Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
###netstorageError-iMan.jpg###
/var/opt/novell/tomcat5/logs/catalina.out
2013-07-29 14:08:48,498 [main] INFO org.apache.jk.common.ChannelSocket - JK: ajp13 listening on /0.0.0.0:9009
2013-07-29 14:08:49,887 [main] INFO org.apache.jk.server.JkMain - Jk running ID=0 time=0/1540 config=null
2013-07-29 14:08:49,933 [main] INFO org.apache.catalina.startup.Catalina - Server startup in 25066 ms
input to ShellCommand: rpm -q oes-release
Novell JClient 1.6.1402-1.6.1402. Copyright 1999 Novell Inc. All Rights Reserved.
count -->0
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
at com.ibm.jsse2.n.a(n.java:3)
at com.ibm.jsse2.jc.a(jc.java:501)
at com.ibm.jsse2.db.a(db.java:144)
at com.ibm.jsse2.db.a(db.java:416)
at com.ibm.jsse2.eb.a(eb.java:89)
at com.ibm.jsse2.eb.a(eb.java:291)
at com.ibm.jsse2.db.m(db.java:192)
at com.ibm.jsse2.db.a(db.java:79)
at com.ibm.jsse2.jc.a(jc.java:184)
at com.ibm.jsse2.jc.g(jc.java:257)
at com.ibm.jsse2.jc.a(jc.java:361)
at com.ibm.jsse2.jc.startHandshake(jc.java:304)
at com.ibm.net.ssl.www2.protocol.https.b.afterConnect(b.java:125)
at com.ibm.net.ssl.www2.protocol.https.c.connect(c.java:28)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:959)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
at com.ibm.net.ssl.www2.protocol.https.a.getResponseCode(a.java:47)
at com.novell.emframe.netstorage.NetStorage.authenticate(NetStorage.java:1777)
at com.novell.emframe.netstorage.NetStorage.getXML(NetStorage.java:1664)
at com.novell.emframe.netstorage.NetStorage.getXML(NetStorage.java:1646)
at com.novell.emframe.netstorage.NetStorage.getAuthDomainsMainPageData(NetStorage.java:385)
at com.novell.emframe.netstorage.NetStorage.execute(NetStorage.java:196)
at com.novell.emframe.dev.Task.execute(Task.java:505)
at com.novell.nps.gadgetManager.BaseGadgetInstance.processRequest(BaseGadgetInstance.java:858)
at com.novell.nps.gadgetManager.GadgetManager.delegateToGadget(GadgetManager.java:4253)
at com.novell.nps.gadgetManager.LaunchService.onDelegateAction(LaunchService.java:86)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at com.novell.nps.gadgetManager.BaseGadgetInstance.handleAction(BaseGadgetInstance.java:2371)
at com.novell.nps.gadgetManager.GadgetManager.processInstanceRequest(GadgetManager.java:1606)
at com.novell.nps.gadgetManager.GadgetManager.processServiceRequest(GadgetManager.java:1062)
at com.novell.nps.PortalServlet.handleFrameService(PortalServlet.java:505)
at com.novell.nps.PortalServlet.processRequest(PortalServlet.java:373)
at com.novell.nps.PortalServlet.doPost(PortalServlet.java:279)
at com.novell.nps.PortalServlet.doGet(PortalServlet.java:262)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at com.novell.emframe.fw.servlet.AuthenticatorServlet.service(AuthenticatorServlet.java:332)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:775)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:704)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:897)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:811)
Caused by: com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
at com.ibm.jsse2.util.f.b(f.java:49)
at com.ibm.jsse2.util.f.b(f.java:16)
at com.ibm.jsse2.util.e.a(e.java:2)
at com.ibm.jsse2.yb.checkServerTrusted(yb.java:46)
at com.ibm.jsse2.hb.checkServerTrusted(hb.java:22)
at com.ibm.jsse2.eb.a(eb.java:8)
... 51 more
Caused by: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
at com.ibm.security.cert.PKIXCertPathBuilderImpl.engineBuild(PKIXCertPathBuilderImpl.java:249)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:215)
at com.ibm.jsse2.util.f.b(f.java:82)
... 56 more
Caused by: java.security.cert.CertPathValidatorException: The certificate issued by OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
at com.ibm.security.cert.BasicChecker.<init>(BasicChecker.java:111)
at com.ibm.security.cert.PKIXCertPathValidatorImpl.engineValidate(PKIXCertPathValidatorImpl.java:176)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.myValidator(PKIXCertPathBuilderImpl.java:474)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.buildCertPath(PKIXCertPathBuilderImpl.java:386)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.buildCertPath(PKIXCertPathBuilderImpl.java:332)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.buildCertPath(PKIXCertPathBuilderImpl.java:332)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.engineBuild(PKIXCertPathBuilderImpl.java:195)
... 58 more
Caused by: java.security.cert.CertPathValidatorException: Certificate chaining error
at com.ibm.security.cert.CertPathUtil.findIssuer(CertPathUtil.java:298)
at com.ibm.security.cert.BasicChecker.<init>(BasicChecker.java:108)
... 64 more
java.lang.NullPointerException
at com.novell.emframe.netstorage.NetStorage.getXML(NetStorage.java:1667)
at com.novell.emframe.netstorage.NetStorage.getXML(NetStorage.java:1646)
at com.novell.emframe.netstorage.NetStorage.getAuthDomainsMainPageData(NetStorage.java:385)
at com.novell.emframe.netstorage.NetStorage.execute(NetStorage.java:196)
at com.novell.emframe.dev.Task.execute(Task.java:505)
