Environment
NetIQ Access Manager 3.2
NetIQ Access Manager 3.2.1
NetIQ Access Manager 3.2.1IR1a
NetIQ Access Manager Gateway Appliance
NetIQ Access Manager 3.2.1
NetIQ Access Manager 3.2.1IR1a
NetIQ Access Manager Gateway Appliance
Situation
- SSLVPN server has been installed in combination with the Access Gateway Appliance
- SSLVPN server Servlet does not start
- The "/var/opt/novell/nam/logs/sslvpn/tomcat/catalina.out" returns:
"The keystore keystoreFile="/opt/novell/devman/jcc/certs/nam/nam.keystore"
defined in "/opt/novell/nam/sslvpn/conf/server.xml does not exist."
Resolution
- stop your SSLVPN server
- backup your existing "/opt/novell/nam/sslvpn/conf/server.xml"
- edit the "/opt/novell/nam/sslvpn/conf/server.xml" and change the connector in order to disble SSL
<Connector NIDP_Name="connector" address="A.B.C.D" port="3080"maxThreads="200" minSpareThreads="5" enableLookups="false" acceptCount="100"scheme="http" secure="false" disableUploadTimeout="true" URIEncoding="utf-8" clientAuth="false"SSLEnabled="false">
</Connector> - start you sslvpn service
- check the "/var/opt/novell/nam/logs/sslvpn/tomcat/catalina.out"
- The SSLVPN servlet servlet should listen now on port 3080 without SSL
(use netstat -patune | grep :3080 to confirm)
Cause
- The server.xml which has been generated using the installation process is corrupt
- This issue has been addressed to engineering