Administration guide > Troubleshoot
Use this information to troubleshoot issues with the security configuration.
- Problem: The client end of the connection requires SSL, with the transportType setting set to SSL-Required. However, the server end of the connection does not support SSL, and has the transportType setting set to TCP/IP. As a result, the following exception gets chained to another exception in the log files:
java.net.ConnectException: connect: Address is invalid on local machine, or port is not valid on remote machine at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:389) at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:250) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:237) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:385) at java.net.Socket.connect(Socket.java:540) at com.ibm.rmi.transport.TCPTransportConnection.createSocket(TCPTransportConnection.java:155) at com.ibm.rmi.transport.TCPTransportConnection.createSocket(TCPTransportConnection.java:167)
The address in this exception could be a catalog server, container server, or client.
Solution: See Configure secure transport types for a table with the valid security configurations between clients and servers.
- When agent is used, the client sends the agent call to the server, and server sends the response back to the client to acknowledge the agent call. When the agent finishes processing, the server will initiate a connect to send the agent results. This makes the container server a client from connect point of view. Therefore, if TLS/SSL is configured, make sure the client's public certificate is imported in the server's trust store.
Security integration with WAS
Transport layer security and secure sockets layer
Troubleshoot client connectivity
Troubleshoot XML configuration
IBM Support Assistant for WebSphere eXtreme Scale
Security descriptor XML file
Server properties file
Lesson 2.2: Configure catalog server security
Lesson 2.3: Configure container server security