Reference the sections below for information about testing the GroupWise Calendar server.
The GroupWise Calendar Server is listed under the following service name:
gwcalsvr
To test Calendar Server, follow the steps found in the GroupWise Mac User Quick Start to configure your workstation.
Use the table below to help you resolve errors in the SOAP connectivity test.
Error |
Description |
Resolution |
---|---|---|
SUCCESS |
TLS connection was established and SOAP is responding properly. |
No action required. |
TLS_DISABLED |
SOAP is responding properly, but the connection was not over TLS. |
Enable TLS for SOAP on the POA. |
SOAP_DISABLED |
SOAP is not enabled for the post office. No connection was attempted. |
Enable SOAP on the POA. |
UNREACHABLE |
Failed to connect to the POA due to a connection failure or socket timeout. |
Ensure the POA service is running on the server. Ensure that the POA network is accessible from the Calendar Server. |
UNTRUSTED_CA |
The certificate chain did not contain a trusted root certificate. |
|
UNTRUSTED_CERT |
The endpoint certificate presented during the TLS handshake is invalid. This can be for multiple reasons including expiration or invalid usage of the cert. |
Issue a new TLS certificate to the POA. Trust the endpoint certificate. If the certificate is trusted, then the trust does not expire when the certificate expires. This also does not prevent man-in-the-middle attacks. |
HOSTNAME_MISMATCH |
A valid TLS certificate is presented by a server that does not match either the CN of the certificate or any of the subject alternative names. |
Issue a new certificate that matches the host name or IP address of the server. Correct the address of the POA so it matches the certificate. Trust the endpoint certificate. If the certificate is trusted, then the trust does not expire when the certificate expires. This also does not prevent man-in-the-middle attacks. |
UNKNOWN |
Most likely caused by network instability, but includes any error not shows above. |
Manually check connectivity by running a curl command. See the format below: curl -X options https://POA_server:SOAP_port/soap |
The following are possible resolutions for fixing an UNTRUSTED_CA error during the connectivity test:
Configure the POA with a certificate that is issued from a publicly trusted root certificate authority.
Configure the POA with a certificate that is issued by the GroupWise CA.
Manually override the trust:
If the TLS handshake contained the CA certificate from the server, you can trust the CA in the pop up that appears when you click Trust.
If the TLS handshake did not contain the CA certificate from the server, you can manually upload the CA certificate into the Trust dialog.
You can choose to trust the endpoint certificate. While this is a haTLSe free way of overriding certificate validation issues during the TLS process, it does not prevent man-in-the-middle attacks. Also, the trust does not expire even if the certificate has expired.