It's all about the answers!

Ask a question

Setting up Reverse Proxy Server - not seeing errors, but unable to connect to application servers


Karen Steele (1.2k1131117) | asked Jan 18, 6:46 a.m.
Have been using a combination of these document to setup / create IHS plugins for Liberty on a distributed environment

Both documents do basically the same but one has more details than the other.

I have done this on another installation and its working just fine, but we did use the self extracting "trial" ihs serve version
In the install I have right now I've installed IBM HTTP server from IM

The installation is configured and HTTPServer is running and I can from the proxy server get the http logo using http and https with the port address, servername and its fqdn.  However, when I attempt to get to an applicaiton server I first get a browser certificate error (from firefox) which I accept the risk - then it returns the URL cannot be found on this server.

From a regular browser login, I can also get to the proxy without issues - but again when I expand the proxy server parametet to include an applicaiton server it again fails as above.

I've compared to the other install and everything is pretty much identical the exception being one was trial IHS the other is IM installed. 

Any ideas ?  I raised a PMR but they only provide support for full blow WAS install with IHS - where we don't have full blow WAS


Comments
Ralph Schoon commented Jan 18, 7:53 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

WAS Liberty is a supported application server. It is even the default. 

Liberty supports enterprise deployments and those always have a reverse proxy.

https://jazz.net/wiki/bin/view/Deployment/StandardTopologiesOverview shows reverse proxies everywhere. I find it unlikely that there is no supported configuration for Was Liberty. 

1. Ask why your configuration would not be supported. 
2. Ask for what is supported with WAS Liberty.

The error description is not helping. There are logs in the IHS as well as in the application servers and Jazz applications. Look at these. Get the certificate fixed or use Firefox if in doubt with the certificates. Chrome seems to get tighter and tighter.


Karen Steele commented Jan 18, 8:51 a.m. | edited Jan 18, 8:57 a.m.
That is part of the problem, there is nothing in the logs to show an errors - I am using firefox and get the initial certificate error, used advanced and accept it but then the url fails with "url not found on this server"

All the application are up and running and I can get to them without issue directly - I'm wondering if the Jazz Authorization Server is part of hte issue, as I have this enabled, and there were no instructions in the documentation to indicate that I might need to collect the keystore and certifcate from that ?

We're using the enterprise topology with a few exceptions e.g. don't have RELM - and my JAS server is on the same server as JTS

Ralph Schoon commented Jan 18, 9:07 a.m. | edited Jan 18, 9:09 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
I am not an expert on this. 

For me not having deployed RELM still makes it an enterprise topology.


 "url not found on this server" I would expect that this is not related to JAS, I would assume this is in the reverse proxy. 

How can you reach the applications, if the URI root is hosted on the proxy? Without proxy the host they are on would not be in the URI, right? The Hostname would not he the FQN used in the public URI, the IHS would run in the host with that FQN.

The certificate is the one from IHS. Given that the redirect in the IHS to the other machines seems to be the issue.

Be the first one to answer this question!


Register or to post your answer.