|Oracle® Collaboration Suite Security Guide
10g Release 1 (10.1.1)
Part Number B14489-02
This appendix provides solutions to some problems and errors that you may encounter with your Secure Sockets Layer (SSL) configuration on Oracle Collaboration Suite. This appendix contains the following sections:
This section lists the common errors that you might encounter when accessing OracleAS Portal using the SSL port.
WWC-41439 error when trying to access Portal using the 443 SSL port with URL:
/pls/portal. This is a known issue with the
ptlasst.sh script inserting SSL port 443 into ENABLER tables.
Update the tables manually.
For example, log on to SQL*Plus to the
SQL> SELECT LSNR_TOKEN,site_id FROM wwsec_enabler_config_info$; LSNR_TOKEN SIT E_ID xyz.us.oracle.com:7777 1324 xyz.us.oracle.com:443 1329 SQL> UPDATE wwsec_enabler_config_info$ SET LSNR_TOKEN = 'appstierhost.domain.com' WHERE site_id = 1329; SQL> commit;
You should now be able to log on to the Applications tier by using the following URL:
The OracleAS portlet could not be contacted. SSL Handshake Failed NZERROR=28858.
Note:You may encounter this error while attempting to access
$ORACLE_HOME/Webcache/logs/event_log on the Applications tier. Then, check the accuracy of the entry that you created in the
The OracleAS portlet could not be contacted. SSL Handshake Failed NZERROR=28874.
Note:You may still receive NZERROR=28874 while attempting to access
$$ORACLE_HOME/Webcache/logs/event_log on the Applications tier. This is a known issue with the
You can fix this by downloading and applying the patch specified in Metalink Note: 225502.1.
The address from which this authentication request was made does not match your IP address. Notify your administrator if you believe this message to be in error. (WWC-41452)
Note:You might encounter this error when attempting to log in to OracleAS Portal only.
You can disable the IP Check feature by running the following SQL commands:
sqlplus portal schema/portal password SQL>SELECT url_cookie_ip_check FROM wwsec_enabler_config_info$;
url_cookie_ip_check is set to N. Else, run the following commands:
SQL>UPDATE wwsec_enabler_config_info$ SET url_cookie_ip_check='N'; SQL>commit; SQL>exit
The style sheet was the only component on the OracleAS Portal page that could not be secured.
This style sheet issue is corrected by the 22.214.171.124.0 patch set.
Incorrect rendering while connecting to
The header link in the e-mail portlet will open the following URL:
The URL does not render properly. The first time you access the URL, it may display properly, but subsequent accesses will not display properly.
$ORACLE_HOME/j2ee/OC4J_UM/config/oc4j.properties file on the Applications tier. Set
oracle.mail.client.portlet.HTTPStowebmail=TRUE. Then, stop and restart the Applications tier by running the following commands:
opmnctl stopall opmnctl startall
This section lists the common errors that you might encounter when accessing Oracle Mail using the SSL port.
Traffic_cop, if you log in as
orcladmin or as an administrative user, then you can create new users in Oracle Mail. If the user is not already created in Oracle Internet Directory, then the Oracle WebMail client will prompt you to create the user first and will provide you a link to Oracle Internet Directory Delegated Administration Services. This link is incorrect.
Ensure that the URL for Delegated Administration Services is configured correctly. Clear the OracleAS Portal cache and Oracle Internet Directory cache, as follows:.
To clear the OracleAS Portal cache:
Shut down the Applications tier, as follows:
session directories in
$ORACLE_HOME/Apache/modplsql/cache on the Applications tier.
Restart the Applications tier, as follows:
To clear the Oracle Internet Directory cache:
Log in to OracleAS Portal as a portal user.
Click Builder, Admin, Global Settings, and then the SSO/OID tab.
Select Refresh Cache for Oracle Internet Directory parameters.
Browse buttons have OracleAS Single Sign-On warnings.
Refer to Solution 7.
This section lists the common errors that you might encounter when accessing Oracle Real-Time Collaboration using the SSL port.
The Oracle Real-Time Collaboration portlet does not work properly.
When you attempt to access a conference from the main portal site, you are directed to an HTTP error page that displays the message, "Page cannot be found".
This can be fixed by editing the
/j2ee/OC4J_UM/config/oc4j.properties file on the Applications tier. Change the
oracle.mail.Portlet.httpsToWebmail parameter to
TRUE to correct the problem. You may need to restart
This section lists the common errors that you might encounter when accessing Oracle Calendar using the SSL port.
Referencing the old OracleAS Single Sign-On site ID.
The Calendar issue may be corrected by changing the
httpd.conf file on the Applications tier. Comment out the
include line, as shown:
# General setup for the virtual host # include "appstier_install_path/.../Apache/Apache/conf/modosso_https.conf"