DLm Console certificate install fails, unable to restart apache
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
DLm Console Certificate update
Note: This KB has been reviewed and is now Obsolete.
Please Do NOT use this resolution on any of the Disk Library Products mentioned. The resolution removes needed Security checking for the DLm .
We are marking this copy OBSOLETE, because older hardcopies may be available, or CE's may remember this incorrect resolution.
During the upgrade of a DLm Console site certificate, How to update DLm site certificates the installation of the certificate fails attempting to restart the apache web server:
This condition renders the DLm Console inaccessible, even from the VTE desktop.
vte2:/tmp/csr # rcapache2 restart
httpd2-prefork: Could not reliably determine the server's fully qualified domain name, using 192.168.100.20 for ServerName
Syntax OK
Shutting down httpd2 (waiting for all children to terminate) done
Starting httpd2 (prefork) httpd2-prefork: Could not reliably determine the server's fully qualified domain name, using 192.168.100.20 for ServerName
startproc: exit status of parent of /usr/sbin/httpd2-prefork: 1
failed
Note: This KB has been reviewed and is now Obsolete.
Please Do NOT use this resolution on any of the Disk Library Products mentioned. The resolution removes needed Security checking for the DLm .
We are marking this copy OBSOLETE, because older hardcopies may be available, or CE's may remember this incorrect resolution.
During the upgrade of a DLm Console site certificate, How to update DLm site certificates the installation of the certificate fails attempting to restart the apache web server:
This condition renders the DLm Console inaccessible, even from the VTE desktop.
vte2:/tmp/csr # rcapache2 restart
httpd2-prefork: Could not reliably determine the server's fully qualified domain name, using 192.168.100.20 for ServerName
Syntax OK
Shutting down httpd2 (waiting for all children to terminate) done
Starting httpd2 (prefork) httpd2-prefork: Could not reliably determine the server's fully qualified domain name, using 192.168.100.20 for ServerName
startproc: exit status of parent of /usr/sbin/httpd2-prefork: 1
failed
From the /var/log/apache2/error_log
[Wed Sep 13 14:39:45 2017] [error] Unable to verify certificate 'DLmServerCert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.
[Wed Sep 13 14:39:45 2017] [error] Unable to verify certificate 'DLmServerCert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.
[Wed Sep 13 14:39:45 2017] [error] SSL Library Error: -8179 Certificate is signed by an unknown issuer
[Wed Sep 13 14:39:45 2017] [error] Unable to verify certificate 'DLmServerCert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.
[Wed Sep 13 14:39:45 2017] [error] SSL Library Error: -8179 Certificate is signed by an unknown issuer
[Wed Sep 13 14:39:45 2017] [error] Unable to verify certificate 'DLmServerCert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.
[Wed Sep 13 14:39:46 2017] [error] SSL Library Error: -8179 Certificate is signed by an unknown issuer
[Wed Sep 13 14:39:46 2017] [error] SSL Library Error: -8179 Certificate is signed by an unknown issuer
[Wed Sep 13 14:39:46 2017] [error] SSL Library Error: -8179 Certificate is signed by an unknown issuer
[Wed Sep 13 14:39:46 2017] [error] Unable to verify certificate 'DLmServerCert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.
[Wed Sep 13 14:39:46 2017] [error] Unable to verify certificate 'DLmServerCert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.
[Wed Sep 13 14:39:46 2017] [error] Unable to verify certificate 'DLmServerCert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.Cause
A self signed certificate was installed on the DLm, exposing a problem with the DLm Certificate install process.
Resolution
THIS ARTICLE IS OBSOLETE!
Please Do NOT use this resolution on any of the Disk Library Products mentioned. The resolution removes needed Security checking for the DLm .
We are marking this copy OBSOLETE, because older hardcopies may be available, or CE's may remember this incorrect resolution.
Please Do NOT use this resolution on any of the Disk Library Products mentioned. The resolution removes needed Security checking for the DLm .
We are marking this copy OBSOLETE, because older hardcopies may be available, or CE's may remember this incorrect resolution.
Affected Products
Disk Library for mainframe DLm2100Products
Disk Library for mainframe, Disk Library for mainframe DLm2100, Disk Library for mainframe DLm8100Article Properties
Article Number: 000050140
Article Type: Solution
Last Modified: 30 May 2024
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.