Deadringers
Dabbler
- Joined
- Nov 28, 2016
- Messages
- 41
Hey all,
So I enabled HTTPS and uploaded a Cert and then pressed save.
As of now the GUI loads up the login screen, but does not allow any logins.
In /var/log/messages I see the following:
Going through this the first issue I see is:
Looking in that directory I can only see "openssl.cnf.sample" as far as files go...
Should the system have generated an openssl.cnf file?
The next major issue that jumps out is this:
Looking through my nginx conf file I don't see anything that is that wrong...but then again I'm not 100% sure what's meant to be there as I didn't build it.
The only thing is perhaps the "local host" part instead of the DNS name I actually provided it, but unsure...
Here is the config file:
Any help/assistance is greatly appreciated at this point.
So I enabled HTTPS and uploaded a Cert and then pressed save.
As of now the GUI loads up the login screen, but does not allow any logins.
In /var/log/messages I see the following:
Code:
Feb 6 15:20:12 freenas manage.py: [system.forms:1024] Fingerprint of the certificate used in the GUI: 75:86:D4:05:78:57:90:98:E9:38:AE:B0:5B:92:CC:44:3B:7B:6F:46 Feb 6 15:20:13 freenas notifier: Stopping ntpd. Feb 6 15:20:13 freenas ntpd[2538]: ntpd exiting on signal 15 (Terminated) Feb 6 15:20:13 freenas notifier: Waiting for PIDS: 2538. Feb 6 15:20:13 freenas notifier: Starting ntpd. Feb 6 15:20:13 freenas ntpd[1049]: ntpd 4.2.8p9-a (1): Starting Feb 6 15:20:13 freenas notifier: WARNING: can't open config file: /usr/local/openssl/openssl.cnf Feb 6 15:20:13 freenas notifier: Performing sanity check on nginx configuration: Feb 6 15:20:13 freenas notifier: nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (2: No such file or directory) Feb 6 15:20:13 freenas notifier: nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok Feb 6 15:20:13 freenas notifier: 2017/02/06 15:20:13 [emerg] 1179#101550: open() "/var/log/nginx/access.log" failed (2: No such file or directory) Feb 6 15:20:13 freenas notifier: nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed Feb 6 15:20:13 freenas notifier: Stopping django. Feb 6 15:20:14 freenas notifier: Waiting for PIDS: 3358.
Going through this the first issue I see is:
Code:
notifier: WARNING: can't open config file: /usr/local/openssl/openssl.cnf
Looking in that directory I can only see "openssl.cnf.sample" as far as files go...
Should the system have generated an openssl.cnf file?
The next major issue that jumps out is this:
Code:
nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed
Looking through my nginx conf file I don't see anything that is that wrong...but then again I'm not 100% sure what's meant to be there as I didn't build it.
The only thing is perhaps the "local host" part instead of the DNS name I actually provided it, but unsure...
Here is the config file:
Code:
#
# FreeNAS nginx configuration file
#
user www www;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# reserve 1MB under the name 'proxied' to track uploads
upload_progress proxied 1m;
sendfile on;
#tcp_nopush on;
client_max_body_size 800m;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#upload_store /var/tmp/firmware;
client_body_temp_path /var/tmp/firmware;
server {
server_name localhost;
listen 172.16.11.230:443 default_server ssl http2;
listen [::]:443 default_server ssl http2;
ssl_certificate "/etc/certificates/freenasmanagement.crt";
ssl_certificate_key "/etc/certificates/freenasmanagement.key";
ssl_dhparam "/data/dhparam.pem";
ssl_session_timeout 120m;
ssl_session_cache shared:ssl:16m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EDH+aRSA:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
add_header Strict-Transport-Security max-age=31536000;
## TODO: OCSP Stapling
#ssl_stapling on;
#ssl_stapling_verify on;
#resolver ;
#ssl_trusted_certificate ;
location / {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9042;
fastcgi_pass_header Authorization;
fastcgi_intercept_errors off;
fastcgi_read_timeout 600m;
#fastcgi_temp_path /var/tmp/firmware;
fastcgi_param HTTPS $https;
# track uploads in the 'proxied' zone
# remember connections for 30s after they finished
track_uploads proxied 30s;
}
location /progress {
# report uploads tracked in the 'proxied' zone
report_uploads proxied;
}
location /dojango {
alias /usr/local/www/freenasUI/dojango;
}
location /static {
alias /usr/local/www/freenasUI/static;
add_header Cache-Control "must-revalidate";
add_header Etag "FreeNAS-9.10.2-U1 (86c7ef5)";
}
location /reporting/graphs {
alias /var/db/graphs;
}
location /dojango/dojo-media/release/1.11.1 {
alias /usr/local/www/dojo;
}
location /api/docs {
proxy_pass http://localhost:8001;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Script-Name /api/docs;
}
location /docs {
alias /usr/local/www/data/docs;
}
location /websocket {
proxy_pass http://127.0.0.1:6000/websocket;
proxy_http_version 1.1;
proxy_set_header X-Real-Remote-Addr $remote_addr;
proxy_set_header X-Real-Remote-Port $remote_port;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /api/v2.0 {
proxy_pass http://127.0.0.1:8002/api/v2.0;
proxy_http_version 1.1;
proxy_set_header X-Real-Remote-Addr $remote_addr;
proxy_set_header X-Real-Remote-Port $remote_port;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
#include plugins.conf;
}
server {
listen 172.16.11.230:80;
listen [::]:80;
server_name localhost;
return 307 https://$host:443$request_uri;
}
}
Any help/assistance is greatly appreciated at this point.
