Hi guys,
I have an SSPR appliance which I have integrated with Access Manager but
I cannot access the service; I get the Access Manager server error
message. I have set this up with the SSPR service (3.3) and all was
working. I notice when I log into the MAG directly I cannot connect to
the SSPR appliance over SSL. So this is the problem I think. Using wget
I see this:

V00AGW00001D:~ # WGET --NO-CHECK-CERTIFICATE HTTPS://10.2.223.1:443
--2017-02-07 22:09:27-- HTTPS://10.2.223.1/
CONNECTING TO 10.2.223.1:443... CONNECTED.
UNABLE TO ESTABLISH SSL CONNECTION.

When I run openssl I get this:

V00AGW00001D:~ # OPENSSL S_CLIENT -SHOWCERTS -CONNECT 10.2.223.1:443
-DEBUG
CONNECTED(00000003)
WRITE TO 0X67D5B0 [0X693DA0] (139 BYTES => 139 (0X8B))
0000 - 80 89 01 03 01 00 60 00-00 00 20 00 00 39 00 00 ......`...
...9..
0010 - 38 00 00 35 00 00 88 00-00 87 00 00 84 00 00 16
8..5............
0020 - 00 00 13 00 00 0A 07 00-C0 00 00 33 00 00 32 00
............3..2.
0030 - 00 2F 00 00 45 00 00 44-00 00 41 03 00 80 00 00
../..E..D..A.....
0040 - 05 00 00 04 01 00 80 00-00 15 00 00 12 00 00 09
.................
0050 - 06 00 40 00 00 14 00 00-11 00 00 08 00 00 06 04
...@.............
0060 - 00 80 00 00 03 02 00 80-00 00 FF 8F 07 CC 70 16
...............P.
0070 - 59 0B 07 20 4E F4 01 20-61 C8 A0 FC D1 B7 96 6E Y.. N..
A......N
0080 - D3 E2 CE 8B D5 ED 5F 02-F5 04 41 ......_...A
READ FROM 0X67D5B0 [0X699300] (7 BYTES => 0 (0X0))
22875:ERROR:140790E5:SSL ROUTINES:SSL23_WRITE:SSL HANDSHAKE
FAILURE:S23_LIB.C:188:

I am running AM 4.0.1.

Any ideas? I can still access the old SSPR 3.3 from this server.

Regards
Steve Tennant


--
sttennant
------------------------------------------------------------------------
sttennant's Profile: https://forums.netiq.com/member.php?userid=389
View this thread: https://forums.netiq.com/showthread.php?t=57320