test

Sun Java System Application Server Standard and Enterprise Edition 7 2004Q2 Update 7 Release Notes

Administration Interface

When using Administration interface, make sure that the browser is configured to check for newer versions of pages from the server, instead of picking these from cache. Generally, default browser settings would not cause problems.

This section describes the known administration graphical user interface issues, and the associated solutions.

ID 

Summary 

4725473

External certificate nickname doesn’t display on the Admin Console Nickname list.

When you install an external certificate through the Application Server Administration interface, a problem is encountered when you attempt to enable SSL for the http-listener by using the certificate that is installed on the external cryptographic module. Although the installation of the certificate is successful, the certificate nickname does not display in the Administration interface. 

Solution

  1. Log in to the system where the Sun ONE Application Server software is installed as an Administrative User.

  2. Link the http-listener to the certificate installed on the external cryptographic module. Execute the asadmin command. For more information on the asadmin command, see the asadmin(1M) man page.

    /sun/appserver7/bin/asadmin create-ssl --user admin --password password --host host_name --port 8888 --type http-listener --certname nobody@apprealm:Server-Cert --instance server1 --ssl3enabled=true --ssl3tlsciphers +rsa_rc4_128_md5 http-listener-1

    This command establishes the link between the certificate and the server instance; it does not install the certificate (which was done using the Admin Console). Even though the certificate is linked with http-listener, the http-listener will be listening in non-SSL mode.

  3. Enable the http-listener to listen in SSL mode by using the following CLI command.

    /sun/appserver7/bin/asadmin set --user admin --password password --host host_name --port 8888 server1.http-listener.http-listener-1.securityEnabled=true

    This command switches the server instance listening state from non-SSL to SSL.

    After completing the preceding steps, the certificate is displayed in the Admin Console.

  4. You can now use the Admin Console to edit the http-listener as needed.

4760939

SSL: A self-signed certificate generated by certutil is not displayed on the Certificate Nickname list.

A self-signed certificate is generated by the certutil and Certificate Nickname is not displayed on the Admin Console. 

Solution

To use a self-signed certificate, you must manually edit the server.xml file.

4991824

Restart times out after SSL is enabled from the Admin Console.

Solution

Stop and start the server when SSL is enabled instead of doing a instance restart. 

4988332

“Apply Changes Required” icon appears even though no changes have been made.

In the Admin Console, when an Application Server instance’s properties or settings are viewed, the Apply Changes Required” icon appears even if no changes have been made to the settings. 

Solution

This message appears only once and does not make any changes to the Application Server. Select “Apply Changes” when you get this message. 

5011969

On Solaris x86, HTTP listener and IIOP listener pages in the Administration interface give errors.

Solution

The problem is caused by certain versions of jss3.jar. Two workarounds exist: 

For patch levels 115924-03, 115925-03, 115926-03, 115927-03, upgrade the SUNWjss package with a later version. 

Remove the path to jss3.jar from the server’s classpath as described here:

  1. Open server.xml for editing.

  2. Remove usr/share/lib/mps/secv1/jss3.jar from the classpath.

    This is the first entry in the classpath unless you have explicitly modified it.

  3. Save server.xml and run asadmin reconfig.

  4. Before starting your server instance, you also need to rename jss3.jar.