AOD 8.1.2 : getting 404 error in https request

**avc861193901584** · 01-21-2025, 08:04 AM

HTTP 404 usually means "not found".

If you click the Verify button next to the VXML URL in the AEP application, does it show a message saying: You have reached the application successfully.?
If not, I'd recommend looking in your Tomcat server log files (specifically catalina.out/catalina.txt and localhost.today.log) for any errors deploying the OD war file.

**avc880818262214** · 01-22-2025, 01:18 AM

Hi Adam,

Application is verified successfully in AEP, tomcat is up and running. We couldn't see any errors in catalina.out and OD application logs.
When we make the test call we are getting technical difficulty error message and disconnecting the call

Thanks & Regards,
Ravi A

**avc861193901584** · 01-22-2025, 09:04 AM

Hi Ravi,

Another set of scenarios where I've seen a 404 be reported is related to TLS trust. Can you test to confirm whether your call succeeds if you configure the application to be HTTP?
If it works as HTTP, but not HTTPS confirm:
1. If the certificate is not trusted by the AEP.
- Be sure to add it under Certificates -> Trusted Certificates -> Upload (Type: Application)
2. The IP address was not generated as a Subject Alternative Name on the certificate AND Certificates -> Security Settings -> Enable Server Identity Validation is set to Yes.
Options:
- If you have functional DNS use the hostname in the application URL
- Regenerate the Tomcat certificate with the IP address as a subject alternative name
- Turn off Enable Server Identity Validation (which will subject you to security vulnerabilities)

**avc880818262214** · 01-30-2025, 10:54 AM

Hi Adam,

1.My application is working fine in http
For https: I have generated the MyTrustStore.jks file through keystore command and I configured the MyTrustStore.jks in tomcat under server.xml
tomcat page is opening the https
2. And I added the .crt under AEP Certificates -> Trusted Certificates -> Upload (Type: Application)
3. Turn off Enable Server Identity Validation --> Application is working.

4. If Turn On Enable Server Identity Validation--> Application is notworking Getting the 404 error

Curl request for mpp to IVR application getting the below issue

curl https://xx.xx.xx.xx.8443/IVRAPP/Start
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above. zz0.dkzu6g8m46zz

**avc861193901584** · 01-30-2025, 12:03 PM

Hi Ravi,

It sounds like you will need to
1. Regenerate your certificate using keytool and this subject alternative name

-ext SAN=dns:test.yourhostname.com,ip:1.1.1.1

argument. (Replace the IP address and hostname as appropriate.)
2. Update Tomcat to use your new keypair.
3. Export the certificate for your new keypair and upload it to the EPM.

Then you should be able to use your application with Server Identity Validation turned on.

**avc880818262214** · 02-03-2025, 02:33 AM

Hi Adam,

Thanks for your suggestions, I have followed the above steps https secure connection is working fine after adding the subject alternative name in the keytool -ext SAN=dns:test.yourhostname.com,ip:1.1.1.1 .

But while checking the curl request still we are facing this issue.
curl https://xx.xx.xx.xx.8443/IVRAPP/Start
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above. zz0.dkzu6g8m46zz

**avc861193901584** · 02-03-2025, 08:48 AM

Hi Ravi,

That's great that the SAN fixed the issue with the AEP.

When you added the certificate to the AEP, that put it inside of an AEP "trust store" a list of certificates that are trusted issuers.
The curl command doesn't use the AEP's "trust store". If you want curl to work, you will need to add the certificate to the Linux "trust store". (Search on Google for "How to configure your CA trust list in Linux")

**avc880818262214** · 02-05-2025, 04:26 AM

Hi Adam,

I have configured the below changes in the sever.xml for secure port 8443
And we make some test calls, sessions are not disconnecting properly in the tomcat. Once the customer disconnect the call, still the session is in live in the tomcat session manger, after 30min default time sessions are clearing. could you please suggest.

<Connector protocol="org.apache.coyote.http11.Http11NioProtoc ol" port="8443"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
maxParameterCount="1000"
keystoreFile="conf/MyTrustStore.jks"
keystorePass="changeit"
keyAlias="IVREG"
clientAuth="false"
sslEnabledProtocols="TLSv1.2,TLSv1.1"/>

**avc880818262214** · 02-05-2025, 06:19 AM

This is working properly in the port 8080 once customer hang-up call or disconnect the call, sessions are clearing in the tomcat without any issue, same application same tomcat changed the port 8443
Once the customer disconnect the call, still the session is running in the tomcat session manger. and we disabled the port 8080 in server.xml as well. Kindly suggest to fix this issue.
Tomcat Version 9.0.8
AOD version: 7.23.0
AEP :8.1.2

**avc861193901584** · 02-05-2025, 08:40 AM

Hi Ravi,
I'm afraid that I've never really done much with Tomcat session invalidation. Maybe Avaya can chime in on that.
As general advice: It might be good to review the localhost_access file to confirm that there are no additional requests for the session id, the AEP Log Viewer has no related errors, and the application Session Detail Report OD transcription confirms that there are no additional VXML fetches for the session.

**avc880818262214** · 02-05-2025, 10:42 PM

Hi Adam,

Thanks for your reply..

we have 2 app servers. I configured as load balancer in the AEP and port 8443, but calls are landing only 1st server. calls are not distributing the load any suggests to fix this issue ?

**avc861193901584** · 02-06-2025, 07:34 AM

Hi Ravi,

Did you regenerate and re-add the certificate to the AEP Trusted Certificates for the second server? It might be good to try swapping the URLs so that second one is now first and see if you get the badfetch error for that URL.

**avc880818262214** · 02-06-2025, 10:35 AM

Hi Adam,

Both the servers I have created the certificates and add in the AEP, application is working fine for both the servers and swapping urls, calls are landing in first mapping url in the AEP. no error badfecth in logs.

**avc861193901584** · 02-06-2025, 11:34 AM

Hi Ravi,

I've never seen that behavior before. Usually it will be roughly round-robin when set to Load Balance mode under the Application settings.
Maybe Avaya can chime in?

AOD 8.1.2 : getting 404 error in https request

AOD 8.1.2 : getting 404 error in https request

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment