Force SSL failure



  • I was looking to force SSL and found that you can run the install with a -S. I attempted this and had an error restarting apache

    * Setting up SSL FOG Server...................................OK
    * Restarting Apache2 for fog vhost............................Failed!
    

    Upon looking into the problem I found that line 9 of the apache conf for fog had a syntax error

    Sep 20 14:39:38 Fog-Dev apache2[18425]: AH00526: Syntax error on line 9 of /etc/apache2/sites-enabled/001-fog.conf:
    Sep 20 14:39:38 Fog-Dev apache2[18425]: Invalid command '-e<VirtualHost', perhaps misspelled or defined by a module not included in th
    

    Looking into the config file I found this trainwreck.

    -e<VirtualHost *:443>\n\tKeepAlive Off\n\tServername 192.168.76.169\n\tDocumentRoot /var/www/html/\n\tSSLEngine On\n\tSSLProtocol all -SSLv3 -SSLv2\n\tSSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA\n\tSSLHonorCipherOrder on\n\tSSLCertificateFile /var/www/html/fog//management/other/ssl/srvpublic.crt\n\tSSLCertificateKeyFile /opt/fog/snapins/ssl//.srvprivate.key\n\tSSLCertificateChainFile /var/www/html/fog//management/other/ca.cert.der\n</VirtualHost>
    

    I can manually fix this(I think), but the install script should have this fixed.
    EDIT1:
    Update functions.sh. It’s missing a space.

    sed -i 's/-e"/-e "/' trunk/lib/common/functions.sh
    

    EDIT2:
    After the update to functions.sh it successfully starts apache, but now has and error backing up the database.

    * Resetting SSL Permissions...................................OK
    * Setting up SSL FOG Server...................................OK
    * Restarting Apache2 for fog vhost............................OK
    * Changing permissions on apache log files....................OK
    * Backing up database.........................................Failed!
    


  • @Tom-Elliott the backup was my fault. To gain access to the internet I have to swap cables. When I did the “real” dhcp server gave that server a different ip. The database had the old info.


  • Senior Developer

    The failed to backup could be any number of things, but it’s most likely the problem of the db not already existing. I don’t know for sure though.

    That said, I did fix the -e issue, thank you.


  • Moderator

    @sbenson if you just run ./installfog.sh it always tells you to go to the web interface. The db’s schema doesn’t change with every update. If you would rather skip that, you can simply run the installer as ./installfog.sh -y



  • Ok, so there MIGHT be another issue with SSL and upgrading. I am running the upgrade and it says to go to http://192.168.76.10/fog/management to complete the schema upgrade.

    upon doing so I get a “this connection is not secure”. I add the cert and it takes me to the standard dashboard. nothing that updates the schema. I am not sure if the update only shows up when there are actually changes that need to be made or not.

    Edit: But it looks like my old IP is still listed inside the database.



  • @Wayne-Workman

    Turning on debugging and I found this

    * Backing up database.........................................+ return 0
    + [[ -d /home//fog_web_1.3.0-RC-10.BACKUP ]]
    + [[ ! -d /home//fogDBbackups ]]
    ++ date +%Y%m%d_%I%M%S
    + wget --no-check-certificate -O /home//fogDBbackups/fog_sql_1.3.0-RC-10_20160920_031708.sql http://192.168.76.169//fog//maintenance/backup_db.php '--post-data=type=sql&fogajaxonly=1'
    + errorStat 4
    + local status=4
    + [[ 4 != 0 ]]
    + echo 'Failed!'
    Failed!
    + [[ -z '' ]]
    + exit 1
    

    http://192.168.76.169/fog/status/bandwidth.php?type=sql&fogajaxonly=1 is unable to connect
    where
    http://127.0.0.1/fog/status/bandwidth.php?type=sql&fogajaxonly=1 does work, but provides back

    {"dev":"Unknown","rx":0,"tx":0}
    

    EDIT: This is my fault. I am in a devel environment and I am swapping cables as to not mess up the current DHCP server(overlapping ranges, etc). It looks like my IP has changed. The database issue is on my end



  • define('FOG_VERSION', '1.3.0-RC-10');
            define('FOG_SCHEMA', 234);
            define('FOG_BCACHE_VER', 100);
    -        define('FOG_SVN_REVISION', 5954);
    +        define('FOG_SVN_REVISION', 5955);
            define('FOG_CLIENT_VERSION', '0.11.5');
    

  • Moderator

    what version of FOG? Tom may have already fixed this.

    Run the installer as snmysqlhost='127.0.0.1' ./installfog.sh -y and see if that works. If so, edit the /opt/fog/.fogsettings file and modify snmysqlhost=


Log in to reply
 

326
Online

38725
Users

10554
Topics

99911
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.