ap2webup terminates - failed to get a socket for port 443

Hi there

I'm having a problem connecting to the web interface of 1 of my
servers.

The server had it's IP address changed along with all the other servers
in the tree and i'm unable to connect to the server by typing its
name/IP into internet explorer and I can no longer use IManager - All
other processes seem normal.

Initally I noticed that the SSL Certficates were missing from C1 so I
tried to recreate these using PKIDIAG. I soon realised that the CA was
missing (presume due to ip changes) but I wasn't sure what the CA was so
I created a new one and made ZIGG2 the host server. After doing this I
was able to recreate the certifcates using PKIDIAG.

I've run PKIDIAG on all servers in the tree and no errors are
reported.

I then ran TCKEYGEN on ZIGG2 and rerun TOMCAT before trying to load
AP2WEBUP

Every time I run AP2WEBUP I received the message - "<NLM has
terminated; press any key to close screen.>"

After reviewing \\zigg2\sys\apache2\logs.. I get the error - "[Thu Mar
29 13:52:21 2012] [crit] (10043)Unknown error: make_secure_socket:
failed to get a socket for port 443
Configuration Failed"

I also get the error - "[Thu Mar 29 12:15:20 2012] [crit]
(10043)Unknown error: make_secure_socket: failed to get a socket for
address 20.1.2.2 port 2200
Configuration Failed"  within \\zigg2\sys\apache2\logs\error.log

I've checked TCPCON and ports 80 443 2200 2201 are all free.

I have also checked and by remming SecureListen 443 "SSL
CertificateDNS" within \\zigg2\sys\apache2\conf\httpd.conf I am able to
view the servers homepage but unable to connect to Imanager.

If I add listen 443 to the above config then I can view the site using
port 443 but not SSL so that proves the port is free.

I've gone through \\zigg2\sys\apache2\conf\httpd.conf and i've noticed
that the old IP address is mentioned several times so I've updated this
but this has made no difference.
I've also gone through \\zigg2\sys\adminsrv\conf\adminserv.conf and
done the same thing but to no avail.

SDIDIAG also comes back OK

I'm 100% sure the problem is certificate related but I'm not sure what
the fix is.

i've followed 'Cool Solutions: Troubleshooting Certificate Server
Problems' (http://www.novell.com/coolsolutions/tip/5910.html) and can
confirm that I cannot connect to http://zigg2:8008

Any advice on what I can do to resolve this would be much appreciated

P.S all other servers in the TREE are OK and they have all had IP
address changed as well.

Thanks

Robbie


-- 
robbiecookie101
------------------------------------------------------------------------



0
robbiecookie101
3/29/2012 1:36:02 PM
novell.netware.6x.admin-tools 11680 articles. 0 followers. Follow

7 Replies
401 Views

Similar Articles

[PageSpeed] 36

Robbiecookie101,
> After reviewing \\zigg2\sys\apache2\logs.. I get the error - "[Thu Mar
> 29 13:52:21 2012] [crit] (10043)Unknown error: make_secure_socket:
> failed to get a socket for port 443
> Configuration Failed"

Something has grabbed port 443, one likely culprit is httpstk. Try 
unloading it and retry.

-- 
Anders Gustafsson  (NKP)
  The Aaland Islands (N60 E20)

Have an idea for a product enhancement? Please visit:
http://www.novell.com/rms

0
Anders
3/29/2012 3:03:07 PM
Hi Anders

I've tried that (I had to unload ipmcfg, nfap4nrm & nirman first) and
then unloaded httpstk (both portal and httpstk unloaded) and reran
ap2webup. Again the NLM terminated with the same error ([Fri Mar 30
09:17:59 2012] [crit] (10043)Unknown error: make_secure_socket: failed
to get a socket for port 443
Configuration Failed)

On the server console I noticed after running ap2webup with HTTPSTK
unloaded I have the following messages
'SERVER-5.70-151: Unable to find load file HTTPCLOSEPORT'
??? Unknown command ???
Loading Module APACHE2.NLM
Auto-Loading Module APRLIB.NLM

Do you know why I'm getting the HTTPCLOSEPORT and unknown command
errors?

