IBM Support

Web server error: Keyring File access error or Page cannot be displayed

Technote (FAQ)


Question

After you configure SSL for HTTP on a Lotus® Domino® server, no one can connect using SSL. A Web browser displays the message "Page cannot be displayed." On the Domino server console, you see mention of "Keyring File access error" and status [4169].

Example console entries:

04:44:16 PM HTTP Server: SSL Error: Keyring File access error
04:44:16 PM HTTP Server: SSL handshake failure, IP address [x.x.x.x], Keyring [keyfile.kyr] status [4169]

- or -

HTTP Server: SSL Error: Keyring File access error, key ring file [keyfile.kyr], IP address [x.x.x.x]

- or -

SSL Error: Keyring file format error, keyring file <filename>, <hostname>


Answer

This error occurs when the key file cannot be accessed for some reason. The key file may be inaccessible because of incorrect permissions, a corrupt or missing .STH file, or a corrupt or missing .KYR file. Make sure none of these conditions exist for your Domino server.

Check that the keyfile.kyr and keyfile.sth are present in the domino\data directory. The .sth file is the stash file for the keyfile's password. The server must have this file to be able to access the keyfile. If the sth file is present, it may be corrupted or the server may not have appropriate permissions to access the file from the operating system. Replace the file if needed, and verify the permissions.

Make sure the actual file name is listed in the Server document or Internet Site document "SSL key file name" field. You can enter the console command tell http show security to see what file is in use by the Domino server.

Verify that Domino has the correct permissions to access the files at an operating system level. For example, for operating systems that require an account, the file permissions should include the Domino account as owner of the key file, or to allow the user that Domino is running under at least read access to the file.

In rare cases a reinstall of Domino has been necessary to resolve the problem.

Related information

'SSL Error: Keyring file not found' when enabling SSL

Document information

More support for: IBM Domino
Web Server

Software version: 7.0, 8.0, 8.5

Operating system(s): AIX, IBM i, Linux, Solaris, Windows, z/OS

Software edition: All Editions

Reference #: 1109822

Modified date: 24 October 2006


Translate this page: