IBM BS029ML Self Help Guide - Page 148
ESSL configuration not working, Step 1: Review runtime logs
![]() |
View all IBM BS029ML manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 148 highlights
A lot of PAC related problems are due to the settings in the PAC cache settings. People should understand that the cache settings in a production environment is very different from those in a development environment. In a development or test environment, things are more dynamic and changing. Thus, you should set caches to be smaller and the lifetime to be shorter to see an effect. Once in production, all permission settings are tested and fixed, and should not be changed frequently. Thus, you would want to take advantage of the caches to improve the runtime's performance. When trying to debug any problem of a PAC configuration, it is desirable to generate an XMLaccess export on the release domain (using exportRelease.xml). This XML file will show all the access control configurations of portal resources. When enabling traces for PAC, be cautious, as an enormous amount of data is generated in a very short time. The user activities should be kept to the absolute minimum. If you know more specific information you want to trace, you can certainly narrow the scope of the trace. For example, the following trace string: com.ibm.wps.ac.impl.PACGroupManagementServiceImpl will only collect information about the group management cache within PAC. SSL configuration not working It is important to know how to back out of the configurations you made in case SSL is not working. Thus, always document the steps carefully. When configuring SSL, make sure you are very clear that in the handshake about which party is the client and which is the server. A network diagram should be drawn to show the components involved. We recommend configuring Portal without SSL first. This reduces the complexity of the configuration. Step 1: Review runtime logs The errors or exceptions to be searched are most likely related to the SSL handshake. The example log entries given in Example 4-23 and Table 4-6 on page 135. Example 4-23 SSLHandshakeException: example 1 [8/13/07 23:28:45:406 EDT] 00000042 ManagerAdmin E com.ibm.wps.logging.ManagerAdmin initVars EJPFD0055E: Unable to access traceService MBean. com.ibm.websphere.management.exception.ConnectorException: ADMC0053E: The system cannot create a SOAP connector to connect to host localhost at port 10033 with SOAP connector security enabled. ... Caused by: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted; targetException=java.lang.IllegalArgumentException: Error opening socket: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted] ... Caused by: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted; targetException=java.lang.IllegalArgumentException: Error opening socket: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted] 134 IBM WebSphere Portal V6 Self Help Guide
![](/manual_guide/products/ibm-bs029ml-self-help-guide-6d3dd71/148.png)