I also notice

'HTTPSTK: Error 10038 enabling SSL services - SSL Disabled in the
logger screen' - any ideas what's causing this?


-- 
robbiecookie101
------------------------------------------------------------------------
robbiecookie101's Profile: http://forums.novell.com/member.php?userid=94678
View this thread: http://forums.novell.com/showthread.php?t=454064

0
robbiecookie101
3/30/2012 8:46:02 AM
Robbiecookie101,
> 'SERVER-5.70-151: Unable to find load file HTTPCLOSEPORT'
> ??? Unknown command ???
> Loading Module APACHE2.NLM
> Auto-Loading Module APRLIB.NLM

There is something wrong in your autoexec. Please post the relevant 
parts.

Also try renaming SSL CertificateDNS and SSL CertificateIP and rerunn 
PKIDIAG in fixing mode to recreate them.

-- 
Anders Gustafsson  (NKP)
  The Aaland Islands (N60 E20)

Have an idea for a product enhancement? Please visit:
http://www.novell.com/rms

0
Anders
3/30/2012 12:57:08 PM
Hi Anders

Here is my autoexec.ncf

SET Daylight Savings Time Offset = 1:00:00
SET Start Of Daylight Savings Time  = (MARCH SUNDAY LAST  2:00:00 AM)
SET End Of Daylight Savings Time = (OCTOBER SUNDAY LAST  2:00:00 AM)
SET Time Zone = GMT0BST
SET BINDERY
CONTEXT=O=NDF_SA;OU=SYSTEMS.OU=INTERNAL.O=NDF_SA;OU=TESTING.OU=INTERNAL.O=NDF_SA

# Note: The Time zone information mentioned above
# should always precede the SERVER name.
SEARCH ADD SYS:\JAVA\BIN
SEARCH ADD SYS:\JAVA\NWGFX\BIN
SEARCH ADD SYS:\JAVA\NJCLV2\BIN
SEARCH ADD SYS:\NI\UPDATE\BIN
# WARNING!!
FILE SERVER NAME ZIGG2
# WARNING!!
# If you change the name of this server, you must update
# the server name in all the licenses that are assigned
# to it using iManager.
######## Start Drivers/Protocols ########
SERVERID 70387B2
load conlog MAXIMUM=100
; Network driver LOADs and BINDs are initiated via
; INITSYS.NCF. The actual LOAD and BIND commands
; are contained in INITSYS.NCF and NETINFO.CFG.
; These files are in SYS:ETC.
sys:etc\initsys.ncf
#LOAD IPXRTR
#LOAD E1000E.LAN SLOT=2 FRAME=ETHERNET_802.2  NAME=E1000E_1_E82
#BIND IPX E1000E_1_E82 NET=71466C67
#LOAD IPXRTRNM
#LOAD TCPIP
#LOAD E1000E.LAN SLOT=2 FRAME=ETHERNET_II  NAME=E1000E_1_EII
#BIND IP E1000E_1_EII addr=20.1.2.15 mask=255.255.0.0
######## End Drivers/Protocols ########
MOUNT ALL
IPMINIT.NCF

