Troubleshooting – Page 3 – Technical Notes

Did it happen to you that your lab WebSEAL instance suddenly stopped working? Everything seems to be up and running, but any regular request to port 444 results in “Internet Explorer cannot display the webpage”? Well, it happened to me several days ago. Testing the same URL in Google Chrome revealed the possible cause – “ERR_SSL_PROTOCOL_ERROR”. Additional test revealed that HTTP traffic on port 81 (which is typically not used) is served correctly.

I’ll save you from reading the frustrating troubleshooting details. The bottom line is simple – the self-signed SSL certificate supplied with IBM WebSEAL expired on August 27, 2011. This is the certificate that is used by default in many labs, including mine. The fix is really simple – if you know where to look and what to do. Continue reading “Fixing WebSEAL that suddenly stopped responding to HTTPS” →

Surprisingly, the best tool for troubleshooting NetScaler authentication process in not a log file, located somewhere in the depths of log directory. Instead, they have a named pipe “aaad.debug” in the /tmp directory. This is not a regular file, so you cannot download it or open in the editor. The correct way to work with named pipe will be to cat its “content” – either directly to the console or to some file.

root@...# cd /tmp
root@...# cat aaad.debug

The following great (and simple!) article in the Citrix KB explains it in-depth: “How to Troubleshoot Authentication with Aaad.debug”.

Category: Troubleshooting

Fixing WebSEAL that suddenly stopped responding to HTTPS

Troubleshooting NetScaler/AGEE Authentication