Service Operations Insight

 View Only

SOI Tech Tips: How to increase HTTP Header Size 

Jul 24, 2014 11:06 AM

PROBLEM:  After you enter the user and password to access the UI webpage, the browser will return  a message

                    Internet Explorer cannot display the webpage.

 

This particular problem  was cause by users in Active Directory belonging to multiple groups.

The more groups a user belongs to, the larger the EEMSESSIONID cookie will get.

With the increase EEMSESSIONID size, you will need to increase the maxHttpHeaderSize for http and https.

 

On the UI server, edit \ca\soi\samui\conf\server.xml

Change the value for maxHttpHeaderSize to 32768 for the following sections

 

    <Connector address="${tomcat.inaddr.bind}" port="${tomcat.port.http}" protocol="HTTP/1.1"

               redirectPort="${tomcat.port.ssl}"

              maxHttpHeaderSize="16384"

               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"

               enableLookups="false" acceptCount="100"

               connectionTimeout="20000" disableUploadTimeout="true"

               compression="on" compressableMimeType="text/html,text/plain,text/css,text/javascript" /> 

 

 

<Connector address="${tomcat.inaddr.bind}" port="${tomcat.port.ssl}" protocol="HTTP/1.1" SSLEnabled="true"

      maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"

               enableLookups="false" disableUploadTimeout="true"

               acceptCount="100" scheme="https" secure="true"

               keystoreFile="${tomcat.keystore.file}"

               keystorePass="${tomcat.keystore.pswd}"

               ciphers="SSL_DHE_DSS_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_KRB5_WITH_RC4_128_MD5,TLS_KRB5_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,TLS_KRB5_WITH_3DES_EDE_CBC_MD5,TLS_KRB5_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"

               clientAuth="false" sslProtocol="TLS" />

 

Recycle the CA SAM User Interface Server service.

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.