Error:"10022 Enabling SSL services for HTTPSTK.NLM -SSL Disabled."
(Last modified: 14Dec2004)
This document (10073617) is provided subject to the disclaimer at the end of this document.
fact
Novell NetWare 5.0
Novell NetWare 5.1
Novell NetWare 6.0
symptom
Error:"10022 Enabling SSL services for HTTPSTK.NLM -SSL Disabled."
Get error when loading HTTPSTK.NLM
fix
The fix for this issue requires updates to PKI, eDirectory and NILE.NLM, the following are the required versions:
note
TROUBLESHOOTING STEPS
1) Check the load order of the security files within your AUTOEXEC.NCF. The load order should look like this:
LOAD NICISDI.XLM s
LOAD SASDFM.XLM
LOAD SAS.NLM
LOAD PKI.NLM
LOAD NILE.NLM
LOAD HTTPSTK.NLM /SSL /keyfile:"SSL CertificateIP"
LOAD PORTAL.NLM
2) Make sure that all of the above NLMs are actually loaded.
3) If it has been necessary to change the load order of the security files to reflect the load order above, restart the server using the -kf8 switch, i.e.
server -kf8
This will enable you to step through the loading of each module on the server, similar to what you do when you using the "F8" option with DOS.
This step is necessary to confirm that you have no corruption and that all the security files load without any errors.
4) If the server comes up without any security file load errors then try using portal.nlm.
To do this enter first the ipaddress with port 8008, i.e.
http://192.168.100.10:8008
This is an unsecured connection to the server using portal, which will confirm that portal is actually functional.
5) Try accessing portal using a secured connection:
http://192.168.100.10:8009
This will then establish a secured SSL connection.
6) If this all works you know you are looking at a timing issue.
In certain cases it is necessary to move the loading of HTTPSTK.NLM and PORTAL.NLM right to the end of the AUTOEXEC.NCF. So your AUTOEXEC.NCF would look something like:
LOAD NICISDI.XLM s
LOAD SASDFM.XLM
LOAD SAS.NLM
LOAD PKI.NLM
LOAD NILE.NLM
.
.
(load all other stuff)
.
.
(end of AUTOEXEC.NCF)
LOAD HTTPSTK.NLM /SSL /keyfile:"SSL CertificateIP"
LOAD PORTAL.NLM
7) If this still fails you may need to load HTTPSTK.NLM with a delay.
So HTTPSTK.NLM would then be loaded in the following manner:
? LOAD HTTPSTK.NLM /SSL /keyfile:"SSL CertificateIP"
8)If you you are still receiving the error even with a 10second delay you may need to increase this delay. You can change the SET parameter Command Line Prompt Time out from the default of 10 seconds to 60 seconds or higher. Changing this parameter will increase the time the server waits when loading an something with a "?" in front of it.
Load Monitor - Server Parameters - Miscellaneous - Command Line Prompt Time out
9) If you are still receiving the error and the server in questions does NOT hold a copy of the partition that it is located in, add a Read/Write replica.
10) Other problem(s) exist and are being investigated by Novell at this time. The possibilities include: Winsock issues, NLM mismatches, NDS problems, NICI problems, or rights issues. This solution will be updated as the problems and fixes are identified.
For further information please also see:
10056039 - SSL initialization fails when loading HTTPSTK.NLM or the WEB Server
10056945 - Error 10022 Enabling SSL services for HTTPSTK.NLM -SSL Disabled
document
| Document Title: | Error:"10022 Enabling SSL services for HTTPSTK.NLM -SSL Disabled." |
| Document ID: | 10073617 |
| Solution ID: | NOVL81685 |
| Creation Date: | 16Aug2002 |
| Modified Date: | 14Dec2004 |
| Novell Product Class: | NetWare Novell eDirectory Web Services |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.