Resolved issue in customer environment.

Customer's webserver is only listening on port 443 and 475. According to CT Agent debug requests were being made only on port 80 and the user experenced a 500 error. According to the access logs requests are being made to "\x80L\x01\x03" investigation on google revealed that thsi was caused by an ssl configuration. The customer copied some of the SSL parameters within the httpd.conf to the global section which were previously only located in the VirtualHost sections. This resolved one issue however the user is still experiencing 500 errors but atleast we can see the requests in the access log and within the CT Agent debug.

Requests are still showing on port 80, we debugged this by removing the WebSphere plugin, then the CT plugin. The issue did not occur with the ct plugin.

This was working fine for the last several weeks and only broke yesterday. The customer has two environments, one working and one broken both with IBMHTTP 1.3.28, CT 3.0.2.8, on Solaris 8. Comparing each httpd.conf, webagent.conf, plugin.xml, accesslog, errorlog, and ct agent debug everything seems to be configured identically on both.

Since there were no incoming requests on port 443 I suggested that this is caused by something external to CT, either on the network, within IBMHTTP Server or one of the other HTTP modules. Further investigation didnt provide any new results. We tried to work around the problem by creating a VirtualHost section within the webagent.conf for port 80 however this still did not resolved the issue.

Simha recieved an email from another member of his team that said the only change within the past week was a modification to the host file from

127.0.0.1       localhost     loghost

to

127.0.0.1      localhost     loghost     buy-www-16.buysense.com

Once the customer changed this back everything appeared to function properly.

I informed the customer that I will try to replicate this behavior and create a knowledgebase solution for future reference.