Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
iPrint 4 appliance
When accessing the iPrint management console, iPrint Printers Configuration fails with RPC Communication Error and printers cannot connect.
Details show -
com.novell.admin.common.server.rpc.beans.RpcException: com.google.gwt.user.server.rpc.UnexpectedException: Service method 'public abstract com.novell.admin.iprint.server.web.beans.MobilePrinterList com.novell.admin.iprint.client.services.IprintRpcService.getPrintersAndEmailSettingInfo() throws com.novell.admin.common.server.rpc.beans.RpcException' threw an unexpected exception: com.novell.admin.common.datamodel.beans.DataModelException: Failed : HTTP error code : 500 at com.novell.admin.common.server.rpc.utils.RpcUtils.doUnexpectedFailure(RpcUtils.java:28) at com.novell.admin.iprint.server.rpc.controllers.IprintRpcServiceImpl.doUnexpectedFailure(IprintRpcServiceImpl.java:124)
The SSL certificate assigned to the LDAP interface is expired.
Troubleshooting information can be obtained using the iPrint Information Gathering Tool.
Ensure the latest version is installed on the appliance with the command
zypper in -f supportutils-plugin-iprint
then run the commmand
iPrintInfo -b
This will create a file in the current directory called iPrintInfo-2.1.3-[year]-[month][day]-[hour][minute].txt
Scanning this file for errors, we see this in the /var/opt/novell/log/iprintmgmt/iprintman0.log
Dec 29, 2023 3:45:20 PM com.novell.service.iPrint.infrastructure.objectStore.LDAPObjectStore <init> WARNING: e.getMessage is : iprint4.sydnetiq.com:636 Dec 29, 2023 3:45:20 PM com.novell.service.iPrint.infrastructure.objectStore.LDAPObjectStore <init> WARNING: e.getCause is : java.net.ConnectException: Connection refused (Connection refused) Dec 29, 2023 3:45:20 PM com.novell.service.iPrint.infrastructure.objectStore.LDAPObjectStore <init> WARNING: e.getRootCause() is :java.net.ConnectException: Connection refused (Connection refused) Dec 29, 2023 3:45:20 PM com.novell.service.iPrint.infrastructure.objectStore.LDAPObjectStore <init> WARNING: EXCEPTION instance of java.net.SocketException javax.naming.CommunicationException: iprint4.sydnetiq.com:636 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]
and further along in the iPrintinfo log we can see that LDAP interface is using an eDirectory certfiicate
# (From localhost) LDAPTLS_CACERT=/etc/opt/novell/certs/SSCert.pem /opt/novell/eDirectory/bin/ldapsearch -v -H ldaps://localhost:636 -D CN=admin,O=iPrintAppliance -W "cn=UNIX Workstation - iprint4" ldap_initialize( ldaps://localhost:636/??base ) ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
It seems that the secure LDAP port is refusing connections
From Manager Printers (iManager) we can see the certificate assigned to the LDAP server interface
If we check "NotAfter" attribute of the certificate assigned to the LDAP interface, it is earlier than the current date.
The LDAP certificate can be renewed with the following command.
rcndsd restart;sh /opt/novell/iprintmobile/bin/certman.sh -t edir -r
The LDAP certificate will be renewed for a further two years and after restarting the appliance, LDAP connections should work normally and iPrint funcionality will be restored.
More detais on the iPrint Information Gathering Tool.
https://community.microfocus.com/img/iprint/w/tips/15144/iprint-information-gathering-tool
How to renew server certificates with iPrint Appliance 1.x, 2.x, 3.x, 4.x
https://support.microfocus.com/kb/doc.php?id=7016720