Page cannot be displayed when using web browser to access secure ports 443 or 8009
(Last modified: 31Jan2003)
This document (10066890) is provided subject to the disclaimer at the end of this document.
fact
Novell iPrint
Novell NetWare 6.0
symptom
Page cannot be displayed when using web browser to access secure ports 443 or 8009
Winsock error 10061 when attempting to install an iPrint printer
Unable to access NetWare Remote manager over secure port 8009
fact
Can successfully access NetWare Remote manager over unsecure port 8008
TCPcon shows that server is not listening on ports 443 or 8009
cause
Problems with the certificate used to load HTTPSTK. Specifically, the IP address shown for certificate object was incorrect.
In another case Httpstk.nlm was loaded without a certificate.
fix
Make sure HTTPSTK.NLM is loaded with a certificate. By default, the load line for HTTPSTK will look like this: LOAD httpstk.nlm /SSL /keyfile:"SSL CertificateIP"
or this: LOAD httpstk.nlm /SSL /keyfile:"SSL CertificateDNS"
Make sure the certificate listed exists in the container where the server resides, and edit AUTOEXEC.NCF to load httpstk with the certificate as shown above.
Create a new NDSPKI: Key Material object to be used with HTTPSTK. Perform the following steps:
1. Right click on the container where the server resides, select New, Object, NDS:PKI Key Material,
2. Choose the file server (typically the file server running iPrint). Click on "standard", and take the defaults.
3. Edit Autoexec.ncf, find the line loading httpstk, and replace the name of the key material object with the name of the object you just created. The line will look like this:
LOAD httpstk.nlm /SSL /keyfile:"name of the kmo you just created"
OR Use console one to edit the properties of the existing kmo object. But to edit the object you need to unload the certificate server snapins. Perform the following steps:
1. Launch NWConfig at the server console, choose NCF File options, and Edit Autoexec.ncf. Make a note of the name of the certificate attached on the load line. Don't change it, just see what it says.
2. From a workstation, browse to the directory from which ConsoleOne is launched. Open the folder \ConsoleOne\1.2\resources\Security, and rename the files pkitoolkit.jar and pkires.jar. Make sure the extention is not .jar.
3. Open the folder \ConsoleOne\ConsoleOne\1.2\Snapins\Security, and rename the file pki.jar to a different extention.
4. Launch ConsoleOne, go into properties of the certificate (NDSPKI: Key Material object) that is loaded with HTTPSTK. This object should reside in the same container as the server.
5. In the "Other" tab under properties of this object, edit the problem attribute. For an incorrect ip address, edit the attribute "NDSPKI:Subject Name." The subject name should show as :
.O=<name of the Organization>.CN=<ipaddress or dns name of the server>
document
| Document Title: | Page cannot be displayed when using web browser to access secure ports 443 or 8009 |
| Document ID: | 10066890 |
| Solution ID: | NOVL66558 |
| Creation Date: | 17Dec2001 |
| Modified Date: | 31Jan2003 |
| Novell Product Class: | NetWare Novell eDirectory Web Services |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.