SYS:\SYSTEM\NMA\NMA5.NCF
BSTART.NCF
#LOAD PORTAL.NLM
LOAD NDSIMON.NLM
LOAD NICISDI.XLM
LOAD SASDFM.XLM
# -- Added by AFP Install --
AFPSTRT.NCF
# -- End of AFP Install --
# -- Added by CIFS Install --
CIFSSTRT.NCF
# -- End of CIFS Install --
SYS:/BIN/UNIXENV.NCF
LOAD PKI.NLM
LOAD NLDAP.NLM
# Loading Posix Semantic Agent
PSA
# -- Added by Scripting Install --
SCRIPT.NCF
SEARCH ADD SYS:\APACHE2
AP2WEBUP
#Apache2 is now the admin server
ADMSRVUP
# tc4admin begin
SEARCH ADD SYS:/tomcat/4/bin
tcadmup.ncf
# tc4admin end
# tomcat4 begin
sys:/tomcat/4/bin/tomcat4.ncf
# tomcat4 end
# tomcat5 begin
SEARCH ADD SYS:/tomcat/5.0/bin
sys:/tomcat/5.0/bin/tomcat5.ncf
# tomcat5 end
# Storage Management Services components required for Backup
SMSSTART.NCF
#---Added By Native File Access For Unix---
nfsstart
#---Added By Native File Access For Unix END---
LOAD EMBOX.NLM
openwbem.ncf
#RCONAG6.NLM is required by RConsoleJ
#LOAD SPXS
#LOAD RCONAG6 <Your Password Here> 2034 16800 2036
?STARTX


I can also confirm that I've tried renaming the SSL certificates and
PKIDIAG created new ones successfully but I still cannot load AP2WEBUP

Thanks for your help

Robbie


-- 
robbiecookie101
------------------------------------------------------------------------
robbiecookie101's Profile: http://forums.novell.com/member.php?userid=94678
View this thread: http://forums.novell.com/showthread.php?t=454064

0
robbiecookie101
3/30/2012 3:06:02 PM
OK. Am I blind, since I cannot find any references to httpcloseport? ;) 
Nor httpstk?

I have a vague memory that I have  run into something similar before, 
but it was a long time since. IIRC had it something to do with 
mismatched NICI modules. But

Try:
SecureListen 192.168.0.1:443 "SSL CertificateIP"

Where you substitute your servers address. Does it change things?

-- 
Anders Gustafsson  (NKP)
  The Aaland Islands (N60 E20)

Have an idea for a product enhancement? Please visit:
http://www.novell.com/rms

0
Anders
3/30/2012 5:08:34 PM
Hi Anders

It's working!

I found another thread that mentions adding

'load nile.nlm'
'load httpstk.nlm /SSL /KEYFILE:"SSL CertficateIP"
'load portal'

into the autoexec underneath where it loads IPMINIT.NCF

There must be a problem with loading some of these nlm's in the wrong
order.

Thanks very much for your help and for anybody else who has a similar
problem here is my complete autoexec after everything works

thanks

Robbie





SET Daylight Savings Time Offset = 1:00:00
SET Start Of Daylight Savings Time  = (MARCH SUNDAY LAST  2:00:00 AM)
SET End Of Daylight Savings Time = (OCTOBER SUNDAY LAST  2:00:00 AM)
SET Time Zone = GMT0BST
SET BINDERY
CONTEXT=O=NDF_SA;OU=SYSTEMS.OU=INTERNAL.O=NDF_SA;OU=TESTING.OU=INTERNAL.O=NDF_SA

# Note: The Time zone information mentioned above
# should always precede the SERVER name.
SEARCH ADD SYS:\JAVA\BIN
SEARCH ADD SYS:\JAVA\NWGFX\BIN
SEARCH ADD SYS:\JAVA\NJCLV2\BIN
SEARCH ADD SYS:\NI\UPDATE\BIN
# WARNING!!
FILE SERVER NAME ZIGG2
# WARNING!!
# If you change the name of this server, you must update
# the server name in all the licenses that are assigned
# to it using iManager.
######## Start Drivers/Protocols ########
SERVERID 70387B2
load conlog MAXIMUM=100
; Network driver LOADs and BINDs are initiated via
; INITSYS.NCF. The actual LOAD and BIND commands
; are contained in INITSYS.NCF and NETINFO.CFG.
; These files are in SYS:ETC.
sys:etc\initsys.ncf
#LOAD IPXRTR
#LOAD E1000E.LAN SLOT=2 FRAME=ETHERNET_802.2  NAME=E1000E_1_E82
#BIND IPX E1000E_1_E82 NET=71466C67
#LOAD IPXRTRNM
#LOAD TCPIP
#LOAD E1000E.LAN SLOT=2 FRAME=ETHERNET_II  NAME=E1000E_1_EII
#BIND IP E1000E_1_EII addr=20.1.2.15 mask=255.255.0.0
######## End Drivers/Protocols ########
MOUNT ALL
IPMINIT.NCF
load nile.nlm
load httpstk.nlm /ssl /keyfile:"SSL CertificateIP"
load portal

