| Author |
Apache doesn't load after NW6.5 SP3 is applied
|
|
| Jason Fischer 2005-05-09, 5:45 pm |
| Hello. Ran the SP3 update to NW 6.5 today and now apache won't run on
one of our servers. Runs fine two other recent updates. Here's the error:
[Mon May 09 15:07:10 2005] [crit] (10043)Unknown error:
make_secure_socket: failed to get a socket for port 443
Configuration Failed
Followed the instructions in this TID 10070141, except the part about
restart SAS, the console tells me "KernelOnly".
Any ideas?
Thanks!
Jason
| |
| Timothy Leerhoff 2005-05-10, 2:45 am |
| With Apache unloaded take a look in TCPCON and see if port 443 is open.
Also please post the last entries from the sys:\apache2\logs\startup.err
--
Timothy Leerhoff
Novell Support Forum Volunteer Sysop
"A bicycle cannot stand alone because it is two tired."
| |
| Jason Fischer 2005-05-10, 7:45 am |
| Timothy Leerhoff wrote:
> With Apache unloaded take a look in TCPCON and see if port 443 is open.
>
> Also please post the last entries from the sys:\apache2\logs\startup.err
>
443 is not open.
The startup.err file appears to be empty.
Jason
| |
| Timothy Leerhoff 2005-05-12, 2:45 am |
| Try just restarting the server.
If this doesn't work tell me which of the following ports are being
listened to as seen in TCPCON:
80
81
389
524
636
2200
2211
8008
8009
--
Timothy Leerhoff
Novell Support Forum Volunteer Sysop
"A bicycle cannot stand alone because it is two tired."
| |
| Jason Fischer 2005-05-12, 5:45 pm |
| Timothy Leerhoff wrote:
> Try just restarting the server.
>
> If this doesn't work tell me which of the following ports are being
> listened to as seen in TCPCON:
>
> 80
> 81
> 389
> 524
> 636
> 2200
> 2211
> 8008
> 8009
>
I restarted the server last night, didn't help.
Here are the ports being listened to:
81
389
524
636
8008
Thanks again for your help.
Jason
| |
| Timothy Leerhoff 2005-05-12, 5:45 pm |
| > 81
> 389
> 524
> 636
> 8008
Interesting combo. Looks like you have a cert that doesn't want to
work. 8009 comes from HTTPSTK (not apache) and the cert it references.
636 is encrypted LDAP.
Try the following:
Create a new cert for the server. Edit the httpd.conf using this cert
in the secure listen line.
Try to fire apache up.
--
Timothy Leerhoff
Novell Support Forum Volunteer Sysop
"A bicycle cannot stand alone because it is two tired."
| |
| Jason Fischer 2005-05-14, 1:02 pm |
| Timothy Leerhoff wrote:
>
>
> Interesting combo. Looks like you have a cert that doesn't want to
> work. 8009 comes from HTTPSTK (not apache) and the cert it references.
>
> 636 is encrypted LDAP.
>
> Try the following:
>
> Create a new cert for the server. Edit the httpd.conf using this cert
> in the secure listen line.
>
> Try to fire apache up.
>
Ok, I did that, but still nothing. Same error in the log. 
Jason
| |
| Jason Fischer 2005-05-17, 5:45 pm |
| Jason Fischer wrote:
> Timothy Leerhoff wrote:
>
>
> Ok, I did that, but still nothing. Same error in the log.
>
> Jason
Also, NetWare Remote Manager doesn't work either. It must be a
certificate issue, but I just can't see where.
Jason
| |
| Timothy Leerhoff 2005-05-26, 2:45 am |
| Did you try http://serverip:8008 for NoRM?
Sorry about the delay, between my daughters wedding and my 2 main PCs going down at the same time I have been a little stressed trying to get to everything.
--
Timothy Leerhoff
Principal Consultant
Independent Experts
Novell Support Forums Sysop
| |
| Jerry Champagne 2005-06-16, 5:45 pm |
| Check that the Public Key certificates are valid. If they've expired, run pkidiag. I had a similar problem. It turned out that the certificates had expired and when I rebooted the server after applying the patch, it wouldn't load the expired cert.
| |
| Timothy Leerhoff 2005-06-22, 5:45 pm |
| > Check that the Public Key certificates are valid. If they've
> expired, run pkidiag. I had a similar problem. It turned out that
> the certificates had expired and when I rebooted the server after
> applying the patch, it wouldn't load the expired cert.
THat may help, and couldn't hurt.
The interesting thing is that LDAP was still binding to a secure port.
Normally if the server certs are bad/expired this will not happen.
--
Timothy Leerhoff
Novell Support Forum Volunteer Sysop
The future comes slowly, the present flies and the past stands still
forever
| |
| Jason Fischer 2005-06-23, 5:49 pm |
| Timothy Leerhoff wrote:
> Did you try http://serverip:8008 for NoRM?
>
> Sorry about the delay, between my daughters wedding and my 2 main PCs going down at the same time I have been a little stressed trying to get to everything.
>
What actually happened was that when SP3 was applied, our NPKIAPI.nlm
was corrupted. Once I replaced that, nearly everything worked. The
only thing that isn't working is just typing in the server's IP and
getting the default OES page.
Jason
|
|
|
|