Webaccess not working after install GroupWise 18 Connection Refused

  • Document ID:7022540
  • Creation Date:11-Jan-2018
  • Modified Date:03-Jan-2020
    • Micro Focus Products:
      GroupWise

Environment

SUSE Linux Enterprise Server 12 

SUSE Linux Enterprise Server 11

Situation

Connection Refused when user tries to access the service
Webaccess 18 requires apache to be configured with SSL
Apache is not configured with SSL by default
An SSL certificate and key file are required.  Self Signed or commerctial certificates will work but must be obtained and be available.

Resolution

Update:  This was only a problem with early versions of 18.x webaccess.  Later versions 18.1 and beyond used a configured version of apache to avoid the problem.

Follow the steps below to generate Self signed certificates or substitute 3rd party certificates where appropriate

SLES11 SSL

1.      Create a self-signed cert using SLES11’s script

1.      cd /usr/share/doc/packages/apache2

2.      ./mkcert.sh make --no-print-directory /usr/bin/openssl /usr/sbin/custom

3.      Enter information when pertinent and use defaults for settings

2.      The above script should place the certs in the appropriate directories /etc/apache2/ssl.crt or ssl.key

3.      Enable SSL with following commands:

1.      a2enmod ssl

2.      a2enflag SSL (take note of capitalization)

4.      Create a vhost-ssl.conf file from the vhost-ssl.template file in /etc/apache2/vhosts.d/

1. cd /etc/apache2/vhosts.d

2. cp vhost-ssl.template vhost-ssl.conf

 3. Edit the new vhost-ssl.conf  file and change/verify the directory paths for the crt and key files

5.      Check Firewall

1.      Make sure if the firewall is active that the port 443 and 80 is open

 

SLES12 SSL

1.      Create a Self-Signed my cert using OpenSSL

1.      sudo openssl req -new > new.cert.csr

2.      follow prompts

3.      sudo openssl rsa -in privkey.pem -out new.cert.key

4.      sudo openssl x509 -in new.cert.csr -out new.cert.cert -req  -signkey new.cert.key -days 365

2.      Move the .crt and .key file to the appropriate locations

1.      sudo cp new.cert.cert /etc/apache2/ssl.crt/server.crt

2.      sudo cp new.cert.key /etc/apache2/ssl.key/server.key

3.      Enable SSL with following commands:

1.      a2enmod ssl

2.      a2enflag SSL (take note of capitalization)

4.      Create a vhost-ssl.conf file from the vhost-ssl.template file in /etc/apache2/vhosts.d/

1. cd /etc/apache2/vhosts.d

2. cp vhost-ssl.template vhost-ssl.conf

 3. Edit the new vhost-ssl.conf  file and change/verify the directory paths for the crt and key files.

Finally, make sure if the firewall is active that the port 443 and 80 is open

 Restart apache and tomcat and webaccess should now work as expected.


 

 

Helpful Links:

  https://www.suse.com/documentation/sles-12/book_sle_admin/data/sec_apache2_ssl.html#

  https://www.suse.com/documentation/sles11/book_sle_admin/data/sec_apache2_ssl.html#

Cause

GroupWise 18 has tightened security so SSL is now required for Webaccess