| Sun Secure Global Desktop 4.5 Gateway Administration Guide | 
   |
| A P P E N D I X D |
This chapter includes troubleshooting topics, to help you to diagnose and fix problems with the SGD Gateway.
This section describes the logging and diagnostics features of the SGD Gateway.
This section includes the following topics:
SGD Gateway logging uses the Java logging application programming interface (API). For more details about how logging is implemented in Java, see http://java.sun.com/javase/6/docs/technotes/guides/logging/overview.html.
A logging properties configuration file, logging.properties, is supplied with the SGD Gateway. This file is in the /opt/SUNWsgdg/proxy/etc directory.
You can edit the logging.properties file to change the default logging level, and to configure logging levels for specific SGD Gateway services. Each SGD Gateway service is represented by an async.channel entry in the logging.properties file.
For example, if you want to increase logging levels for incoming and outgoing Transmission Control Protocol (TCP) connections, set the TCP service logging level to FINEST. Uncomment the following line in the logging.properties file:
# async.channel.tcp.level=FINEST
You must restart the SGD Gateway to enable any changes to logging levels you make by editing the logging.properties file.
Note - You can also use the SGD Gateway reflection service to change logging levels. See The Reflection Service for information about configuring and using the reflection service. |
If you have problems with the SGD Gateway, consult the following log files:
Routing proxy log files. The location and names of these log files are set in the logging.properties file. By default, the SGD Gateway creates routing proxy log files in the /opt/SUNWsgdg/proxy/var/log directory on the SGD Gateway host.
Reverse proxy log files. Details of load balancing and proxy server activity for HTTP and HTTPS connections are logged to the Apache log files in the /opt/SUNWsgdg/httpd/httpd-2.2.10_openssl‑0.9.8i_jk.1.2.25/logs directory on the SGD Gateway host.
SGD server log files. Each SGD server in the array writes error messages to log files in the /opt/tarantella/var/log directory on the SGD server host. See “Monitoring and Logging” in Chapter 6 of the Sun Secure Global Desktop 4.5 Administration Guide for more details about configuring logging for SGD servers.
When you start the SGD Gateway, the process ID of the routing proxy is stored to the /opt/SUNWsgdg/proxy/var/run/proxy.pid file on the SGD Gateway host.
The process ID of the reverse proxy is stored to the /opt/SUNWsgdg/httpd/httpd-2.2.10_openssl‑0.9.8i_jk.1.2.25/logs/httpd.pid file. This file location can be changed using the PidFile directive in the httpd.conf Apache configuration file.
To display the running SGD Gateway processes, use the following command on the SGD Gateway host:
# ps -ef| grep SUNWsgdg |
You can use the following commands to check your SGD Gateway configuration.
gateway status – Shows status information for the SGD Gateway.
Run the following command on the SGD Gateway host:
# /opt/SUNWsgdg/bin/gateway status |
See also gateway status for more information about this command.
tarantella gateway list – Displays a list of the SGD Gateways that are authorized for use by the SGD array.
Run the following command on any SGD server in the array:
$ tarantella gateway list |
See The tarantella gateway Command for more details about using the tarantella gateway command.
tarantella config list – Displays global settings for the SGD array.
Run the following command on any SGD server to show the --security-gateway attribute setting. This attribute determines which SGD Clients are allowed to use the SGD Gateway.
$ tarantella config list --security-gateway |
See The security-gateway Attribute for more details about this attribute.
SGD Gateway error messages are reported to the routing proxy log files, located in the /opt/SUNWsgdg/proxy/var/log directory on the SGD Gateway host.
Some typical SGD Gateway error messages, along with an explanation of the probable cause, are listed in the following table.
| Error Message | Probable Cause |
|---|---|
| Failed to validate token: | The clocks on the SGD Gateway and the SGD servers in the array are not synchronized |
| Failed to decode token: | The CA certificate for the SGD server has not been installed on the SGD Gateway |
| Failed to validate token: | The SGD Gateway certificate has not been installed on the SGD array |
| SSL error: | The SSL certificate for the SGD server has not been installed on the SGD Gateway |
| Sun Secure Global Desktop 4.5 Gateway Administration Guide | 820-6691-10 |
|
Copyright © 2009, Sun Microsystems, Inc. All rights reserved.