Novell is now a part of Micro Focus

iChain 2.0 Field Patch 2

Novell Cool Solutions: Tip

Digg This - Slashdot This

Posted: 17 Dec 2001

Version: iChain 2.0

This file contains updates for services contained in the iChain 2.0 product. The purpose of the patch is to provide a bundle of fixes for issues that have surfaced since iChain 2.0 shipped. It is not recommended to install individual files from the patch. This build is currently PARTNER release and subject to change. Novell Technical Support recommends checking the version number on the final (PUBLIC) build to verify that no files have changed.

Associated File

Click this filename to download: ic20fp2.exe; 4520857 bytes

Installation Instructions

IC20FP2.EXE will extract into three files:, iChain20_fp2.txt and iChain20fp2.txt. is the OTWUG (Over The Wire Upgrade).
iChain20_fp2.txt is the installation file for the OTWUG.
iChain20fp2.txt is the readme for the patch.


  1. Copy & iChain20_fp2.txt to a directory on a Web Server that can be accessed by the iChain appliance and a workstation that will run the iChain Appliance Configuration GUI.
  2. Modify the URL line in the iChain20_fp2.txt file so that it contains the appropriate path/URL to the file. For example, if the zip file was placed at the default/root directory of a Web Server with the IP address then change url=http://*** location ***/ to url=
  3. In the Appliance Configuration GUI under System | Upgrade | Install from URL, put in the matching URL to the .txt file. Using the example above: NOTE: Point to the .txt installation file, not the .zip file.
  4. Check the "Enable download" and "Enable install" boxes.
  5. Specify times to begin the download and install.
  6. Click on "Apply"

Fixes in this patch

  1. Unable to tunnel ICA client
  2. The \ETC\TCPIP.CFG file may have duplicate IP addresses.
  3. DGI: ACLCheck error 85 when using large group
  4. http://username:password@destination gets transposed by rewriter
  5. Added ability to turn on advanced Mutual Authentication troubleshooting error messages. Requires the following entry in the PROXY.CFG file:
    [Mutual Authentication]
    SendErrorPageWhenMutualFails=1 (Default=0)
    Note: After modifing the PROXY.CFG file restart the server to read the new configuration.

Fixes in IC20FP1.EXE (included in this patch)

  1. With 10 clients running, adding an IP and "APPLY" caused an abend
  2. User cannot authenticate with certificate if his cert is the end node in a three-tier chain
  3. NILE is not sending all the certificates in the certifiate chain.
  4. NILE allows users to authenticate that failed the certificate validation.
  5. Cert. authentication error handling.
  6. SessionBroker failover too slow.
  7. Abend in the custom rewriter.
  8. In some cases Ldap failover for OLAC does not work.
  9. Need to remove use of JSSE.JAR for France version of Proxy Server.
  10. IChain doesn't reboot after OTWUG.
  11. Abend in server.c with 'connect' call on port 80.
  12. Problem using multiple authentication schemes, LDAP: CN and EMAIL auth in same session.
  13. CPU hog when using new rewriter option.
  14. L4 switch breaking cookie authentication.
  15. Auth failures when going thru transparent proxy and L4 switch.
  16. Persistent connection problems in the 2.0.191 build of FP1.

For more information see TID: 2960921

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

© Copyright Micro Focus or one of its affiliates