Server 5.3 seems to have broken my JDS

jrippy
Contributor III

Seems like Server.app 5.3 has broken my JDS.
During the upgrade process, Server.app ran through "renewing certificates". As such, the web service is now trying to use the built-in cert vs the JSS cert.
Looking at my apache_serviceproxy.conf file, jss_ca.cer is nowhere to be found.
About to check the vhost files.

1 ACCEPTED SOLUTION

jrippy
Contributor III

Next I tried resetting the .DAVLogin passwords. That didn't work.
Trying to re-install the JDS now.

After the re-install, the serviceproxy file had 2 sets of entries for the JSS certs. I commented out 1 set.
The vhost file had an entire new JDS block that interesting is different from the previous block.
Compared the file to another server that hasn't been upgrade yet and it seems the Server.app upgrade actually changed some contents of the "original" code block. It added a section for

<IfModule mod_secure_transport.c>
    MSTEngine Off
    MSTIdentity not-available

and so on.
Removed that and left the installer code block intact.

I also had a second share now in File Sharing. I removed the original share and renamed the new share from CasperShare-1 to CasperShare.

Now it is working and fixed.

View solution in original post

4 REPLIES 4

jrippy
Contributor III

Looking back at this KB, trying to re-apply the changes.

I tackled the serviceproxy file first. It seems it had been replaced by the default file.
The vhost 0000_127.0.0.1_34543_.conf file was actually intact. No changes needed to be made to it.

After the changes, looks like I'm back up and running. Hopefully this will help someone else out as well.
It's possible I guess that I could have just re-installed the JDS from the package installer. Didn't try.

jrippy
Contributor III

Spoke too soon. The certificate is now recognized but the CasperShare won't mount in Casper Admin.

jrippy
Contributor III

Next I tried resetting the .DAVLogin passwords. That didn't work.
Trying to re-install the JDS now.

After the re-install, the serviceproxy file had 2 sets of entries for the JSS certs. I commented out 1 set.
The vhost file had an entire new JDS block that interesting is different from the previous block.
Compared the file to another server that hasn't been upgrade yet and it seems the Server.app upgrade actually changed some contents of the "original" code block. It added a section for

<IfModule mod_secure_transport.c>
    MSTEngine Off
    MSTIdentity not-available

and so on.
Removed that and left the installer code block intact.

I also had a second share now in File Sharing. I removed the original share and renamed the new share from CasperShare-1 to CasperShare.

Now it is working and fixed.

strider_knh
Contributor II

I have this problem all the time. I have the modified config file saved that I can do a quick replace with if the JDS stops working.

This also seems to happen on some of our JDSs when they restart. Also some were in this same state right after the JDS was setup. I would love it if we could go into the Server app and make these changes and not have to go and modify config files that Apple can get squirrelly about if you modify them, and Apple doesn't like that.