What are the basic tests to be performed in case of impossibility of access to the Validator service (PSIS)?

BASIC SERVICE ACCESS TESTS SECTION:

Visibility of the service

- NSLOOKUP

nslookup psis.catcert.net

nslookup psisbeta.catcert.net

- TELNET

· Http service (validation)

telnet psis.catcert.net 80

telnet psisbeta.catcert.net 80

· Https service (SSL mab validation and signature)

telnet psis.catcert.net 443

telnet psisbeta.catcert.net 443

- WGET (or web browser), from the machines with the failed application, to access the URLs:

wget http://psis.catcert.net/psis/dss

wget http://psisbeta.catcert.net/psis/catcert-test/dss

The answer, in the case of both addresses, is [PSIS vX.XX] where the version number may vary.

The IPs shown by the command in the "NSLOOKUP" section should match the table. The primary service IP is the one listed in the " Primary " column.

TECHNICAL RECOMMENDATIONS SECTION:

DNS cache prevention

- In JVM: Enable cache refresh in JVM by adding the attribute to JAVA_OPT:

Dnetworkaddress.cache.ttl = 1200

Attribute detail: Specified in java.security to indicate the caching policy for successful name lookups from the name service .. The value is specified as as integer to indicate the number of seconds to cache the successful lookup.

A value of -1 indicates “cache forever”. The default behavior is to cache forever when a security manager is installed, and to cache for an implementation specific period of time, when a security manager is not installed.

- On the operating system: Remove the psis.catcert.net and psisbeta.catcert.net entries from the “/ etc / hosts” file for Linux / Unix and “C: WindowsSystem32driversetchosts” for Windows systems.

- Application servers: If the configuration of the first point of this section is not active, you will need to restart the services running on Jboss, Tomcat, Glassfish, etc.

Connectivity error prevention:

- Proxy Servers: Force refresh of proxy cache services.

- Revision of firewall rules to enable access to panel IPs on ports 80 and 433