SSL_ERROR_SSL. Unable to create SSL socket for [localhost:16076]

Article ID: 2267202
Expand all | Collapse all

Symptoms

When using ESP 5.3 with SAM 5.3, one may see the following error in the %FASTSEARCH%\var\log\qrserver\qrserver.log file after experiencing problems when submitting queries to ESP:

ERROR qrserver contoso.com 15100 systemmsg FastQT_Security: Security QT - Group Expansion failed for user id "user". API error: {SSL_connect failed: rejected by server (invalid client certificate?). SSL error: SSL_ERROR_SSL. Unable to create SSL socket for [localhost:16076]. Security Access Module is not accessible at the configured location [localhost:16076] }

Cause

The configured certificate in SAM must use the same port as is configured for the Domain user monitor main port. This problem can occur when there is a port mismatch between the two.

NOTE: The configured certificate in SAM is used to encrypt the secured communication and the qrserver port of the queries.

Resolution

1. Edit the fastsecuritypipelineconfig.xml file (located in %FASTSEARCH%\etc\) so the Hostport parameter value matches the port number in the SAM GUI home page.
NOTE: The port number in the SAM GUI can be found by clicking the Advanced Configuration link in the SAM GUI and then checking the value for the Port Number in the Miscellaneous Settings section.

2. Reload the configuration from the command line:
esp\bin>nctrl reloadcfg

3. Restart qrserver from the command line:
esp\bin>nctrl restart qrserver

Properties

Article ID: 2267202 - Last Review: 10 October 2011 - Revision: 1.0
  • FAST ESP
Keywords: 
KB2267202

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com