| Timothy Leerhoff 2005-10-24, 9:15 am |
| You still need to comment out the iManager line(s)
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
| |
| John Sposato 2005-10-24, 9:15 am |
| Timothy Leerhoff wrote:
> You still need to comment out the iManager line(s)
>
Ok, I had one line trying to listen on 443, commented that out and
Apache will start, but not admsrv (probably because 443 is commented out).
startup.err is still empty and I get the same error in error_log.
TID 10096205 seems to be my problem, but when I try to install the
Apache patch, it tells me I'm not on NW65SP2 or higher. I've verified
with version that it is NW65SP3OES.
I attached the logger screen from this run.
| |
| John Sposato 2005-10-24, 9:15 am |
| Timothy Leerhoff wrote:
> You still need to comment out the iManager line(s)
>
I also notice that I do not have IP AG or DNS AG entries for this
server. I am running PKIDIAG 4,5,0 now.
| |
| John Sposato 2005-10-24, 9:15 am |
| John Sposato wrote:
> Timothy Leerhoff wrote:
>
> I also notice that I do not have IP AG or DNS AG entries for this
> server. I am running PKIDIAG 4,5,0 now.
Ok, so now I can un-comment out those lines except :
#SecureListen 443 "SSL CertificateDNS"
and Apache 2 will start with "Listening on port 80,loading dynamic
module util_ldap.c, mod_auth_ldap.c and mod_jk.c. Still no adminsrv
however.
If I uncomment the above line, then neither instance will start.
| |
| Timothy Leerhoff 2005-10-24, 9:15 am |
| Try creating a new certificate via ConsoleOne just for Apache (SSL
CertificateApache) and add it to the httpd.conf for the 443 load line.
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
| |
| Timothy Leerhoff 2005-10-24, 9:15 am |
| Let's not worry about admsrv yet as let's get the first apache load
working first.
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
| |
| Timothy Leerhoff 2005-10-24, 9:15 am |
| > I also notice that I do not have IP AG or DNS AG entries for this
> server. I am running PKIDIAG 4,5,0 now.
How did the PKIDIAG run work?
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
| |
| John Sposato 2005-10-24, 9:15 am |
| Timothy Leerhoff wrote:
>
>
> How did the PKIDIAG run work?
>
Seems to have gotten APACHE2 going.
| |
| Timothy Leerhoff 2005-10-24, 9:15 am |
| > Seems to have gotten APACHE2 going.
Sounds good.
Creating a separate cert for Apache is not that bad a thing to do. It
verifys full communication with the certificate server.
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
| |
| John Sposato 2005-10-24, 9:15 am |
| Timothy Leerhoff wrote:
>
>
> Sounds good.
>
> Creating a separate cert for Apache is not that bad a thing to do. It
> verifys full communication with the certificate server.
>
I don't have a problem with that. So if I uncomment the SSL stuff and
the other includes, should ADMINSRV work?
| |
| Timothy Leerhoff 2005-10-24, 9:15 am |
| > I don't have a problem with that. So if I uncomment the SSL stuff and
> the other includes, should ADMINSRV work?
These are exclusive of each other.
At this point I suggest you start putting the includes back in place of
the httpd.conf and try it again.
If you look at the admsrvup.ncf file you will see which conf file is
used. Then procede as you did above. If you try admsrvup now dies it
work?
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
| |
| John Sposato 2005-10-24, 3:19 pm |
| Timothy Leerhoff wrote:
>
>
> These are exclusive of each other.
>
> At this point I suggest you start putting the includes back in place of
> the httpd.conf and try it again.
>
> If you look at the admsrvup.ncf file you will see which conf file is
> used. Then procede as you did above. If you try admsrvup now dies it
> work?
>
admsrvup does not work, it simply flashes by with no second instance of
Apache.
I will start working through the includes one by one and see what happens.
Thanks for all of your help!
| |
| Timothy Leerhoff 2005-10-24, 5:45 pm |
| FYI by default the admsrv does not have a separate screen. If you look
at the admsrvup.ncf file you can comment out the hidescreen line.
also watch the startup.err file for each load. the errors there should
help point you to the issue.
--
Timothy Leerhoff
Novell Support Forum Sysop
"I have the body of a god, unfortunately it's Buddah"
- T-shirt quote
|
|
|
|