This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RetainStatsServer Unsupported or unrecognized SSL message

Have been trying to get the Reporting and Monitoring (R&M) Server running,  but have been running head long into this

retain.private.domain.com:48080/.../
SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG

and then this goes from being an 'as time permits' to more urgent when this appears to be blocking my ability to change the Notify To contacts (testing works, saving barfs)

where does the StatsConfiguration.cfg  file go if we can't use the browser option like I am hitting?

________________________

Andy of KonecnyConsulting.ca in Toronto
Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

  • 0  

    Is there a reason you are specifying port 48080?  I would expect the URL to look like https://retain.private.domain.com/RetainStatsServer.  When I use https://my.retain.lab.com:48080/RetainStatsServer/login.xhtml, I see the same issue.

  • 0  

    Doing some additional testing, when I click the link for Reporting or Monitoring, the URL is:

    http://my.retain.lab.com:48080/RetainStatsServer.......

    Are you saying that when you click the link, the URL is https://my.retain.lab.com:48080/RetainStatsServer.......

  • 0  

    Another observation.  The following URLs work in my lab:

    https://my.retain.lab.com/RetainStatsServer

    http://my.retain.lab.com:48080/RetainStatsServer

  • 0   in reply to   

    48080 because it defaulted to it for some reason.   That was in all three port fields of the R&M Connection page. 

    Tried the url without the port and could then finally upload the bootstrap. Restarted the tomcat service

    the bootstrap page still points to 48080 with the same results, and since uploading the bootstrap I get

    The page isn’t redirecting properly
    An error occurred during a connection to retain.private.domain.com.
        This problem can sometimes be caused by disabling or refusing to accept cookies.

    Perhaps one or both of the other two on the Connection page should change their ports as well.  What do you typically there?

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

  • Suggested Answer

    0   in reply to   

    By default, all three connections are set to http and port 48080.  According to the documentation:

    "IMPORTANT:  If your Retain system uses HTTPS, the web server must use a full TLS certificate chain signed by a trusted third-party Certificate Authority.

    The chain must include both server and intermediate certificates.

    Self-signed certificates do not work."

    However, in my lab, the Apache web server is SSL enabled with self-signed certs and it appears to work after going through the process of uploading the bootstrap file which shows:

    <serverURL>my.retain.lab.com:443/.../serverURL>
     <statServerURL>my.retain.lab.com:443/.../statServerURL>
     <browserURL>my.retain.lab.com:443/.../browserURL>

    Clicking on the Reporting or Monitoring link, works without an issue and the URL is:

    https://my.retain.lab.com:443/RetainStatsServer.......

    Let me know if this helps.

  • 0   in reply to   

    I think I had a similar issue some time ago but it was not a retain problem.

    In the background there is Apache! Please check configured Apache certs! In my case Apache certs were out of date ...


    Use "Verified Answers" if your problem/issue has been solved!

  • 0   in reply to   

    I can see how that would be a problem, so good to look,  but in the case they are the ones minted off of the current internal eDir CA

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

  • 0   in reply to   

    "IMPORTANT:  If your Retain system uses HTTPS, the web server must use a full TLS certificate chain signed by a trusted third-party Certificate Authority.

    The chain must include both server and intermediate certificates.

    Self-signed certificates do not work."

    Well, that makes life more challenging.  And adds cost.  For little benefit when we don't have the world at large trying to connect in.

    I am suspecting that the first install of R&M is just a little messed up. I see 3 different StatsConfiguration.cfg files in logical areas.   Even after a tomcat restart /full reboot, the configuration page reverts to 48080.   So clearly I need to reDownload the bootstrap and get it on the server into appropriate places.

    The three places I found them in:
    /opt/beginfinite/retain/RetainServer/WEB-INF/cfg
    /opt/beginfinite/retain/RetainStatsServer/WEB-INF/cfg
    /opt/beginfinite/retain/RetainStatsServer

    copy the BootStrap to all three and restart Tomcat?

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

  • Suggested Answer

    0   in reply to   

    The short answer is yes.  In my Retain environments (one running on Linux and one running on Windows) I only see the .cfg files in the RetainServer/WEB-INF/cfg directory and in the /retain/RetainStatsServer/WEB-INF/cfg directory.  My guess is having the file in the /retain/RetainStatsServer doesn't affect the configuration.  Something else that has changed is I am no longer able to access the Reporting and Monitoring pages using https.  I assume it is because I am using self-signed certificates.  I am not sure how or why it worked earlier.

  • 0   in reply to   

    This made some progress, solved one other issue, but still can't get into R&M, even on http

    either gets me to hostname/RetainStatsServer/login.xhtml

    The page isn’t redirecting properly
    An error occurred during a connection to retain.private.DigitalAirlines.com.
        This problem can sometimes be caused by disabling or refusing to accept cookies.

    Even going to other browsers that haven't seen Retain before.

    At least I could now update&save the main Server Configuration Notification To: without errors 

    I renamed the config in the root of RetainServer,

    and manually edited the other two to just have 443 on all three urls, as well as removing the LF/CRs that that were at the top of the BootStrap that made no sense to me. (those LF/CRs really clear with the text editor in Midnight Commander)

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.