Deadringers
Dabbler
- Joined
- Nov 28, 2016
- Messages
- 41
Hey all,
So I enabled HTTPS and uploaded a Cert and then pressed save.
As of now the GUI loads up the login screen, but does not allow any logins.
In /var/log/messages I see the following:
Going through this the first issue I see is:
Looking in that directory I can only see "openssl.cnf.sample" as far as files go...
Should the system have generated an openssl.cnf file?
The next major issue that jumps out is this:
Looking through my nginx conf file I don't see anything that is that wrong...but then again I'm not 100% sure what's meant to be there as I didn't build it.
The only thing is perhaps the "local host" part instead of the DNS name I actually provided it, but unsure...
Here is the config file:
Any help/assistance is greatly appreciated at this point.
So I enabled HTTPS and uploaded a Cert and then pressed save.
As of now the GUI loads up the login screen, but does not allow any logins.
In /var/log/messages I see the following:
Code:
Feb 6 15:20:12 freenas manage.py: [system.forms:1024] Fingerprint of the certificate used in the GUI: 75:86:D4:05:78:57:90:98:E9:38:AE:B0:5B:92:CC:44:3B:7B:6F:46 Feb 6 15:20:13 freenas notifier: Stopping ntpd. Feb 6 15:20:13 freenas ntpd[2538]: ntpd exiting on signal 15 (Terminated) Feb 6 15:20:13 freenas notifier: Waiting for PIDS: 2538. Feb 6 15:20:13 freenas notifier: Starting ntpd. Feb 6 15:20:13 freenas ntpd[1049]: ntpd 4.2.8p9-a (1): Starting Feb 6 15:20:13 freenas notifier: WARNING: can't open config file: /usr/local/openssl/openssl.cnf Feb 6 15:20:13 freenas notifier: Performing sanity check on nginx configuration: Feb 6 15:20:13 freenas notifier: nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (2: No such file or directory) Feb 6 15:20:13 freenas notifier: nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok Feb 6 15:20:13 freenas notifier: 2017/02/06 15:20:13 [emerg] 1179#101550: open() "/var/log/nginx/access.log" failed (2: No such file or directory) Feb 6 15:20:13 freenas notifier: nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed Feb 6 15:20:13 freenas notifier: Stopping django. Feb 6 15:20:14 freenas notifier: Waiting for PIDS: 3358.
Going through this the first issue I see is:
Code:
notifier: WARNING: can't open config file: /usr/local/openssl/openssl.cnf
Looking in that directory I can only see "openssl.cnf.sample" as far as files go...
Should the system have generated an openssl.cnf file?
The next major issue that jumps out is this:
Code:
nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed
Looking through my nginx conf file I don't see anything that is that wrong...but then again I'm not 100% sure what's meant to be there as I didn't build it.
The only thing is perhaps the "local host" part instead of the DNS name I actually provided it, but unsure...
Here is the config file:
Code:
# # FreeNAS nginx configuration file # user www www; worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; # reserve 1MB under the name 'proxied' to track uploads upload_progress proxied 1m; sendfile on; #tcp_nopush on; client_max_body_size 800m; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; #upload_store /var/tmp/firmware; client_body_temp_path /var/tmp/firmware; server { server_name localhost; listen 172.16.11.230:443 default_server ssl http2; listen [::]:443 default_server ssl http2; ssl_certificate "/etc/certificates/freenasmanagement.crt"; ssl_certificate_key "/etc/certificates/freenasmanagement.key"; ssl_dhparam "/data/dhparam.pem"; ssl_session_timeout 120m; ssl_session_cache shared:ssl:16m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EDH+aRSA:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS; add_header Strict-Transport-Security max-age=31536000; ## TODO: OCSP Stapling #ssl_stapling on; #ssl_stapling_verify on; #resolver ; #ssl_trusted_certificate ; location / { include fastcgi_params; fastcgi_pass 127.0.0.1:9042; fastcgi_pass_header Authorization; fastcgi_intercept_errors off; fastcgi_read_timeout 600m; #fastcgi_temp_path /var/tmp/firmware; fastcgi_param HTTPS $https; # track uploads in the 'proxied' zone # remember connections for 30s after they finished track_uploads proxied 30s; } location /progress { # report uploads tracked in the 'proxied' zone report_uploads proxied; } location /dojango { alias /usr/local/www/freenasUI/dojango; } location /static { alias /usr/local/www/freenasUI/static; add_header Cache-Control "must-revalidate"; add_header Etag "FreeNAS-9.10.2-U1 (86c7ef5)"; } location /reporting/graphs { alias /var/db/graphs; } location /dojango/dojo-media/release/1.11.1 { alias /usr/local/www/dojo; } location /api/docs { proxy_pass http://localhost:8001; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; proxy_set_header X-Script-Name /api/docs; } location /docs { alias /usr/local/www/data/docs; } location /websocket { proxy_pass http://127.0.0.1:6000/websocket; proxy_http_version 1.1; proxy_set_header X-Real-Remote-Addr $remote_addr; proxy_set_header X-Real-Remote-Port $remote_port; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /api/v2.0 { proxy_pass http://127.0.0.1:8002/api/v2.0; proxy_http_version 1.1; proxy_set_header X-Real-Remote-Addr $remote_addr; proxy_set_header X-Real-Remote-Port $remote_port; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } #include plugins.conf; } server { listen 172.16.11.230:80; listen [::]:80; server_name localhost; return 307 https://$host:443$request_uri; } }
Any help/assistance is greatly appreciated at this point.