Configuration errors cause web service access problems to occur. You can address the errors by ensuring that the LIF, firewall policy, web protocol engine, web services, digital certificates, and user access authorization are all configured correctly.
The following table helps you identify and address web service configuration errors:
|This access problem…||Occurs because of this configuration error...||To address the error...|
|Your web browser returns an unable to connect or failure to establish a connection error when you try to access a web service.||Your LIF might be configured incorrectly.|| Ensure that you can ping the LIF that provides the web service.
Note: You use the network ping command to ping a LIF. For information about network configuration, see the Clustered Data ONTAP Network Management Guide.
|Your firewall might be configured incorrectly.|| Ensure that a firewall policy is set up to support HTTP or HTTPS and that the policy is assigned to the LIF that provides the web service.
Note: You use the system services firewall policy commands to manage firewall policies. You use the network interface modify command with the -firewall-policy parameter to associate a policy with a LIF.
|Your web protocol engine might be disabled.|| Ensure that the web protocol engine is enabled so that web services are accessible.
Note: You use the system services web commands to manage the web protocol engine for the cluster.
|Your web browser returns a not found error when you try to access a web service.||The web service might be disabled.|| Ensure that each web service that you want to allow access to is enabled individually.
Note: You use the vserver services web modify command to enable a web service for access.
|The web browser fails to log in to a web service with a user's account name and password.||The user cannot be authenticated, the access method is not correct, or the user is not authorized to access the web service.|| Ensure that the user account exists and is configured with the correct access method and authentication method. Also, ensure that the user's role is authorized to access the web service.
Note: You use the security login commands to manage user accounts and their access methods and authentication methods. Accessing the Data ONTAP API web service requires the ontapi access method. Accessing all other web services requires the http access method. You use the vserver services web access commands to manage a role’s access to a web service.
|You connect to your web service with HTTPS, and your web browser indicates that your connection is interrupted.||You might not have SSL enabled on the cluster or Storage Virtual Machine (SVM) that provides the web service.|| Ensure that the cluster or SVM has SSL enabled and that the digital certificate is valid.
Note: You use the security ssl commands to manage SSL configuration for HTTP servers and the security certificate show command to display digital certificate information.
|You connect to your web service with HTTPS, and your web browser indicates that the connection is untrusted.||You might be using a self-signed digital certificate.|| Ensure that the digital certificate associated with the cluster or SVM is signed by a trusted CA.
Note: You use the security certificate generate-csr command to generate a digital certificate signing request and the security certificate install command to install a CA-signed digital certificate. You use the security ssl commands to manage the SSL configuration for the cluster or SVM that provides the web service.