Oracle® Fusion Middleware Troubleshooting Guide for Oracle Mobile Security Suite Release 3.0.1 Part Number E51929-03 |
|
|
PDF · Mobi · ePub |
This chapter describes troubleshooting tips for Oracle Mobile Security Access Server.
This chapter contains the following sections:
Ensure that Mobile Security Access Server certificate is in PEM format (base 64).
Ensure that Mobile Security Access Server certificate and certificate chain are not revoked.
If the Mobile Security Access Server certificate contains a Subject Alternate Name, ensure that the server certificate subject name is also in the Subject Alternate Name (SAN) attribute of the certificate.
Ensure that all Subject Names/Subject Alternative Names are resolved by DNS.
Ensure that certificate chain file is built with Issuing CA, followed by Intermediate CA(s) and then the Root CA in PEM format if there are multiple CAs in the chain.
Ensure that the mobile device is online/connected to the Internet.
Ensure that the Mobile Security Access Server is running. Depending on your configuration, the site may have up to three Windows services running:
OMSS
, if Mobile Security Access Server or Administrative Console are installed;
Oracle Application Server
, if Mobile Security Notification Server or File Manager are installed;
OMSS Database Service
, if Mobile Security Administrative Console with MySQL is installed.
Ensure that all necessary Mobile Security Access Server ports are open on the host firewall or other firewalls in the route from the mobile device to the Mobile Security Access Server.
Ensure that no other services are using the configured Mobile Security Access Server ports. The Oracle Mobile Security Suite Diagnostics Tool performs this task, but the following command lines can also be helpful.
Stop the OMSS Windows service.
Open command line and type:
netstat -a -n -o
to verify that nothing is listening on Mobile Security Access Server ports (defaults 80 and 443)
Start the OMSS Windows service.
Type:
netstat -a -n -o
to verify that Mobile Security Access Server is listening on ports (defaults 80, 443, and 7443)
Ensure that the applications behind Mobile Security Access Server are accessible from Mobile Security Access Server.
Ensure that Mobile Security Access Server can resolve in DNS the host names of the applications behind Mobile Security Access Server.
If the connection error occurs for only a single application behind Mobile Security Access Server, ensure that the application is running.
Ensure that the Mobile Security Administrative Console service account credentials match between the Mobile Security Access Server and the Mobile Security Administrative Console server.
Ensure that there are no systems in the network blocking proxy traffic (if a firewall or reverse proxy is configured).