Could not write to /Library/JSS/Tomcat/conf/server.xml

mwilkerson
New Contributor III

We've run into a couple of issues and we're not sure if they're related. Our JSS is version 8.73 and it's running on OS X 10.6.8.

First, our Tomcat Website Certificate has gone blank and says Self Signed. If we try to click the link "Replace with certificate from the JSS's built-in CA", we get an error that says "Could not write to /Library/JSS/Tomcat/conf/server.xml". This comes after spending a week or so at the beginning of the month re-issuing new certificates after the OpenSSL fun-times.

As far as I can tell, the permissions on /Library/JSS/Tomcat/conf/server.xml are as they should be, although if someone can confirm for me that would be great.

The second issue may or may not be related. We're not sure when the certificate issue began, but this issue started last night. All of our policies that download a script or package from the server are failing with the following errors:

Downloading https://our.server.com:443//Packages//ourpackage.pkg... Error: The package (ourpackage.pkg) could not be found.

We have confirmed that we can access the Distribution point via afp directly from a client machine. We can also download the file from a client machine if we use the URL that is listed in the error message (https://our.server.com:443//Packages//ourpackage.pkg) from the browser.

Nothing we do changes the errors when we try running our policies. Any ideas?

1 ACCEPTED SOLUTION

mwilkerson
New Contributor III

We solved this issue. Turns out it was a normal response when an internally generated cert is added.

View solution in original post

2 REPLIES 2

mwilkerson
New Contributor III

Ok, I have an update to this issue. The certificate "issue" may not be an actual issue. After speaking with my colleague, this has been going on since we put in our own certificate early in the month.

The main issue is the inability to download packages, scripts, etc. when the client runs a policy.

mwilkerson
New Contributor III

We solved this issue. Turns out it was a normal response when an internally generated cert is added.