- Troubleshooting CA Access Gateway startup issues
- You have newly installed CA Access Gateway and it fails to startup.
- CA Access Gateway has been working fine and suddenly fails to startup.
Introduction / Summary:
CA Access Gateway is an Apache + JK Connector + Tomcat bundle.
It also comes with some applications(localapps) that are deployed.
The common places causing startup issues are :
1. Apache Certificate settings
2. Tomcat configuration
3. Tomcat localapps
This is to assist in isolating the startup problems before submitting support ticket for assistance.
First of all, run "netstat -an" to see which service is able to startup.
Check if you are seeing port 80 and 443 (if SSL enabled) for apache.
Check if you are seeing port 8080(HTTP), 543(HTTPS), 8005(SHUTDOWN) and 8009(AJP) for tomcat.
1. For apache side problem
Enable LogLevel in httpd.conf file to debug
Check the error_log to determine which configuration is causing problem.
2. For tomcat side problem
Check the server.log to determine if there are any exceptions and if they point to any particular feature.
In case of Windows, you can try starting up tomcat from command-line by copying SmSpsProxyEngine.properties to SmSpsProxyEngine.bat
And add the following line(which is a copy of NETE_SPS_PROXY_ENGINE_CMD) at the most bottom.
|SmSpsProxyEngine.bat (last line of)|
|"%NETE_SPS_JAVA_HOME%\bin\java.exe" -Xms512m -Xmx1024m -XX:MaxPermSize=256M -Dcatalina.base="%NETE_SPS_TOMCAT_HOME%" -Dcatalina.home="%NETE_SPS_TOMCAT_HOME%" -Djava.endorsed.dirs="%NETE_SPS_TOMCAT_HOME%\endorsed" -Djava.io.tmpdir="%NETE_SPS_TOMCAT_HOME%\temp" -DHTTPClient.log.mask=0 -DHTTPClient.Modules="HTTPClient.RetryModule|org.tigris.noodle.NoodleCookieModule|HTTPClient.DefaultModule" -Dlogger.properties="%NETE_SPS_TOMCAT_HOME%/properties/logger.properties" -DSM_AGENT_LOG_CONFIG="%STS_AGENT_LOG_CONFIG_FILE%" -classpath "%NETE_SPS_TOMCAT_HOME%\bin\proxybootstrap.jar;%NETE_SPS_TOMCAT_HOME%\properties;%NETE_SPS_JAVA_HOME%\lib\tools.jar;%NETE_SPS_TOMCAT_HOME%\bin\bootstrap.jar;%NETE_SPS_ROOT%\resources;%NETE_SPS_ROOT%\agentframework\java\cryptoj.jar" com.netegrity.proxy.ProxyBootstrap -config "%NETE_SPS_ROOT%/proxy-engine/conf/server.conf"|
In case of Unix, simply run the "proxyserver.sh" command to startup tomcat from shell. This file has the similar content available in the SmSpsProxyEngine.properties file.
Look for exception errors.
You can add -verbose to the above in case if it is suspected that certain jar files are not being loaded.
The default loglevel for server.log file is "INFO" and is sufficient in most cases but can be increased if needed.
3. For tomcat localapps
In server.conf file there are <Contexts> section that lists the deployed localapps.
Each <Context> comes with a switch to enable separately.
Try disabling all the localapps to see if the CA Access Gateway starts up.
Then you can try enabling them one by one to determine which app was causing initialization failure.
<Context name="Service name1">
<Context name="Service name2">
This article covers only the startup issues.