4 Replies Latest reply: Dec 16, 2011 5:12 AM by 805385 RSS

    starting an SSL instance automatically

    enkay
      Hello,

      how is it possible to automatically start the ssl instance, version 7.0.12 ?

      # svcadm enable https-webdesk
      # svcs -a|grep http
      maintenance 8:57:42 svc:/network/http:https-webdesk

      +# tail -f network-http:https-webdesk.log+
      +.+
      +.+
      +[ Nov 18 08:57:39 Enabled. ]+
      +[ Nov 18 08:57:40 Executing start method (""/opt/webserver7/https-webdesk/bin/startserv"") ]+
      Oracle iPlanet Web Server 7.0.12 B07/04/2011 12:06
      failure: end-of-file while reading password
      failure: end-of-file while reading password
      failure: end-of-file while reading password
      failure: CORE1227: NSS PKCS #11 initialization failed (SEC_ERROR_BAD_PASSWORD: Security password entered is incorrect.)
      failure: server initialization failed

      As in v6.1, I modied the start script the same way, but it doesn't work anymore.

      # cat /opt/webserver7/https-webdesk/bin/startserv
      .
      .
      case $COMMAND in
      --start|-start)
      +${SERVER_BIN} -d "${SERVER_CONFIG_DIR}" -r "${SERVER_INSTALL_ROOT}" -t "${SERVER_TEMP_DIR}" -u "${SERVER_USER}" -s ${SERVER_BIN} -d "${SERVER_CONFIG_DIR}" -r "${SERVER_INSTALL_ROOT}" -t "${SERVER_TEMP_DIR}" -u "${SERVER_USER}" -s "${SERVER_SVC_START_CMD}" $@ *< /opt/webserver7/https-webdesk/secret/pass*


      any ideas?

      The password is definitely correct.

      I want to start the ssl instance automatically during boot.

      -- Nick
        • 1. Re: starting an SSL instance automatically
          handat
          You can configure password.conf for that. The syntax and format for this hasn't changed since 6.0.
          • 2. Re: starting an SSL instance automatically
            enkay
            ok I read the docs, but it's still not clear to me.

            I edit server.xml

            .
            .
            <pkcs11>
            <enabled>true</enabled>
            <crl-files>???</crl-files>
            <token>
            <enabled>true</enabled>
            <name>???</name>
            </token>
            </pkcs11>


            ??? ... not sure

            /opt/webserver7/https-webdesk/config/secret/password.conf


            whatever I test, I get

            # /opt/webserver7/https-webdesk # bin/startserv -configtest
            Oracle iPlanet Web Server 7.0.12 B07/04/2011 12:06
            [23/Nov/2011:12:15:10] info ( 6824): CORE1116: Oracle iPlanet Web Server 7.0.12 B07/04/2011 12:06
            warning: wl-init reports: missing parameter 'Debug', will use default
            warning: wl-init reports: missing parameter 'WLLogFile', will use default
            warning: wl-init reports: missing parameter 'WLTempDir', will use default
            info: wl-init reports: Debug is disabled [(null)]
            info: wl-init reports: BEA plugin build date/time: Apr 18 2008 11:33:05. Change Number: 1110533
            failure: CORE1227: NSS PKCS #11 initialization failed (SEC_ERROR_BAD_PASSWORD: Security password entered is incorrect.)

            thank you.

            -- nick
            • 3. Re: starting an SSL instance automatically
              handat
              There is nothing you need to change in server.xml. You simply need to put the certificate password into the password.conf file as follows:

              internal:your_password
              • 4. Re: starting an SSL instance automatically
                805385
                If you are using NSS Db you can use token name "internal". We recommend se Admin GUI and CLI to manage the server rather than editing files manually.