a Domino SSL problem

quote:

http://www-1.ibm.com/support/docview.wss?uid=swg21109822

Problem

After you configure SSL for HTTP on a Lotus? Domino? server, no one can connect using SSL. A Web browser displays the message “Page cannot be displayed.” On the Domino server console, you see mention of “Keyring File access error” and status [4169].

Example console entries:

04:44:16 PM HTTP Server: SSL Error: Keyring File access error
04:44:16 PM HTTP Server: SSL handshake failure, IP address [x.x.x.x], Keyring [keyfile.kyr] status [4169]
– or –
HTTP Server: SSL Error: Keyring File access error, key ring file [keyfile.kyr], IP address [x.x.x.x]
– or –
SSL Error: Keyring file format error, keyring file <filename>, <hostname>

Solution

This error occurs when the key file cannot be accessed for some reason. The key file may be inaccessible because of wrong permissions, corrupt or missing .STH file, or corrupt or missing .KYR file. Make sure none of these conditions exist for your Domino server.

Check that the keyfile.kyr and keyfile.sth are present in the domino\data directory. The .sth file is the stash file for the keyfile’s password. The server must have this file to be able to access the keyfile. If the sth file is present, it may be corrupted or the server may not have appropriate permissions to access the file from the operating system. Replace the file if needed, and verify the permissions.

Make sure the actual file name is listed in the Server document or Internet Site document “SSL key file name” field. You can enter the console command tell http show security to see what file is in use by the Domino server.

Verify that Domino has the correct permissions to access the files at an operating system level. For example, for operating systems that require an account, the file permissions should include the Domino account as owner of the key file, or to allow the user that Domino is running under at least read access to the file.

Related information

‘SSL Error: Keyring file not found’ when enabling SSL

发表评论

Fill in your details below or click an icon to log in:

WordPress.com 徽标

您正在使用您的 WordPress.com 账号评论。 注销 /  更改 )

Google photo

您正在使用您的 Google 账号评论。 注销 /  更改 )

Twitter picture

您正在使用您的 Twitter 账号评论。 注销 /  更改 )

Facebook photo

您正在使用您的 Facebook 账号评论。 注销 /  更改 )

Connecting to %s


%d 博主赞过: