IBM Support

How To Disable TLS for the ADMIN4 Application Server

Troubleshooting


Problem

This document discusses how to manually disable TLS configuration and enable HTTP-only communications for the ADMIN4 Application Server. Follow this process if an administrator used the Enable TLS wizard to secure the ADMIN4 application server, resulting in authentication failures for the ADMIN and ADMINx servers.

Symptom

Accessing ports 2001 through 2020 result in authentication failures and Internal Server Error.

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error is available in the server error log.

Cause

An administrator ran the Enable TLS wizard in HTTP Web Administration to secure the ADMIN4 server. Do not Enable TLS for the ADMIN4 server.

Environment

IBM i OS

Diagnosing The Problem

Authenticating ADMIN functions fails with Internal Server Error.

Resolving The Problem

IBM recommends manually disabling the TLS configuration for the ADMIN4 application server, then ending and starting the ADMIN server. Follow these instructions to make the changes.
 
1) Make a backup of the file /QIBM/UserData/OS/AdminInst/admin4/wlp/usr/servers/admin4/resources/security/admin-cust.xml in the IFS in a safe location.
2)
Manually edit the ADMIN4 configuration file, so the file contains:
************Beginning of data**************
<server>
<httpEndpoint id="defaultHttpEndpoint" host="*" httpPort="2008"/>
</server>
************End of Data********************
There are no blank lines in this file.
 
3)
Restart the ADMIN Server.

ENDTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)

WRKACTJOB SBS(QHTTPSVR)
Wait for all of the ADMIN jobs to end.

STRTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)

Wait for all of the ADMIN server jobs to start and CPU utilization goes down to 0%. Use the following command to view the job status:

WRKACTJOB SBS(QHTTPSVR)
 

Operating System

System i:All operating systems listed

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z0000000CISAA2","label":"Digital Certificate Manager"},{"code":"a8m0z0000000CIcAAM","label":"IBM i Administration Server"}],"ARM Case Number":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions"}]

Document Information

Modified date:
02 March 2023

UID

ibm16959637

Page Feedback