First, always backup your certificate database on a regular basis in case unrecoverable problems occur. If you have problems with SSL, here are some things to consider:
SSL requires the Calendar Server cshttpd process to be running. To determine if cshttpd is running, use this command:
# ps -ef | grep cshttpd
To list the certificates in the certificate database and checking their validity dates, use this command:
# ./certutil -L -d /var/opt/SUNWics5/alias
Check the Calendar Server log files for any SSL errors. For more information see Using Calendar Server Log Files.
Connect to the SSL port using a browser and the following URL:
https://server-name:ssl-port-number
where:
server-name is the name of the server where Calendar Server is running.
ssl-port-number is the SSL port number as specified by the service.http.ssl.port parameter in the ics.conf file. The default is 443.
HTTP and HTTPS listen on different ports (443 for SSL, and 80 for HTTP), so you will never have both listening to the same port. Currently, there is no way to tell cshttpd to stop listening to the regular HTTP port. However, an administrator can change the service.http.port to an undisclosed number.
Do not set service.http.enable ="no" in an attempt to prevent cshttpd from listening to HTTP. Doing so would cause HTTPS to fail also. Both service.http.enable and service.http.ssl.port.enable must be set to "yes" for SSL to be configured properly.