[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] RaQ4r -SSL not running - leading to no /admin redirect?
- Subject: RE: [cobalt-users] RaQ4r -SSL not running - leading to no /admin redirect?
- From: "Dan Horning" <dan@xxxxxx>
- Date: Mon Dec 2 11:15:00 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Hey
It looks like you might have deleted the mod.rewrites within the
httpd.conf
look at a working one... and you'll probably find the code is missing
from the site you are trying to get to
Dan
------
Email: info@xxxxxx
------
Online on
AIM - crewpassguy (or dsoundmn1 for emergencies)
ICQ - 14308614
MSN - dan@xxxxxx
YIM - crewpassguy
-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx] On Behalf Of JIgou@xxxxxxxxx
Sent: Monday, December 02, 2002 2:07 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: [cobalt-users] RaQ4r -SSL not running - leading to no /admin
redirect?
I have two issues with a RaQ4R that I'm sure are related: I cannot
access
the admin GUI, nor can I access a secure site that I have set up on the
machine. (Actually, I can access the secure site as long as I don't try
https - http works just fine.)
History: all patches are up to date. Machine was rock-solid until now.
Only
change has been turning on SSL a couple months ago. Thawte certificate
successfully installed 1 month ago, worked just fine for several days -
likely a few weeks. (Site is not currently live, so I'm not positive
when
it stopped working - the secure portion has not been accessed daily.)
I cannot currently access the admin GUI of the server by utilizing the
standard http://domain/admin URL; I get a "File Not Found: The requested
URL was not found on this server" error. Pointing my web browser to
http://domain:81/.cobalt/sysManage/index.html, I can access the admin
GUI
just fine.
If I'm correct, the server tries (automatically) to use https to access
the
admin pages once a secure cert is installed, correct? That could be part
of
the above issue. The rest of it is the fact that SSL appears not start.
>From an SSH session:
[root /]# /etc/rc.d/init.d/admserv status
ahttpd dead but subsys locked
[root /]# /etc/rc.d/init.d/admserv start
Starting admin web server:
Invalid certificates for main site -- Not starting SSL
/usr/sbin/httpd.admsrv
killall doesn't help; neither does a server reboot. As soon as the start
command is issued, I can do a "status" again, and it says admserv is
dead.
Additionally, when I look through /var/log/httpd/adm_error, I see the
"Invalid certificates for main site -- Not starting SSL" messages from
as
far back as 2 years ago, then apparently stopping after a couple of
patches
were installed a year ago....so I don't know how much that error helps.
It
is resident in the last day or so, as I've been fighting with the
machine.
The notice in adm_error when I issue the "admserv start" command:
Apache/1.3.20 Sun Cobalt (Unix) mod_ssl/2.8.4 OpenSSL/0.9.6b
mod_auth_pam_external/0.1 mod_perl/1.25 configured -- resuming normal
operations
The only other error I saw:
[Mon Dec 2 10:40:54 2002] [crit] (98)Address already in use: make_sock:
could not bind to port 444
(I assume this is the admin webserver trying to set up a listener for
the
admin GUI interface, and it is failing because SSL isn't
running....which
is also why I can't access the GUI via the /admin URL ).
(Additional troubleshooting stuff included at end of this message **)
A week ago, the machine stopped serving up pages entirely (admserv and
httpd were dead); ftp, ssh etc. connections worked just fine. I ended up
rebooting it, and everything appeared to be OK. (I didn't have the
foresight to check the SSL site at that time - it's entirely possible
SSL
did NOT come back up.)
Rebooting the server has no effect at this time; httpd comes up just
fine,
but the admserv and the SSL portions don't.
There is only one certificate installed on this machine, on a virtual
site.
The IP for that virtual site is not shared with any other sites on the
machine.
Any thoughts on where I should look next? I searched for solutions as
best
I could, but didn't find anything other than unchecking/rechecking the
"Enable SSL" box on the site itself, or perhaps hitting "Save Changes"
on
the certificate admin page. (If I do either of these, will I hose my
certificate? I DO have the cert backed up....)
Thanks in advance!!
Jarrod
jigou@xxxxxxxxx
** Additional stuff that may or may not help (run today, December 2):
[root /]# ps auxw | grep admserv ahttpd
[root /]
(Nothing shows up)
[root /]# ps auxw | grep admserv
root 604 0.0 1.1 7596 5780 ? S Nov27 0:01
/usr/sbin/httpd.admsrv -f /etc/admserv/conf/httpd.conf
root 626 0.0 1.2 8200 6368 ? S Nov27 0:31
/usr/sbin/httpd.admsrv -f /etc/admserv/conf/httpd.conf
root 778 0.0 1.1 8200 5708 ? S Nov27 0:28
/usr/sbin/httpd.admsrv -f /etc/admserv/conf/httpd.conf
root 783 0.0 1.2 8200 6392 ? S Nov27 0:31
/usr/sbin/httpd.admsrv -f /etc/admserv/conf/httpd.conf
root 876 0.0 1.2 8184 6376 ? S Nov27 0:29
/usr/sbin/httpd.admsrv -f /etc/admserv/conf/httpd.conf
[root /]# netstat -a
Proto Recv-Q Send-Q Local Address Foreign Address
State
tcp 0 0 *:www *:*
LISTEN
tcp 0 0 blah:ssh blah:8120 ESTABLISHED
tcp 0 1 blah:2233 blah:smtp SYN_SENT
tcp 0 0 *:smtp *:*
LISTEN
tcp 0 0 *:81 *:*
LISTEN
tcp 0 0 *:snpp *:*
LISTEN
tcp 0 0 *:ssh *:*
LISTEN
[-- DNS connections deleted --]
tcp 0 0 localhost:domain *:*
LISTEN
tcp 0 0 *:imap2 *:*
LISTEN
tcp 0 0 *:pop3 *:*
LISTEN
tcp 0 0 *:ftp *:*
LISTEN
udp 0 0 *:1024 *:*
udp 0 0 localhost:domain *:*
raw 0 0 *:tcp *:* 7
raw 0 0 *:icmp *:* 7
raw 0 0 *:tcp *:* 7
_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users