Sun Crypto 4000 Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. 650-960-1300 817-2350-10 2003 5 A docfeedback@sun.com
2003 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. Sun Sun Berkeley BSD Sun University of California UNIX / Sun X/Open Company, Ltd. Sun Sun Microsystems Sun SunVTS AnswerBook2 docs.sun.com iplanet Sun Enterprise Sun Enterprise Volume Manager Solaris Sun Microsystems, Inc. / SPARC SPARC International, Inc. / SPARC Sun Microsystems, Inc. Netscape Netscape Communications Corporation OpenSSL Project OpenSSL Toolkit (http://www.openssl.org/) Eric Young (eay@cryptsoft.com) Ralf S. Engelschall <rse@engelschall.com> mod_ssl (http://www.modssl.org/) OPEN LOOK Sun Sun Microsystems, Inc. Sun Xerox Sun Xerox Xerox (GUI) OPEN LOOK GUI Sun Sun Sun
Sun Crypto 4000 Sun Crypto 4000 Sun Crypto 4000 114795-01 showrev -p Sun Crypto 4000 Sun Fire 15K Sun Crypto 4000 FCODE Sun Crypto 4000 FCODE 12.11.13 Sun Crypto 4000 15.properties FCODE 1
ID 4757594 vca.conf vca.conf Solaris kernel/drv/vca.conf dma-mode=1; Sun Blade 100 150 ID 4470196 Solaris 8 Solaris 8 Sun Crypto 4000 112438-01 109234-09 CD patches http://sunsolve.sun.com Sun Crypto 4000 ID 4621453 Sun ONE Web 4.x 6.x Sun ONE Web Sun ONE Web iplanet Web http://www.mozilla.org NSPR 4.12 NSS 3.3 pk12util Netscape Communicator 4.x 6.x 2 Sun Crypto 4000 2003 5
ID 4630250 Sun Crypto 4000 http://sunsolve.sun.com ID 4796664 Sun Crypto 4000 MMF SunVTS netlbtest " 12/19/02 17:20:03 username SunVTS4.5: VTSID 8003 netlbtest. FATAL vca1: "Failed to get the link up. Probable_Cause(s): (1)Loopback cable not connected. (2)Faulty loopback cable. Recommended_Action(s): (1)Check and replace, if necessary, the loopback cable. (2)If problem persists, call your authorized Sun service provider. ID 4826508 vcaadm Security Officer Login: so Security Officer Password: Login failed. Error writing data: Bad file number ID 4816009 FIPS FIPS FIPS FIPS Sun Crypto 4000 3
ID 4825721 Sun Fire 15K MMF UTP Sun Fire 15K Feb 27 11:39:04 xc15p13-b3 vca: [ID 732820 kern.warning] WARNING: vca1: vce_link_stats_set: cant determine params Feb 27 11:40:29 xc15p13-b3 vca: [ID 214153 kern.warning] WARNING: vca1: Can t determine link paramaters! Feb 27 11:40:29 xc15p13-b3 vca: [ID 702911 kern.notice] NOTICE: vca1: link up 0 Mbps half duplex Feb 27 11:40:29 xc15p13-b3 vca: [ID 732820 kern.warning] WARNING: vca1: vce_link_stats_set: cant determine params Feb 27 11:41:08 xc15p13-b3 vca: [ID 702911 kern.notice] NOTICE: vca0: link down Feb 27 12:01:07 xc15p13-b3 vca: [ID 702911 kern.notice] NOTICE: vca0: link up 1000 Mbps full duplex RFE ID 4753295 Apache Web Sun ONE (/etc/opt/sunwconn/cryptov2/sslreg) Sun ONE Sun ONE Sun ONE 4 Sun Crypto 4000 2003 5
