How to Enable SSL Debug on the Security Server?

Enabling SSL debug temporarily on the Security Server can help to solve SSL related issues.

Step-by-step guide

SSL debug is enabled completing the steps below.

1. Add the line below to /etc/xroad/services/local.conf

   /etc/xroad/services/local.conf

   PROXY_PARAMS="$PROXY_PARAMS -Djavax.net.debug=ssl:handshake "

2. Restart xroad-proxy (sudo systemctl restart xroad-proxy).
3. View the log in systemd journal (journalctl -f -u xroad-proxy).

Related articles

• Page:
  What Kind of APIs the Security Server Provides?
• Page:
  Migration Guide from X-Road 6 to X-Road 7
• Page:
  Service Request Returns "Request is not allowed" Error Message
• Page:
  How to Interpret Security Server Proxy Error Messages?
• Page:
  How to change Security Server logging levels?