SYS:\SYSTEM\NMA\NMA5.NCF
BSTART.NCF
#LOAD PORTAL.NLM
LOAD NDSIMON.NLM
LOAD NICISDI.XLM
LOAD SASDFM.XLM
# -- Added by AFP Install --
AFPSTRT.NCF
# -- End of AFP Install --
# -- Added by CIFS Install --
CIFSSTRT.NCF
# -- End of CIFS Install --
SYS:/BIN/UNIXENV.NCF
LOAD PKI.NLM
LOAD NLDAP.NLM
# Loading Posix Semantic Agent
PSA
# -- Added by Scripting Install --
SCRIPT.NCF
SEARCH ADD SYS:\APACHE2
AP2WEBUP
#Apache2 is now the admin server
ADMSRVUP
# tc4admin begin
SEARCH ADD SYS:/tomcat/4/bin
tcadmup.ncf
# tc4admin end
# tomcat4 begin
sys:/tomcat/4/bin/tomcat4.ncf
# tomcat4 end
# tomcat5 begin
SEARCH ADD SYS:/tomcat/5.0/bin
sys:/tomcat/5.0/bin/tomcat5.ncf
# tomcat5 end
# Storage Management Services components required for Backup
SMSSTART.NCF
#---Added By Native File Access For Unix---
nfsstart
#---Added By Native File Access For Unix END---
LOAD EMBOX.NLM
openwbem.ncf
#RCONAG6.NLM is required by RConsoleJ
#LOAD SPXS
#LOAD RCONAG6 <Your Password Here> 2034 16800 2036
?STARTX


-- 
robbiecookie101
------------------------------------------------------------------------
robbiecookie101's Profile: http://forums.novell.com/member.php?userid=94678
View this thread: http://forums.novell.com/showthread.php?t=454064

0
robbiecookie101
4/2/2012 10:06:02 AM
Robbiecookie101,
> There must be a problem with loading some of these nlm's in the wrong
> order.

Working from memory, I guess the likely culprit is NILE.NLM. It must be 
loaded for SSL to work.

The problem here is that Apache will spit out the same error for a 
number of conditions, ie:

- Address already taken
- Certs expired
- Missing SSL NLMs
- NILE not loaded

-- 
Anders Gustafsson  (NKP)
  The Aaland Islands (N60 E20)

Have an idea for a product enhancement? Please visit:
http://www.novell.com/rms

0
Anders
4/2/2012 10:20:06 AM
Reply:

Similar Artilces:

Netware 6x Benchmarking Tools
Hello, I am currently evaluating a couple of servers, running Netware 6.5. Does anyone know of a good bencmarking tool I could use to test these servers (preferably free!) Many thanks Andy Stokoe Manchester Metropolitan University UK Netbench? http://www.etestinglabs.com/benchmarks/netbench/default.asp -- Marcel Cox http://support.novell.com/forums/ ...

Netware Admin Tools Not Accessible/Installed
I installed OES Linux with Netware and then used the migration tool to migrate a Netware 4.11 server to the new server. Everything has migrated fine (all the users are there, the NDS tree is intact) but the administration tools on the OES server are not functioning. For example, 1) "http://localhost" does not pull up a page, 2) ConsoleOne runs but the option under tools to pull up the "remote console" for this Netware server is not evern there. The bottom line is at this point after reading through the documentation I can find no way to gain access to the Netware ...

