Topic: Weird sudden prob W/access to server-manager

[Craig Jensen]

Weird sudden prob W/access to server-manager.  I do not have reference to any one event that preceeded this as well, just hope maybe someone has seen it and recognizes what may be busted.

I CAN (from my local network) access server-manager withOUT https://  i.e. http://myserver/server-manager.  When I try to access the server-manager WITH httpS: I get two seperate admin login request windows, one for each side of the server manager. But, even with correct passwords BOTH times, the only viewable data is 1: Right wide "SME Server V5 and Welcome to the server manager" which is normal and 2:  Left side where my access links should be is only the mitel logo link...nothing else.

Look familiar?  I HOPe it does to someone.

Thank you much...I am learning

Craig Jensen

[Tyrone Miles]

Server manager should not be coming up when you use https (Because it is blocked from the internet and other networks you shouldn't need to use SSL so the server manager doesn't use it.)

Sounds like you are getting old info stored from your web browser. It seems to happen often if you are using windows exsploder. LOL!

But it really doesn't seem like you are having a problem.

[Bill Talcott]

Tyrone Miles wrote:
>
> Server manager should not be coming up when you use https
> (Because it is blocked from the internet and other networks
> you shouldn't need to use SSL so the server manager doesn't
> use it.)

I access the Server Manager ONLY using https. Even on the LAN, I'd rather have it encrypted. And it is accessable via SSL to internet addresses specified in the remote access panel as well.

> Sounds like you are getting old info stored from your web
> browser. It seems to happen often if you are using windows
> exsploder. LOL!

I agree, it could be a weird browser issue. Have you tried another browser? Have you rebooted the server to rebuild the templates?

[Charlie Brady]

Bill Talcott wrote:

> Have you rebooted the server to rebuild the
> templates?

No templates are rebuilt just by rebooting the server.

Charlie

[Craig Jensen]

Thanx much for the input.  Probably more of an asthetics thing than anything.  I can still access everything.  The latest 'issue' I was working on was getting my SARG Reports to showup in Server-Manager (I was getting a "forbidden" error), which I fixed by uninstalling the sarg packages and reinstalling in a different order...E-smith package, then Sarge package shich gave me the link back.  I do not know if something there caused this 'anomally'.  I just wanted to make sure it was not to cause a security issue.

Craig Jensen

[Craig Jensen]

Hey!  It has got something to do with the certificate I created recently.  When I open the Server-Manager in Netscape with https://  It told me that there was a problem with my certificate and asked if I wanted to continue anyway.  When chosing to continue, I then could view both frames correctly.

I will have to look at what to do with the certificates.

Thanks again

Craig Jensen

[Craig Jensen]

In Konquerer on my Linux box, it explained that my certificate is 'self-signed' and thus untrustworthy.

The certificate thing has been a question which I have been unsure of and thus I am off to search for more info.

Thanks all,

Craig Jensen

[Bill Talcott]

Craig Jensen wrote:
>
> Hey!  It has got something to do with the certificate I
> created recently.  When I open the Server-Manager in Netscape
> with https://  It told me that there was a problem with my
> certificate and asked if I wanted to continue anyway.  When
> chosing to continue, I then could view both frames correctly.
>
> I will have to look at what to do with the certificates.
>
> Thanks again
>
> Craig Jensen

Craig Jensen wrote:
>
> In Konquerer on my Linux box, it explained that my
> certificate is 'self-signed' and thus untrustworthy.
>
> The certificate thing has been a question which I have been
> unsure of and thus I am off to search for more info.
>
> Thanks all,
>
> Craig Jensen

I've run into two things with SME's SSL cert. The cert is for yourdomain.com. If you use www.yourdomain.com, it complains that the name doesn't match. Not a big deal, just hit OK or use "yourdomain.com".

The other is the self-signed issue. In IE, when you add the cert, choose to pick the location manually instead of letting it do it automatically. Instead of the default location, choose to put it in the Trusted Root Certification Authorities store. Basically you're manually telling it that it's a valid site cert then, since it doesn't have Verisign (or whoever) vouching for its validity. There's a way to do this for Netscape too (as I've done it in Mozilla), but I don't remember it off the top of my head.

I do also have a webpage that uses ActiveX to install the cert. The user just has to click Ok a couple times, instead of having to go through the whole wizard. I'll write up a HowTo for it if anyone's interested.

[Craig Jensen]

Thank you for the input Bill.  I have made a few modifications as per this info.

And I would deffinately be interested in the "ActiveX to install the cert" how-to

Craig.

[Bill Talcott]

This should suffice until I get a real HowTo done...

http://pkidev.internet2.edu/rootcerts/

I just visited the secure site with IE and accepted the cert, exported it from the Internet Options Control Panel in Base-64 format, and cut and pasted my exported cert code into the HTML that site provides. It works great on IE (it uses an ActiveX control to do it). The user just has to click Yes twice and it says it was successfully installed.

In Mozilla, you can just go to the exported .crt file and check the right boxes before hitting OK...