Notification Server will not build https package download location links in IIS 7

book

Article ID: 155223

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

An SSL certificate had been installed into IIS and the SSL configuration had been set to "Require SSL" at the Default Web Site location. It was also set to "Ignore" client certificates, but, when the NS.Package Refresh schedule was run it was still building http download locations for all packages. 

When a valid SSL certificate is detected during package refresh, or when packages are being built for the first time, then the NS should set the download location to https://

Cause

The framework was not detecting that https was a valid or enabled protocol.

Note: According to Microsoft, if http is enabled, then https should also be enabled and vise versa; but that was not the case when this problem was encountered.

 

Resolution

- Open Internet Information Services (IIS) Manager (found under "Start > All Programs > Administrative Tools")

- Browse down to Default Web Site, or to the "Altiris" application under the Default Web Site (depending on how high you want to set enforcement https protocol)

- To the far right select the "Advanced Settings..." link.

- Locate the "Enabled Protocols" section and change the value to https

- Reset IIS

- Manually run the "NS.Package Refresh.{bd6bf880-bfae-4dad-b746-e8be99f3b8a8}" schedule.

If the download codebases still do not show as https then, in some isolated cases, the problem was resolved by opening SQL Management Studio and running the following SQL statement against the Symantec_CMDB database and then running the NS.Package Refresh... schedule again.

TRUNCATE TABLE swdPackageCodebase

NOTE: Truncating the swdPackageCodebase table will remove all download locations including those of package servers. This will correct over time or, to speed things up, access the package servers, open the Package Server agent dialogue and click on "Resend Package Status"

 


Applies To

Symantec Management Platform 7.1.1

Microsoft Web Server IIS 7