Tools, Tools, Tools
</quot> Couple useful things for IT admins out there. I've packaged up Werner and Feder's PoC scanner via py2exe here. You can now simply run: </end_quot> http://www.doxpara.com/ -- "Never drive faster than your ANGEL can fly" ...

version 11.0.3.3 where to get admin tools
using isql select @version return ------------------------------------ SQL Server/11.0.3.3/P/PC Intel/Windows NT 3.5/SWR 8163 Rollup/OPT/Wed Nov 18 1998 12:58:26.22 ------------------------------------------------------- Server has no grafic admin tool, 2 applications in production and all maintance done from application . Where to get admin tools for this version ? How administrate server from remote computer? Thank you Alex ...

Can't get WebAccess on win2003 IIS to use port 443
We installed the WebAcess 6.5 application on a Windows 2003 server running IIS6. Installation went fine following all the TID's. We can login under port 80, however we would like to use port 443 instead. We are not able to get the server to accept or display the default.html page on port 443. Anyone have any suggestions. Thanks Ron Hansen wrote: > Anyone have any suggestions. Well, SSL in this scenario is completely a function of IIS, not WebAccess. WebAccess doesn't know or care that the web server serving-up its pages are enctyped or not. That sai...

Port 443 and Port 80 Apache
Hi, My site runs on port 443 but I still want people to be able to access it if they type http:// instead of http*s*:// To that end I have been trying to redirect all http requests to http*s* using this rewrite rule Code: -------------------- RewriteEngine On RewriteCond %{SERVER_PORT} ^443$ RewriteRule ^.*$ https://%{SERVER_NAME}[L,R] -------------------- However, it doesn't actually change the url to http*s*://. It loads the page using the DocumentRoot of the https connection but it doesn't change the URL. Any ideas? /Jlar -- eeijlar ...

GW Webaccess on Port 80 and port 443
--____LPHMXLZMXOMRLFKSEJCW____ Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Is it possible to have GroupWise Webaccess setup to listen on both port 80 = and port 443 on the same server at the same time? If so, is there = anything special that needs to be done for this to happen? Thanks Andrew --____LPHMXLZMXOMRLFKSEJCW____ Content-Type: multipart/related; boundary="____WHPEPQYSAQXEHDGESJXG____" --____WHPEPQYSAQXEHDGESJXG____ Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: quoted-printable ...

Does Provisioning admin user get admin rights
Hi, I have assigned user as provisioning admin in User app and using that user i am invoking the workflow from soap UI and creating a user in the eDir,when i check the user creatorName attribute in eDir, it shows as cn=admin,o=services. Does provisioning admin user had admin rights, i want that the users creatorName attribute to be the provisioning admin user with which i am invoking the work flow. how can i do this? Thanks. -- syadav_31 ------------------------------------------------------------------------ On 09/27/2010 02:06 PM, syadav 31 wrote: > > Hi,...

Netware Admin and SLES 9 admin rights
Hi, How can I check or assign admin rights to Netware admin account on SLES 9 OS. I am running OES Linux and when creating NSS volumes through iManager (logged in as the Netware administrator) I receive the error message 'CIO error, permission denied". Thank you. Zavi, > Hi, > > How can I check or assign admin rights to Netware admin account on SLES 9 > OS. Just as you normally do within NetWare using C1 or iManager, check that your admin is a trustee of root with all rights assigned. > I am running OES Linux and when creating NSS volumes thro...

Web Apps
I am having problems with a new install of OES for Netware. I had a crashed server (6.0 sp5), I deleted the files out of DS per a "crashed" server TID. When I fixed the server (New Hard drives); I installed netware OES from scratch. When I point my browswer to http://Ip of server/ I get a page cannot be found. I can access https://IP:2200; it brings up a login screen then once I login, I get the new Welcome page with all the correct info on it. Most of the links will not open. I can also get to http://IP:8008/ which brings up the remote manager login. I've loo...

POST GET GET GET GET... WTH?
Hi, I'm at a loss to explain this... I have an ASPX page that I can't always navigate to. When I developed the app (it's Starter Kit Portal-based), I did it on my LAN and have had no trouble accessing the page. However, upon deployment, I see the following behavior: 1. POST request goes out looking for MyForm.aspx 2. GET request for MyForm.aspx 3. GET request for MyForm.aspx 4. ... X. GET request Sometimes, the page finally loads. Other times, it just ends up blank. Many times, it doesn't load at ALL the first POST - I just get a "The pa...

Netware Admin
Im running xp and i have the netware client software installed for my college class. I copied the win32 file from my class server to use netware admin32 and when i double click on it the logo for the admin pops up and just hangs there. The mouse shows like its still loading and the processes show the cpu working at a max rate. Any help would be great so that i can do my assignments from home instead of the lab. Thanks! Do you have a NetWare server to connect to? -- Barry Schnur Novell Support Connection Volunteer Sysop ...

where is the admin tool?
Where is the admin tool for the IBuySpy application? I can't find it Thanks :) If you mean the IBS Store/Commerce application, try this URL :) : Store AdminRegardsAndre Colbiornsen ---------------------------------Seventh DayRåbygatan 1A,SE-223 61 LundSwedenMob.: +46-(0)708-97 78 79Mail: info@seventhday.se-------------------------------- If you are trying to access the admin tab for the IBS Portal application, read the first pinned post in this forum entitled Read this after first installing the portal. Jared LivingstonMrLivingston.com - Livingston Family WebsiteTest/Demo site - m...

443 port?
When I login to userapp, I use the 8080 port. Is posible use the 443 port? -- > It is appallingly obvious that our technology exceeds our > humanity.Albert Einstein:cool: ------------------------------------------------------------------------ On 05/13/2010 12:06 PM, antonio gracia wrote: > > When I login to userapp, I use the 8080 port. > Is posible use the 443 port? > > Yes, there was a thread earlier on configuring the User Application for SSL, see "UserApp enabling SSL" that is the steps you will need to follow. In additio...

Admin tool.
Has anybody developed/seen an ASPNET (IBuySpy) web form that retrieves the existing records from the Products table and allows modifying the values inside those records? Joey...

Web resources about - ap2webup terminates - failed to get a socket for port 443 - novell.netware.6x.admin-tools

Terminate and stay resident program - Wikipedia, the free encyclopedia
... DOS operating systems' limitation of executing only one program, or task , at a time. TSR is unique to DOS and not used in Windows. Some terminate ...

Facebook Terminates Its Conversion Tracking Tool for Performance Ads
Facebook has concluded the private beta of its conversion tracking tool for performance ads. A small set of advertisers had a chance to try the ...

CEC14 / Assess, Test or Terminate: What Future for Climate Engineering Research? - YouTube
Climate Engineering Conference 2014 Panel discussion looking forward to the next decade of climate engineering research. Featuring Andy Parker ...

Ice-cold Klitschko wants to 'dominate, terminate' Leapai
Ultra-confident world champion Wladimir Klitschko has vowed to 'dominate and terminate' Alex Leapai in Oberhausen on Saturday as the Australian ...

Calvary Hospital patients set to pay more after Medibank terminates contract
Thousands of ACT patients face the prospect of having to pay more for hospital care after Australia&rsquo;s largest health insurer ended its ...

FFA terminates Newcastle Jets' licence after Nathan Tinkler places club into voluntary administration ...
A senior delegation from Football Federation Australia will begin the process of rebuilding Newcastle Jets after the game's governing body ended ...

Calvary Hospital patients set to pay more after Medibank terminates contract
Thousands of ACT patients face the prospect of having to pay more for hospital care after Australia&rsquo;s largest health insurer ended its ...


Knights terminate Zane Tetevano
Zane Tetevano has had his contract terminated by the Newcastle Knights due to disciplinary reasons, effective immediately.

FFA terminates Newcastle Jets’ licence
The Jets are gone, but FFA reiterates commitment to football in Newcastle.

Resources last updated: 12/15/2015 11:50:16 AM