at com.novell.nps.gadgetManager.BaseGadgetInstance.processRequest(BaseGadgetInstance.java:858)
at com.novell.nps.gadgetManager.GadgetManager.delegateToGadget(GadgetManager.java:4253)
at com.novell.nps.gadgetManager.LaunchService.onDelegateAction(LaunchService.java:86)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at com.novell.nps.gadgetManager.BaseGadgetInstance.handleAction(BaseGadgetInstance.java:2371)
at com.novell.nps.gadgetManager.GadgetManager.processInstanceRequest(GadgetManager.java:1606)
at com.novell.nps.gadgetManager.GadgetManager.processServiceRequest(GadgetManager.java:1062)
at com.novell.nps.PortalServlet.handleFrameService(PortalServlet.java:505)
at com.novell.nps.PortalServlet.processRequest(PortalServlet.java:373)
at com.novell.nps.PortalServlet.doPost(PortalServlet.java:279)
at com.novell.nps.PortalServlet.doGet(PortalServlet.java:262)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at com.novell.emframe.fw.servlet.AuthenticatorServlet.service(AuthenticatorServlet.java:332)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:775)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:704)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:897)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:811)
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
echo $JAVA_HOME
/usr/lib/jvm/java
/usr/lib/jvm/java/jre/lib/security/cacerts
keytool -list -v -keystore cacerts -keypass changeit | less
java.net.SocketException: Default SSL context init failed: IBMKeyManager: Problem accessing key store java.io.IOException: Keystore was tampered
with, or password was incorrect
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:8)
/var/opt/novell/tomcat5/conf
java.io.IOException: Server returned HTTP response code: 401 for URL: https://myserver.mydomain.com/oneNet/nsadmin?label=[authdomains]
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1196)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
at com.ibm.net.ssl.www2.protocol.https.a.getResponseCode(a.java:47)
at com.novell.emframe.netstorage.NetStorage.authenticate(NetStorage.java:1836)
at com.novell.emframe.netstorage.NetStorage.getXML(NetStorage.java:1664)
at com.novell.emframe.netstorage.NetStorage.getXML(NetStorage.java:1646)
at com.novell.emframe.netstorage.NetStorage.getAuthDomainsMainPageData(NetStorage.java:385)
at com.novell.emframe.netstorage.NetStorage.execute(NetStorage.java:196)
at com.novell.emframe.dev.Task.execute(Task.java:505)
at com.novell.nps.gadgetManager.BaseGadgetInstance.processRequest(BaseGadgetInstance.java:858)
at com.novell.nps.gadgetManager.GadgetManager.delegateToGadget(GadgetManager.java:4253)
at com.novell.nps.gadgetManager.LaunchService.onDelegateAction(LaunchService.java:86)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at com.novell.nps.gadgetManager.BaseGadgetInstance.handleAction(BaseGadgetInstance.java:2371)
at com.novell.nps.gadgetManager.GadgetManager.processInstanceRequest(GadgetManager.java:1606)
at com.novell.nps.gadgetManager.GadgetManager.processServiceRequest(GadgetManager.java:1062)
at com.novell.nps.PortalServlet.handleFrameService(PortalServlet.java:505)
at com.novell.nps.PortalServlet.processRequest(PortalServlet.java:373)
at com.novell.nps.PortalServlet.doPost(PortalServlet.java:279)
at com.novell.nps.PortalServlet.doGet(PortalServlet.java:262)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at com.novell.emframe.fw.servlet.AuthenticatorServlet.service(AuthenticatorServlet.java:332)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:775)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:704)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:897)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:811)
/opt/novell/netstorage/webapp/admin.xsl
cd /opt/novell/xtier/bin
./regedit
cd /local_machine/Software/Novell/XTier/Configuration/XSrv/Authentication Domains
ls
NOTE: the ls command should return an entry that has either the IP address or DNS Name of the authentication server, this will be referred to as <IP or DNS> in the next command
cd <IP or DNS>
ls
LD_LIBRARY_PATH=/opt/novell/xtier/lib
/opt/novell/xtier/bin/xsrvcfg -D \-n admin.novell -p adminpass -d auth.server.novell.com -c o=novell
admin.novell with the tree admin user
adminpass with the password for the tree admin user
auth.server.novell.com with the IP address or DNS name of the authentication server
o=novell with the context for context-less authentication
/opt/novell/xtier/bin/xsrvcfg -D \-n admin.mydomain.com -p MyP@ssw0rd -d myserver.mydomain.com -c dc=com
rcnovell-xsrvd stop
rcnovell-xregd stop
rcnovell-xregd start
rcnovell-xsrvd start
rcapache2 restart
rcnovell-tomcat6 restart (or tomcat5 if older iManager)
myserver:/usr/lib/jvm/java/jre/lib/security # /opt/novell/xtier/bin/xsrvcfg -D \-n admin.mydomain.com -p password -d myserver.mydomain.com -c dc=com
Debug: Server GUID exists. Do nothing.
Setting ProxyUserName
Setting ProxyUserPassword
Clearing AuthenticationDomain
Setting AuthenticationDomain to myserver.mydomain.com
Setting AuthenticationContext[priority] to dc=com