Unable to access protected resources on Access Gateway Appliance after DNS name of master proxy is changed

  • 7010022
  • 18-Jan-2012
  • 23-May-2012


Novell Access Manager 3.2 Access Gateway Appliance


The following steps were configured with the Access Manager 3.2 single box solution.

1. Installed primary and secondary Access Manager Appliance boxes. 2. Access portal and confirmed that everything worked fine ie. users could authenticate and access resources 3. Shut down the primary appliance. 4. Change the master proxy DNS name and attach a valid new certificate having the new DNS name in the subject field of the certificate. 5. Create a new protected resource. 6. Try to access this new path based proxy.
When this happens, the browser will report an ESP error and include a java exception.


Whenever the administrator changes the master proxy configuration DNS name, a host entry should 
be added to all Access Gateway appliances in the configuration for resolution purposes.
The Embedded Service Provider (ESP) uses /etc/hosts entries for resolving the hostnames if it cannot resolve
the hostname via DNS. The changed proxy name needs to be there in hosts file which is not done automatically.