OnDemand User Group
Support Forums => MP Server => Topic started by: jsquizz on October 06, 2021, 09:00:31 AM
-
Hi All,
We are in the process of getting SSL Up and running, but it looks like we have an issue connecting from the library server to the object server when SSL is enabled.
When ODWEK Calls are made-
124002:47247019583232 10/06/2021 08:41:48:330624 ERROR (null)(0)(null):Server message msg timestamp=2021-10-06 08:41:48.325613 msg userid=ADMIN msg severity=2 msg num=142 msg text=ARS0142E Connection cannot be established for the >zlt12669< server Srvr->LibServer XXX.XXX.XXX.XXX non-SSL<- msg appl=N msg logid=869449959
124002:47247019583232 10/06/2021 08:41:48:330629 ERROR (null)(0)(null):ARSLOG message msg num=142
124002:47247019583232 10/06/2021 08:41:48:330875 ERROR (null)(0)(null):CONSOLE message msg num=142
124002:47247030097664 10/06/2021 08:41:48:333627 ERROR arssrvr.c(4798)ArcSERVP_ProcessRequest:Sending message to library server msg timestamp=2021-10-06 08:41:48.303407 msg userid=M09530 msg severity=2 msg num=142 msg text=ARS0142E Connection cannot be established for the >LIBSERV< server Srvr->LIBSERV<- msg appl=N msg logid=869449959
These are from the trace file, when I was trying to load/retrieve from the library server -> object server. The other way around (ARSDOC/ARSLOAD OBJ --FROM/INTO --> LIB) works fine.
79057:47879365379840 10/06/2021 10:43:56:122707 ERROR arsgskod.c(2828)ArcGSKOD_Connect:socket_init ssl_rc=420 ssl_str=GSK_ERROR_SOCKET_CLOSED
79057:47879365379840 10/06/2021 10:43:56:203928 ERROR arsgskod.c(2828)ArcGSKOD_Connect:socket_init ssl_rc=420 ssl_str=GSK_ERROR_SOCKET_CLOSED
79057:47879365379840 10/06/2021 10:43:56:290131 ERROR arsgskod.c(2828)ArcGSKOD_Connect:socket_init ssl_rc=420 ssl_str=GSK_ERROR_SOCKET_CLOSED
79057:47879365379840 10/06/2021 10:43:56:406313 ERROR arsgskod.c(2828)ArcGSKOD_Connect:socket_init ssl_rc=420 ssl_str=GSK_ERROR_SOCKET_CLOSED
Anyone have thoughts?
-
If you have separate library and object servers, then you will need unique SSL certificates for each - you can't re-use server certificate from one server to the other.
For troubleshooting IBM CMOD SSL (https://cmod.wiki/dox/CMODv8.5/UsingSSLwithCMOD.pdf), use openssl s_client with the -showcerts option - that will show you which certificates are being presented by each server.
-JD.
-
If you have separate library and object servers, then you will need unique SSL certificates for each - you can't re-use server certificate from one server to the other.
For troubleshooting IBM CMOD SSL (https://cmod.wiki/dox/CMODv8.5/UsingSSLwithCMOD.pdf), use openssl s_client with the -showcerts option - that will show you which certificates are being presented by each server.
-JD.
Here's the new issue haha-
78759:47665277347584 10/08/2021 08:59:31:101247 ERROR (null)(0)(null):Server message msg timestamp=2021-10-08 08:59:31.090354 msg userid=USERID msg severity=2 msg num=23 msg text=ARS0023E Object >195FAAA< in Application Group >AG< not found in cache, no other storage defined Srvr->server1.1.1.1 non-SSL<- msg appl=N msg logid=1540228370
78759:47665277347584 10/08/2021 08:59:31:101263 ERROR (null)(0)(null):ARSLOG message msg num=23
78759:47665277347584 10/08/2021 08:59:31:101572 ERROR (null)(0)(null):CONSOLE message msg num=23
78759:47665497184000 10/08/2021 08:59:31:104615 ERROR arscssm.c(3298)ArcCSSMP_Retrieve:Sending message to library server msg timestamp=2021-10-08 08:59:31.066932 msg userid=M09530 msg severity=2 msg num=23 msg text=ARS0023E Object >195FAAA< in Application Group >AG< not found in cache, no other storage defined Srvr->server<- msg appl=N msg logid=1540228370
-
Here's another strange issue. When we do the retrieval, it is trying to retrieve the document from the cache defined on the library server - /opt/app/cmod/ARSCACHE - is defined within ars.cache, defined as our cache only - library server storage.
The very last line of this error, is invalid. The document is physically located - and the application group is defined to our cache object server.
62572:47394759460608 10/14/2021 10:13:26:981056 INFO arssmcac.c(3645)ArcCACHE_Retrieve:Current state object=/opt/app/cmod/ARSCACHE/retr/BSA/DOC/4FAAA (ArcI32)errno=2
62572:47394759460608 10/14/2021 10:13:26:967014 FLOW arscssm.c(541)ArcCSSMP_DataProcessInit:Return arccs return code=0,ARCCS_OKAY
62572:47394759460608 10/14/2021 10:13:26:967025 FLOW arscssm.c(3671)ArcCSSMP_ObjectRetrieve:Enter
62572:47394759460608 10/14/2021 10:13:26:967030 FLOW arscssm.c(3420)ArcCSSMP_ProcessObjName:Enter
62572:47394759460608 10/14/2021 10:13:26:967036 FLOW arscssm.c(3439)ArcCSSMP_ProcessObjName:Return
62572:47394759460608 10/14/2021 10:13:26:967048 FLOW arscssm.c(3179)ArcCSSMP_Retrieve:Enter
62572:47394759460608 10/14/2021 10:13:26:967059 FLOW arssmcac.c(2752)ArcCACHE_Init:Enter
62572:47394759460608 10/14/2021 10:13:26:967072 INFO arssmcac.c(2798)ArcCACHE_Init:Current state startup->cacheNameList[i]=/opt/app/cmod/ARSCACHE
62572:47394759460608 10/14/2021 10:13:26:967079 INFO arssmcac.c(2809)ArcCACHE_Init:Current state (ArcI32)init->status=2
62572:47394759460608 10/14/2021 10:13:26:967085 FLOW arssmcac.c(2817)ArcCACHE_Init:Return rc=0
62572:47394759460608 10/14/2021 10:13:26:967101 FLOW arssmcac.c(3560)ArcCACHE_Retrieve:Enter
62572:47394759460608 10/14/2021 10:13:26:967145 FLOW arssmcac.c(137)ArcCACHEPri_AssembleName:Enter
62572:47394759460608 10/14/2021 10:13:26:967161 FLOW arssmcac.c(101)ArcCACHEPri_GetDocResStr:Enter
62572:47394759460608 10/14/2021 10:13:26:967167 FLOW arssmcac.c(112)ArcCACHEPri_GetDocResStr:Return
62572:47394759460608 10/14/2021 10:13:26:967176 INFO arssmcac.c(153)ArcCACHEPri_AssembleName:Current state assembledObjName=/BSA/DOC/4FAAA
62572:47394759460608 10/14/2021 10:13:26:967180 FLOW arssmcac.c(155)ArcCACHEPri_AssembleName:Return
62572:47394759460608 10/14/2021 10:13:26:981056 INFO arssmcac.c(3645)ArcCACHE_Retrieve:Current state object=/opt/app/cmod/ARSCACHE/retr/BSA/DOC/4FAAA (ArcI32)errno=2
-
Return Code 2 is "does not exist".
Can you ls -l the path and see what you get back?
-JD.