Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
933
Views
0
Helpful
5
Replies

Activating NAM HTTPS server

Go to solution
luis.elvira
Level 1
Level 1

‎08-11-2009 12:12 AM

Hi, I have activated https server in a NAM following the procedure in http://www.cisco.com/en/US/docs/net_mgmt/network_analysis_module_software/3.6/switch/configuration/guide/getstart.html. After I have loaded successfully the patch, I try to activate the server, but the following error occurs:

root@localhost.i-csnam-simb-c03.tsm.inet# ip http secure server enable

Enabling HTTP secure server...

ERROR: Failed to enable HTTP secure server.

I have this NAM configuration:

Fri Aug 7 23:53:19 2009 Patch: nam-app.3-6.strong-crypto-patchK9-1-0 Description: Strong Crypto Patch for NAM.

IP address: x.x.x.x

Subnet mask: x.x.x.x

IP Broadcast: x.x.x.x

DNS Name: localhost.i-csnam-simb-c03.tsm.inet

Default Gateway: x.x.x.x

Nameserver(s):

HTTP server: Disabled

HTTP secure server: Disabled

HTTP port: 80

HTTP secure port: 443

TACACS+ configured: No

Telnet: Disabled

SSH: Disabled

I have seen also the following error:

[Sat Aug 08 00:02:59 2009] [warn] RSA server certificate CommonName (CN) `localhost.i-csnam-simb-c03.tsm.inet' does NOT match server name!?

[Sat Aug 08 00:02:59 2009] [error] Unable to configure RSA server private key

[Sat Aug 08 00:02:59 2009] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Does anyone know what is going wrong?

Thanks in advanced.

LUIS

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Lucien Avramov
Level 10
Level 10
In response to luis.elvira

‎08-11-2009 03:46 PM

CN=hostname.domain so that is fine.

Try the other steps i mentioned earlier and revert your results.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Lucien Avramov
Level 10
Level 10

‎08-11-2009 12:27 AM

Make sure you configure correctly the hostname of the nam

Try a config clear from the NAM CLI and try again.

If that doesnt help, try to reimage the nam with the --install option.

If it still the same issue, please post the show-tech from the NAM so I can have a look

0 Helpful

Go to solution
luis.elvira
Level 1
Level 1
In response to Lucien Avramov

‎08-11-2009 01:03 AM

I have requested the show configuration output to confirm the hostname, but the prompt is root@localhost.i-csnam-simb-c03.tsm.inet so i supose the hostname is localhost.i-csnam-simb-c03.tsm.inet, isn't it?

Regards,

0 Helpful

Go to solution
luis.elvira
Level 1
Level 1
In response to Lucien Avramov

‎08-11-2009 01:41 AM

Hi lavramov,

I have checked the configuration and really the hostname is not the same that th CN in the certificate:

ip host "localhost"

ip domain "i-csnam-simb-c03.tsm.inet"

So, have we to change the certificate CN to localhost??

Thank you very much,

LUIS

0 Helpful

Go to solution
Lucien Avramov
Level 10
Level 10
In response to luis.elvira

‎08-11-2009 03:46 PM

CN=hostname.domain so that is fine.

Try the other steps i mentioned earlier and revert your results.

0 Helpful

Go to solution
luis.elvira
Level 1
Level 1
In response to Lucien Avramov

‎08-12-2009 10:59 PM

Thank you very much, I made clear config and confire again and now it works :)

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card