Topic
  • 4 replies
  • Latest Post - ‏2012-03-28T17:56:53Z by Sunit
MastorofPuppetz
MastorofPuppetz
2 Posts

Pinned topic SSL setup issue

‏2012-03-24T16:39:29Z |
We created a self signed certificate for our web application in WAS 7, we are able to hit the app at first with the certificate warning when using IHS, but after we accept the cert in the browser, we get an Internal server error and the app will not load. We have 2 load balancers and 2 IHS boxes in this setup, all seems to be configured and working OK.

only error we are getting on the logs is:

failed to match localhost:80

Anyone have any idea what may be the issue here? I can hot the http server using SSL no problem but the app does not work.
Updated on 2012-03-28T17:56:53Z at 2012-03-28T17:56:53Z by Sunit
  • SystemAdmin
    SystemAdmin
    3908 Posts

    Re: SSL setup issue

    ‏2012-03-24T19:43:43Z  
    The http_plugin.log doesn't have more detail? You can increase the log level to TRACE.
  • Sunit
    Sunit
    199 Posts

    Re: SSL setup issue

    ‏2012-03-26T13:16:04Z  
    This will need some more details:

    If you are enabling security (SSL) in WAS then -
    1. You need a certificate in WAS so that if you were to access the application using the WAS internal port this certificate will be used. This is created by default.
    2. To access the application using IHS you have to have the correct plugin config made available to IHS. This is done using WAS console. Make sure that your application is bound to the web server instances along with the cluster.
    3. To access the application using IHS with HTTPS protocol (I am assuming that IHS has ben correctly configured for SSL) the certificate mentioned in 1 has to be a trusted certificate for plugin. This is done using WAS console. Push the certificate to the plugin.

    4. Make sure that you have correct host aliases in whatever virtual host you are using for your application. You need entries for web servers as well as app servers. e.g. * 9080, * 9044 for ports used by the application itself and * 80 and * 443 for ports used by IHS.

    • Sunit
  • MastorofPuppetz
    MastorofPuppetz
    2 Posts

    Re: SSL setup issue

    ‏2012-03-27T13:03:39Z  
    We can now get it to work with our own self signed cert, but when we use our cert signed by our domain controller, we get a:

    "SSL Handshake Failed, Certificate validation failed". Any ideas.
  • Sunit
    Sunit
    199 Posts

    Re: SSL setup issue

    ‏2012-03-28T17:56:53Z  
    We can now get it to work with our own self signed cert, but when we use our cert signed by our domain controller, we get a:

    "SSL Handshake Failed, Certificate validation failed". Any ideas.
    Because your domain controller is not a trusted root CA.

    • Sunit