Maximo Open Forum

 Configuring SSL in Maximo

  • Everything Maximo
Mahadevan Ramakrishnan's profile image
Mahadevan Ramakrishnan posted 02-16-2024 04:26

Hi All,

We followed the steps to configure SSL in our lower environment, that is Virtual Machine. When we hit the Maximo IP using http, it is redirecting to the link using https but the port remains 9080 and doesnt change to secure port that is 9443.

Can you please let us know what change we need to effect to solve the issue.

Thank you

--------------------------------

Hi All,

This is in continuation to the thread on the SSL Configuration.We managed to set up the SSL on the lower environments,Virtual machines,Development and Test environments which are horizontal cluster setup.

We are facing issue doing the SSL configuration on each of the environments Dev and Test on one of the servers with the below error.

Can someone please let us know what could be done to solve the issue.

[Thu Feb 29 07:08:59.266396 2024] [ibm_ssl:crit] [pid 6856:tid 1464] SSL0104E: GSK could not initialize, Invalid password for keyfile.
[Thu Feb 29 07:08:59.266396 2024] [:emerg] [pid 6856:tid 1464] AH00020: Configuration Failed, exiting
[Thu Feb 29 07:08:59.299337 2024] [mpm_winnt:crit] [pid 7224:tid 720] AH00419: master_main: create child process failed. Exiting.

Biplab Choudhury's profile image
Biplab Choudhury posted 02-16-2024 08:52

This is very little information but my first guess is that IBM web server auto redirects is configured. Please follow below link for more details;

https://www.ibm.com/docs/en/b2b-integrator/5.2?topic=nsp-enable-auto-redirect-https

Another thing could be the problem faced in the below post, the person who posted the problem has shared his solution for the issue in the last comment:

https://moremaximo.com/communities/community-home/digestviewer/view-question?ContributedContentKey=7be2d2f5-a12d-44e1-a87e-c244e4b51efa&CommunityKey=784e8753-d7af-4281-8463-e86f3b5d7076

Also, I would review my steps from a good blog or document. Below post from Alex is a great resource for SSL configuration:

https://moremaximo.com/blogs/alex-walter1/2020/04/23/maximo-ssl-https-configuration?hlmlt=QT

Michael Marsonet's profile image
Michael Marsonet posted 02-20-2024 11:40

You will need to update your IBM HTTP Server (httpd.conf) file and define a redirect if you want a request from 9080 to be changed to 9443 in your scenario. Here is how you would configure the IBM HTTP Server for port 80 to 443 (standard HTTP and HTTPS ports) https://www.ibm.com/support/pages/rewriting-http-port-80-requests-https-port-443. 

Mike

Daxu Cao's profile image
Daxu Cao posted 02-20-2024 17:28

I think that could be something on WebSphere environment/virtual hosts setting, and applications/{applications, such as maximoui}/virtual hosts mapping setting. Those are two place I would suggest to start with. 9443 does not involve http server, so no need to troubleshoot from there. 

Michael Marsonet's profile image
Michael Marsonet posted 02-21-2024 08:29

Daxu, you are correct and forgot about that. I have mostly used/configuede the IBM HTTP Server to do the redirect and avoid using the JVM ports like 9080/9060.

Mahadevan, you could verify that Global Security is enabled as a few WAS technotes mention this as well that the Transport chains are defined for WC_defaulthost and WC_defaulthost_secure ports for the JVM match what you have defined in Virtual Hosts that is created and linked to the Maximo application you deployed.  Alternatively setup the IBM HTTPServer for port 80/443 and this will definitely work and might save you some time and headaches going forward.

Mike

Related Content