Trying to access PWM from outside the internal network

nav....@wrsd.ca

unread,

Sep 1, 2015, 2:13:24 PM9/1/15

to pwm-general

Hello,

I have PWM setup and working on our internal network, but trying to access it from the outside doesn't work. We are behind a PA-5020 firewall and I have setup 1:1 NAT for external access to the server.

Everything is setup correctly for external access as well, but when I browse to https://hostname.domain.ca I get nothing but a blank page. I've tried checking the log files, but there are no errors that I can see in there.

I'm sure I am just missing something really simple, but I can't find anything. Also I have set the Site URL to https://hostname.domain.ca as well. Still trying to work on this, but having trouble, so any ideas are welcome.

Thanks!

Rud

unread,

Sep 2, 2015, 1:36:10 PM9/2/15

to pwm-general

Hi.

It seems difficult to troubleshoot on this with the amount of information provided. One could ask on how you set up port forwarding as such since https defaults to 443 and a plain PWM install defaults to 8433, if set up for ssl usage.

The only thing I can recommend is check, check, double check logfiles. Perhaps set to debug level logging, in order to find (and solve) the relevant issue at hand.

Good luck!

Op dinsdag 1 september 2015 20:13:24 UTC+2 schreef Navjot Singh:

Navjot Singh

unread,

Sep 3, 2015, 12:06:59 PM9/3/15

to pwm-general

Sorry forgot to mention I am specifying the port in the URL (https://hostname.domain.ca:8443/pwm). If I set my Site URL without using SSL (http://hostname.domain.ca:8080/pwm it works fine.

I am using a wildcard certificate (*.domain.ca) from GoDaddy and I am using this link to configure it:

http://www.serveradventures.com/the-adventures/installing-pwm-open-source-password-self-service-for-ldap

I know the the guide is for linux, but I can't find any other documentation on importing an SSL certificate. Using Windows Server 2008 Standard for the PWM install. Tried setting debug level logging as well as trace, but still don't see anything interesting.

Perhaps PWM doesn't like wildcard certificates?

Navjot Singh

unread,

Sep 3, 2015, 1:57:43 PM9/3/15

to pwm-general

Just an update. I followed the steps on Apache Tomcat to import an SSL:

https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration

I created a keystore from scratch with a self-signed certificate and edited the server.xml file as shown in the documentation.

Still no go trying to use https://hostname.domain.ca:8443/pwm

Navjot Singh

unread,

Sep 4, 2015, 3:07:07 PM9/4/15

to pwm-general

Update #3. FINALLY!! Got it working now. Don't know what I did differently, but it's working!

THANK GOD!

Reply all

Reply to author

Forward