ID 4822356 vcaadm rekey master vcaadm Cannot get new modulus from firmware vcaadm{vca0@localhost, sec_officer}> rekey master WARNING: Rekeying the master key will render all old board backups useless with the new keystore file. If other boards use this keystore, you will need to back up this new key and initialize the other boards to use the keystore, providing the backed up master key in the process. Rekey board? (Y/Yes/N/No) [No]: y Rekeying crypto accelerator board. This may take a few minutes...done. Cannot get new modulus from firmware. ID 4852120 Apr 17 23:44:37 xc15p13-b0 vca: WARNING: stale job(s) found in ring 30000978718 request 0x7820aa68 ====================== vr_key_id[0]: 0x00000000 vr_key_id[1]: 0x00000000 vr_cmd: 0x0013 vr_key_flags[0]: 0x0 vr_key_flags[1]: 0x0 vr_in_len: 192 vr_out_len: 192 Apr 17 23:44:37 xc15p13-b0 genunix: WARNING: vca1: fault detected in device; service unavailable Apr 17 23:44:37 xc15p13-b0 genunix: WARNING: vca1: crypto job timeout (device hung?) vca1: Resetting board... Apr 18 00:08:47 xc15p13-b0 vca: WARNING: vca1: Device is in failed state! Apr 18 00:08:47 xc15p13-b0 last message repeated 1 time Sun Crypto 4000 Sun Crypto 4000 5
Sun ONE Web ID 4532645 Sun ONE 4.x 6.x Web Web GUI / Web Apply Load Configuration Files ID 4532941 4593111 Sun ONE Web Web 6.0 5 (SP5) Sun ONE Web Web Web ID 4620283 pk12util Sun ONE pk12util % cd /usr/iplanet/servers/alias % pk12util -o temp.p12 -n "Our Token:Server-Cert" -d. Enter Password or Pin for "Our Token": Enter password for PKCS12 file: Re-enter password: pk12util: add cert and key failed: Unable to export. Private Key could not be located and exported. 6 Sun Crypto 4000 2003 5
ID 4607112 Sun ONE Web 6.0 Cipher Default OK Apply Sun Crypto 4000 user@realm-name Sun ONE Web 6.0 3 (SP3) Web Sun Crypto 4000 1. Cipher Default SSL2 SSL3 2. OK 3. Apply 4. Load Configuration Web /usr/iplanet/servers/https-hostname.domain/config/server.xml <SSLPARAMS servercertnickname= Server-Cert... Server-Cert keystore_name: <SSLPARAMS servercertnickname= keystore_name:server-cert... Web Apache Web Sun Crypto 4000 Apache 1.3.26 Sun Crypto 4000 7
与 Apache Web 服务器相关的已知问题 错误 ID 4766977 Solaris 8 必需的修补程序 要在 Solaris 8 操作环境下配置 Sun Crypto 加速器 4000 板以便与 Apache Web 服务器配合使用必须在安装 Sun Crypto 加速器 4000 软件之前安装版本号为 109234-09 的修补程序此修补程序位于产品 CD 的 patches 子目录下也可以从 http://sunsolve.sun.com 网站下载 应用此修补程序后您 重新引导系统方可安装 Sun Crypto 加速器 4000 软件 Apache Web 服务器不能同时与 Sun Crypto 加速器 1000 板和 Sun Crypto 加速器 4000 板配合使用如果让这两个板同时使用 Apache Web 服务器 Apache 将无法正常工作 只有您准备将板与 Apache Web 服务器 1.3.26 配合使用时才有必要安装 Sun Crypto 加速器 4000 SUNWkcl2a 软件包如果使用其它配置或 Apache Web 服务器版本则不必安装 SUNWkcl2a 软件包 启动文件 Apache 的启动文件 (/etc/rc3.d/s50apache) 与 dtlogin 的启动文件 (/etc/rc2.d/s99dtlogin) 的顺序会导致计算机启动时的顺序问题这可能会导致启动时无法访问控制台进而无法输入 Apache 密码解决方法以 root 用户身份发出以下命令重新调整 Apache Web 服务器的启动顺序 # mv /etc/rc3.d/s50apache /etc/rc2.d/s95apache 8 Sun Crypto 加速器 4000 板发布说明 2003 年 5 月