Symptoms
It is not possible to switch to PBA from POA Control Panel. During the switch attempt the following error message is displayed:
Fatal error An unforeseen error occurred. Please contact root@poacore.domain.tld.
Detail Message: "java.lang.IllegalArgumentException: Illegal cookie name".
Stack java.net.HttpCookie.(HttpCookie.java:132)
Also the similar messages can be found in the poa-ui.log on POA UI server during the attempt to switch from POA to PBA:
2012-07-13 02:10:48,713 d528a48251 ssor6 DEBUG OUT Connection through proxy: 10.20.30.40:8008
2012-07-13 02:10:48,721 d528a48251 ssor6 DEBUG OUT [Exception] message: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 404 No such domain"
2012-07-13 02:10:48,723 d528a48251 ssor6 DEBUG OUT [Exception] message: pba.domain.tld
Cause
Control Panel (UI) server is unable to resolve the FQDN (Fully Qualified Domain Name) of the PBA Application Server, you may check it using e.g. the ping, nslookup, host or dig utilities on the UI server:
[root@cp ~]# ping pba.domain.tld ping: unknown host pba.domain.tldReplace pba.domain.tld with the actual hostname of the PBA Application Server.
- PBA Application Server is not accessible by the TCP port 443 from the POA UI server or from the Privacy Proxy Server if it is used.
Resolution
Make sure that FQDN of PBA server is resolved to the correct IP address from all POA Control Panel servers (by adding records to DNS or hosts file on each CP server).
Verify that FQDN of PBA server can be resolved:
[root@cp ~]# ping pba.domain.tld PING pba.domain.tld (10.30.40.50) 56(84) bytes of data. 64 bytes from pba.domain.tld (10.30.40.50): icmp_seq=1 ttl=44 time=189 ms- Make sure that the TCP port 443 is open on the PBA application server according to requirements and it is accessible from the POA UI server or from the Privacy Proxy Server if it is used.