Novell Home

My Favorites

Close

Please to see your favorites.

iManager is inaccessible due to an SSL error

This document (7015206) is provided subject to the disclaimer at the end of this document.

Environment

eDirectory 8.8.7
eDirectory 8.8.8
iManager 2.7.7
Apache2
Novell Open Enterprise Server 11 SP2 (OES11SP2)
Novell Open Enterprise Server 11 SP1 (OES11SP1)

Situation

iManager is inaccessible due to an ssl error

All https traffic returns the following error:
SSL received a record that exceeded the maximum permissible length Error code: ssl_error_rx_record_too_long

Resolution

Ensure APACHE_SERVER_FLAG="  SSL" in the /etc/sysconfig/apache2.

Recreate the apache2 certificates.  Usually these certificates are good and the problem is with Apache configuration.  First rule out the eDirectory certs and certs on the file system. The certificate-recreation-script is an easy way to ensure the apache2 certificate along with the iPrint, and lum certs are updated.

/etc/ssl/servercerts/serverkey.pem
/etc/ssl/servercerts/servercert.pem
/etc/opt/novell/certs/SSCert.pem 
/etc/opt/novell/certs/SSCert.der 
/var/lib/novell-lum/x.x.x.x.der

Once these certificates are recreated and secure ldap is working move on to Apache2.
Look for files that have been modified recently (ll -tr /etc/apache2 or ll -trR /etc/apache2)

Files to look for are:
/etc/apache2/apache2.conf
/etc/apache2/default-server.conf
/etc/apache2/vhosts.d/vhost-ssl.conf
/etc/apache2/sysconfig.d/loadmodule.conf

Compare these files with a working version.

In this case the /etc/apache2/vhosts.d/vhost-ssl.conf and been renamed to /etc/apache2/vhosts.d/vhost-ssl.conf.bk
Renaming back to /etc/apache2/vhosts.d/vhost-ssl.conf and restarting apache2 (rcapache2 restart) resolved the issue.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7015206
  • Creation Date:16-JUN-14
  • Modified Date:16-JUN-14
    • NovellOpen Enterprise Server
      Open Workgroup Suite - Small Business Edition (NOWS SBE)
      PKIS (Certificate Server)
    • SUSESUSE Linux Enterprise Server
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback