Environment
eDirectory 8.8.7
eDirectory 8.8.8
iManager 2.7.7
Apache2
Novell Open Enterprise Server 11 SP2 (OES11SP2)
Novell Open Enterprise Server 11 SP1 (OES11SP1)
Situation
iManager is inaccessible due to an ssl error
All https traffic returns the following error:
SSL received a record that exceeded the maximum permissible length Error code: ssl_error_rx_record_too_long
Resolution
Ensure APACHE_SERVER_FLAG=" SSL" in the /etc/sysconfig/apache2.
/etc/ssl/servercerts/serverkey.pem
/etc/ssl/servercerts/servercert.pem
/etc/opt/novell/certs/SSCert.pem
/etc/opt/novell/certs/SSCert.der
/var/lib/novell-lum/x.x.x.x.der
Once these certificates are recreated and secure ldap is working move on to Apache2.
Look for files that have been modified recently (ll -tr /etc/apache2 or ll -trR /etc/apache2)
Files to look for are:
/etc/apache2/apache2.conf
/etc/apache2/default-server.conf
/etc/apache2/vhosts.d/vhost-ssl.conf
/etc/apache2/sysconfig.d/loadmodule.conf
Compare these files with a working version.
In this case the /etc/apache2/vhosts.d/vhost-ssl.conf and been renamed to /etc/apache2/vhosts.d/vhost-ssl.conf.bk
Renaming back to /etc/apache2/vhosts.d/vhost-ssl.conf and restarting apache2 (rcapache2 restart) resolved the issue.
Additional Information
For OES2018
If the server has been upgraded from an earlier version to OES2018, a new folder, YaSTsave is created and the vhost-ssl.conf file is moved to that folder. Moving the vhost-ssl.conf file back to the vhosts.d folder and restart apache with the command:
systemctl restart apache2
This has been reported to engineering.