|
|
If the HP WebWise MPE/iX Secure Web Server job JHTTPDS aborts,
first check the $STDLIST spoolfile for any error messages, followed
by the error_log, followed by the ssl_engine_log.
If the HP WebWise MPE/iX Secure Web Server job appears to be running normally,
but browser users are receiving error messages instead of data, check the
access_log to see if the server is receiving their request. The
access_log will show the IP address (or hostname) of the browser, the
requested URL, and resulting HTTP return code, and the amount of bytes
transferred. A return code of 200 means success, 401 means that access was
denied to this URL, and 404 means that the URL was not found.
The error_log and ssl_engine_log may have additional
information regarding unsuccessful entries that appear in the
access_log. The verbosity of the error_log and
ssl_engine_log may be increased by editing the LogLevel and
SSLLogLevel configuration directives respectively.
If a browser user is having SSL-related problems, check the
ssl_request_log to see if the expected protocol and cipher is being
used.
If the browser gets no response from the server, check that the JHTTPDS job is
still running, and verify that the correct TCP/IP ports are being listened to
by examining conf/httpd.conf. Note that a URL of the form
http://your.host.name/foo.html assumes a default port of 80, and a URL
of the form https://your.host.name/foo.html assumes a default port of
443.
If Microsoft Internet Explorer returns an error saying "The page cannot be
displayed", or Netscape Communicator returns an error saying "A network error
occurred while Netscape was receiving data", verify that you're trying to
browse an https:// URL from a port listening for the SSL/TLS protocol,
and that your browser is speaking the same version of the SSL/TLS protocol that
is expected by the server.
If your browser always begins a certificate dialog when you browse to the
server, it could be due to any of the following reasons:
Your server certificate wasn't signed by one of the browser's
trusted CAs. Either obtain a new server certificate from one of those
trusted CAs, or add the current CA to your browser's list of
trusted CAs.
Your server certificate has expired. Obtain a new server
certificate.
Your server certificate hostname doesn't match the URL hostname.
Either obtain a new server certificate containing the proper
hostname, or use a URL with the proper hostname.
To verify the protocol and cipher your browser is using to talk to the server,
either check the logs/ssl_request_log file on the server, or ask your
browser for this information. If using Microsoft Internet Explorer, right-click
anywhere on the web page, then left-click on the Properties menu item. If using
Netscape Communicator, right-click anywhere on the web page, then
left click on the View Info menu item.
|