MarkDissington Outstanding Contributor.
Outstanding Contributor.
596 views

SOAP Error 9505 - webaccess trying to use SSL when disabled

OK, this is wierd, very similar to this thread: https://forums.novell.com/showthread.php/505500-unable-to-login-soap-error-9505?highlight=negotiateLoginRequest

But we're not using SSL at all anywhere in Groupwise other than fronting the web frontend to Webaccess and Mobility, it's disabled on every page.

Everything installed on a single fully patched SLES11SP4, OES2015SP1 server

All groupwise components @ 14.2.3-129832

Everything was working fine until 10:54 this morning, no changes have been made, configuration files have not changed. Then we start getting the below errors on various logins, after a restart the first login sometime works and doesn't try to use https, but subsequent logins do.

12:56:44, <SOAP>, -, INFO, USER, Login
12:56:44, <SOAP>, -, INFO, USER, poaList: poa 0=https://IP:7191/soap
12:56:44, <SOAP>, -, INFO, USER, Exception invoking negotiateLoginRequest: HTTP transport error: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
12:56:44, <SOAP>, -, INFO, USER, Unable to connect to the POA @ https://IP:7191/soap
12:56:44, <SOAP>, -, INFO, USER, Unrecognized SSL message, plaintext connection?


Where on earth is it picking up that it needs to use https from? I can't find anything in any configuration file saying to use it. The only mention of SSL in webacc.cfg is about KeyShieldSSO.

If I try and wget the soap address over https it responds with exactly what I expect:

--2019-03-01 13:34:50--  https://IP:7191/soap
Connecting to IP:7191... connected.
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Unable to establish SSL connection.


So why has it suddenly decided to start trying to use https?

I've checked the server certs as per the other post, and they're all fine and valid (self signed and we don't use them anyway).

Completely stumped as to why it would suddenly start trying to use ssl, have no idea how it detects to use it or not.

Mark.
Labels (1)
Tags (4)
0 Likes
5 Replies
Micro Focus Expert
Micro Focus Expert

Re: SOAP Error 9505 - webaccess trying to use SSL when disab

Hi Mark,

Edit your webacc.cfg file and add the following for each of your SOAP providers (POAs)

Provider.SOAP.1.SSL=false

Save and restart WebAccess.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
MarkDissington Outstanding Contributor.
Outstanding Contributor.

Re: SOAP Error 9505 - webaccess trying to use SSL when disab

Hi Laura,

You're a genius. Added that option and restarting webaccess seems to have done the trick. I have absolutely no idea why it started trying to do it randomly, but at least it observes to instruction to knock it off!

Thanks,
Mark
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: SOAP Error 9505 - webaccess trying to use SSL when disab

Hi Mark,

It's a pleasure to assist you 🙂

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
MarkDissington Outstanding Contributor.
Outstanding Contributor.

Re: SOAP Error 9505 - webaccess trying to use SSL when disab

Spoke too soon 😞

Same thing happened again yesterday, even with the new setting in place. I'm suspecting some kind of hideous webaccess/java memory leak. As we have had quite a few people switch across to using webaccess recently as their primary client and leave it sitting there polling all day. May have to move it to a separate server that I can easily restart when required.

Mark.
0 Likes
MarkDissington Outstanding Contributor.
Outstanding Contributor.

Re: SOAP Error 9505 - webaccess trying to use SSL when disab

Definitely looks like Java is consuming all the RAM, server has 20GB and runs single POA and all services for just over 30 users:

ps -e -o pid,vsz,comm= | sort -n -k 2

3240 282468 gwavaman
5818 408460 gwia
5773 423580 gwmta
3276 435032 gwava
3357 491824 gwvstats
5698 740772 gwpoa
4192 855848 ndsd
32130 1279256 java
5626 7138828 java


First column is the PID, 2nd is the virtual memory size.

PID 32130 is IBM jre 1.7.1 running all of this:
/usr/lib64/jvm/jre-1.7.1-ibm/bin/java -Djava.library.path=/opt/novell/eDirectory/lib64:/var/opt/novell/tomcat6/lib:/usr/lib64 -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false -classpath /usr/share/java/log4j.jar:/var/opt/novell/iManager/nps/packages/wbem.jar:/opt/novell/eDirectory/lib/jclient.jar:/usr/share/java/ldap.jar:/usr/share/java/ant.jar:/usr/share/java/activation.jar:/var/opt/novell/tomcat6/bin/bootstrap.jar:/var/opt/novell/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/var/opt/novell/tomcat6 -Dcatalina.home=/var/opt/novell/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/opt/novell/tomcat6/temp -Djava.util.logging.config.file=/var/opt/novell/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start

and PID 5626 is GroupWise's admin console! Why, oh why, write the god**** thing in java! 7GB+ RAM for a god**** admin console!
/opt/novell/groupwise/admin/jre/bin/java -Dpidfile=/var/run/novell/groupwise/java.pid -Dlog4j.configuration=file:////opt/novell/groupwise/admin/gwadmin-logging.xml -DLOGPATH=/var/log/novell/groupwise/gwadmin -jar /opt/novell/groupwise/admin/gwadmin.jar -auto

The server was restarted on the 1st, and webaccess was restarted an hour or so ago, and is slowly growing again.

Mark.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.